The Agent Skills Directory

[COMMAND_EXECUTION]: The file scripts/check_dependencies.py executes the flutter pub outdated --json command using the subprocess.run module. This is used to programmatically identify package versions and security gaps in the target Flutter project.
[EXTERNAL_DOWNLOADS]: During dependency checks, the flutter CLI tool communicates with the official Dart package repository (pub.dev) to retrieve version metadata. This is a functional requirement for auditing dependencies against remote registries.
[PROMPT_INJECTION]: The skill processes untrusted data from the mobile application files it audits, creating a surface for indirect prompt injection. Ingestion points: Multiple Python scripts in the scripts/ directory read and process all files within the provided project root. Boundary markers: No explicit delimiters are used to separate the scanned content from the analysis instructions. Capability inventory: The skill can execute the flutter CLI tool and write reports to the local filesystem. Sanitization: The scanned content is analyzed using regular expressions and is not executed or evaluated as code, which significantly mitigates the risk of the agent obeying malicious instructions embedded in the source files.

owasp-mobile-security-checker