android-pdf-export
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses standard Android APIs (PdfDocument, Canvas) without external dependencies, minimizing the supply chain attack surface.
- [SAFE]: Sensitive data handling (Franchise/User info) is limited to the intended purpose of generating branded documents and is sourced from the application's local AuthManager.
- [SAFE]: File operations follow security best practices: filenames are sanitized using regex to prevent path traversal, and files are stored in the application's cache directory.
- [SAFE]: Document sharing is implemented via FileProvider, ensuring secure URI sharing with temporary read permissions instead of exposing raw file paths.
Audit Metadata