android-signing-config
Fail
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill extracts cleartext passwords from a project file (
keystores/KEYSTORE_INFO.txt) and appends them to the user's global~/.gradle/gradle.propertiesfile. This practice exposes sensitive credentials in a persistent, potentially insecure location on the filesystem.\n- [COMMAND_EXECUTION]: The skill dynamically generates and executes shell commands that include a user-providedPREFIX. There is no validation or sanitization of this input, which allows an attacker to perform command injection by providing a malicious prefix (e.g.,APP; malicious_command).\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its processing of local project files.\n - Ingestion points: Reads data from
settings.gradle.ktsandkeystores/KEYSTORE_INFO.txt.\n - Boundary markers: No delimiters or safety warnings are implemented when processing the content of these files.\n
- Capability inventory: The skill can read/write files and execute shell commands and the Gradle wrapper.\n
- Sanitization: No sanitization is applied to the project name extracted from Gradle files or the user-defined prefix before they are used in sensitive operations.
Recommendations
- AI detected serious security threats
Audit Metadata