mobile-security
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches updated tools and security resource lists from the author's official GitHub repository at github.com/gmh5225/awesome-game-security.- [COMMAND_EXECUTION]: Utilizes various CLI tools for mobile analysis, including apktool, jadx, and apkid, for decompilation and protection identification.- [PROMPT_INJECTION]: Indirect prompt injection surface detected.
- Ingestion points: Remote README.md file fetched and referenced from an external GitHub repository.
- Boundary markers: No explicit delimiters or instructions are provided to the agent to treat the fetched content as untrusted data.
- Capability inventory: Shell command execution (apktool, jadx), dynamic instrumentation (Frida scripts), and direct memory manipulation via C snippets.
- Sanitization: The skill lacks mechanisms to sanitize or validate the external content before processing it for tool or implementation references.
Audit Metadata