conducting-mobile-app-penetration-test

SUSPICIOUS: The skill is internally consistent with its stated purpose as a mobile app penetration-testing guide, using mostly official/common tools and no obvious credential-harvesting or covert exfiltration path. However, it grants an AI agent high-risk offensive security capabilities—bypassing biometrics, TLS pinning, root detection, runtime hooks, tampering, and API interception—so the overall risk is high even though the behavior is not deceptive or clearly malicious.