android-gradle-build-logic
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill instructions align with standard Android development practices and focus on build configuration and maintenance.
- [COMMAND_EXECUTION]: The skill references the execution of
./gradlewand a Python evaluation script (scripts/eval_triggers.py). These are standard commands for building Android applications and testing skill triggers in a local environment. No suspicious or high-risk command patterns (e.g., sudo, chmod 777) were found. - [PROMPT_INJECTION]: The workflow instructions are professional and technical. There are no attempts to bypass safety filters, extract system prompts, or override agent constraints.
- [EXTERNAL_DOWNLOADS]: The skill provides links to official Android and Gradle documentation. It does not perform automated remote code execution or downloads from untrusted sources.
- [DATA_EXFILTRATION]: No hardcoded credentials or commands that access sensitive files (like SSH keys or AWS configs) were identified.
Audit Metadata