Skills
skills/harishwarrior/flutter-claude-skills/owasp-mobile-security-checker/Gen Agent Trust Hub

owasp-mobile-security-checker

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/check_dependencies.py executes the flutter CLI (or fvm flutter) to analyze package versions. This is implemented using subprocess.run with a fixed argument list and without a shell, which is a secure method for executing expected system tools.
  • [SAFE]: The skill uses yaml.safe_load() in scripts/check_dependencies.py to parse project configuration files, preventing potential YAML-based deserialization attacks.
  • [SAFE]: All automated scanners included in the skill (secrets, dependencies, network, and storage) operate locally and do not transmit analyzed data to any remote servers.
  • [SAFE]: The code implements appropriate safeguards for handling untrusted user input, such as using shutil.which to resolve executable paths and avoiding shell interpolation in command execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 07:29 PM