conducting-mobile-app-penetration-test

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly issues HTTP requests to arbitrary backend URLs (see scripts/agent.py functions test_api_endpoints and test_certificate_pinning which call requests.get against the user-supplied --api-url and specific endpoints, and the SKILL.md Network Security Testing step describing API traffic analysis), so untrusted third‑party responses are ingested and used to mark auth_bypass/pinning_bypassed and influence findings.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). The skill explicitly instructs bypassing security controls (certificate pinning, root/jailbreak detection), using rooting/jailbreaking tools (Magisk, Frida, Objection), accessing protected device directories (e.g. /data/data) and installing certificates/re-signed apps — all actions that modify the target device/emulator state and effectively push the agent to compromise the machine's security posture.