The Agent Skills Directory

[SAFE]: The skill code and instructions are transparent and follow standard malware analysis workflows. All scripts are provided in plain text and perform expected analytical tasks.
[EXTERNAL_DOWNLOADS]: The skill references the official GitHub repository for JADX (github.com/skylot/jadx) and mentions standard Android development tools. These are well-known and trusted sources in the security community.
[PROMPT_INJECTION]: The skill involves processing untrusted data from Android APK files, creating a surface for indirect prompt injection (Category 8).
Ingestion points: APK metadata (via aapt2/androguard) and decompiled Java source code (via JADX).
Boundary markers: The agent is not explicitly instructed to ignore instructions that might be embedded within the malware's code comments or strings.
Capability inventory: Subprocess execution of analysis tools (aapt2, apktool, jadx), file system operations, and Python-based data processing.
Sanitization: The provided Python scripts extract and print strings from the malware without specific sanitization against control characters, although this is standard practice for analysis tools.

reverse-engineering-android-malware-with-jadx