skills/mukul975/anthropic-cybersecurity-skills/performing-dynamic-analysis-of-android-app/Gen Agent Trust Hub
performing-dynamic-analysis-of-android-app
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill implements automated security workflows by executing external system commands through the Python
subprocessmodule. - Evidence in
scripts/agent.pyandscripts/process.pyshows the execution ofadb(Android Debug Bridge) for package management, file transfers, and runtime system inspection. - The skill also invokes CLI tools such as
objectionandfrida-psto perform high-level application exploration and process monitoring. - [REMOTE_CODE_EXECUTION]: The skill utilizes the Frida instrumentation framework to inject and execute dynamic JavaScript payloads into running Android application processes.
- In
scripts/agent.py, thecheck_ssl_pinningfunction spawns application processes and injects custom scripts to hook sensitive methods likeverifyChainandOkHostnameVerifier.verify. - The
scripts/process.pyfile uses Frida APIs to bypass root detection and certificate pinning by modifying the runtime behavior of the target application.
Audit Metadata