android-adb
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill provides templates for raw shell access to Android devices via
adb shell <command>. This is the intended purpose of the skill, but it creates a significant capability surface if the calling agent provides unvalidated user input. - [DATA_EXFILTRATION] (SAFE): While the skill includes commands to pull files and capture screenshots (
adb pull,screencap), there is no code present to transmit this data to external or untrusted servers. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill is susceptible to indirect injection through the processing of untrusted device data (e.g., UI hierarchy dumps and app list outputs).
- Ingestion points: XML UI dumps (
uiautomator dump), package lists (pm list packages), and foreground app metadata (dumpsys window). - Boundary markers: Absent; the skill does not define delimiters for device-provided data.
- Capability inventory: File system read/write (
adb push/pull), app installation (adb install), and raw shell execution (adb shell). - Sanitization: Absent; the skill does not include logic to escape or validate data retrieved from the device before further processing.
Audit Metadata