Skills
skills/pratos/clanker-setup/adb-ui-tree/Gen Agent Trust Hub

adb-ui-tree

Warn

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION] (MEDIUM): The skill uses adb shell and adb pull to execute commands on a connected Android device and retrieve files. This provides the agent with direct access to the device's operating system environment and filesystem.
  • [DATA_EXFILTRATION] (MEDIUM): The skill captures screenshots (adb exec-out screencap) and UI dumps (uiautomator dump). This represents a significant risk of exposing sensitive user data (PII), such as credentials, personal messages, or financial information, depending on what is displayed on the screen during execution.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill ingests and potentially analyzes untrusted data from the device, including UI XML files and logcat logs. Malicious applications could inject instructions into UI text or system logs to manipulate the agent's behavior.
  • Ingestion points: ui.xml, adb logcat output.
  • Boundary markers: None identified.
  • Capability inventory: adb shell execution, file pulling via adb pull.
  • Sanitization: None identified.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 20, 2026, 01:24 PM