Skills
skills/jd-opensource/joysafeter/pentest-mobile-app/Gen Agent Trust Hub

pentest-mobile-app

Fail

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • COMMAND_EXECUTION (HIGH): The adb_command tool in references/tools.md provides a direct interface for the agent to execute arbitrary shell commands on Android devices, including root shells. Similarly, objection_explore and drozer_scan take command strings that are executed via CLI, posing a high risk if inputs are influenced by malicious data.
  • REMOTE_CODE_EXECUTION (HIGH): The frida_hook function in references/tools.md allows the agent to execute arbitrary JavaScript within a target process on the mobile device. This provides a direct path for remote code execution (RCE) on the testing target.
  • PROMPT_INJECTION (LOW): The skill processes untrusted mobile application binaries and their metadata, creating a surface for indirect prompt injection. Evidence Chain: 1. Ingestion points: mobsf_scan and jadx_decompile ingest APK/IPA files (references/workflows.md). 2. Boundary markers: No explicit boundaries or instructions to ignore instructions embedded in the analyzed code are present. 3. Capability inventory: The agent has high-privilege access to the target device via adb and frida. 4. Sanitization: No sanitization of strings extracted from the binaries is performed before they are processed by the agent.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 18, 2026, 03:02 PM