skills/takahirom/android-cli-ui-automation-skill/android-cli-ui-automation-skill/Snyk

android-cli-ui-automation-skill

Warn

Audited by Snyk on Apr 19, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.90). The skill's workflow explicitly launches arbitrary URLs on the device ("adb ... am start -a android.intent.action.VIEW -d ''" in SKILL.md/README) and directs the agent to observe WebView/browser page content via layout or screenshots, so the agent will ingest untrusted public webpage content that could carry instructions affecting its actions.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Apr 19, 2026, 09:30 AM

Issues

1