The Agent Skills Directory

[SAFE]: The skill provides functional scripts and documentation for legitimate security testing of Android applications.
[PROMPT_INJECTION]: The skill has a surface for indirect prompt injection by processing external findings from analyzed APKs. 1. Ingestion points: scripts/agent.py and scripts/process.py read results from the MobSF API. 2. Boundary markers: No delimiters are used to wrap the finding content. 3. Capability inventory: No dynamic execution or high-risk capabilities are triggered by the report data. 4. Sanitization: Findings are processed as raw strings. The risk is minimal as the findings are for informational display.
[SAFE]: External dependencies like the requests library and MobSF Docker images are from well-known and trusted sources.
[SAFE]: No obfuscation, data exfiltration, or malicious persistence mechanisms were identified.

performing-android-app-static-analysis-with-mobsf