kotlin
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses official and trusted repositories including Google, Maven Central, and the Gradle Plugin Portal to resolve dependencies and plugins required for the Android build process.
- [COMMAND_EXECUTION]: The tooling section defines standard usage of the Gradle wrapper (./gradlew) for project tasks such as building, testing, linting, and formatting.
- [PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection by design.
- Ingestion points: Local project files and source code are accessed using the Read, Glob, and Grep tools.
- Boundary markers: The skill contains no instructions to ignore or delimit potentially untrusted instructions within the code it processes.
- Capability inventory: High-privilege tools including Bash (command execution), Write, and Edit (file modification) are available to the agent.
- Sanitization: There is no validation or sanitization of input data before it is processed or used to generate commands.
Audit Metadata