android-custom-icons
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions found that attempt to override agent safety guidelines or internal behavior. All instructions are focused on Android development standards.
- [Data Exposure & Exfiltration] (SAFE): The skill references standard Android resource directories (e.g., app/src/main/res/drawable/) but does not include any network operations or access to sensitive user credentials/secrets.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No external scripts, package installations (pip, npm), or remote execution patterns were found.
- [Indirect Prompt Injection] (SAFE): While the skill involves writing to files (PROJECT_ICONS.md) and generating code based on user input, it follows standard development patterns. There are no exploitable capability tiers like network access or shell execution associated with this skill.
- [Obfuscation] (SAFE): The content is clear and readable markdown with no hidden characters, encoding, or deceptive formatting.
Audit Metadata