android-networking-retrofit-okhttp
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface
- Ingestion points: The skill processes external API responses and network contracts as defined in its primary purpose in
SKILL.md. - Boundary markers: Explicit boundary markers for LLM context isolation are absent, though data transformation layers are recommended.
- Capability inventory: The skill includes commands to run local unit tests via Gradle and a Python evaluation script in
SKILL.mdandreferences/scenarios.md. - Sanitization: The skill mandates the use of typed models and explicit serializers over ad-hoc data structures (documented in Guardrails), which mitigates the risk of processing malicious payloads.
- [COMMAND_EXECUTION]: Local Tooling Execution
- The skill references standard Android development commands such as
./gradlew :app:testDebugUnitTestto verify networking implementations. - It utilizes a local Python script
scripts/eval_triggers.pyfor trigger evaluation, which is a common pattern for skill validation.
Audit Metadata