ClawHub

MiniMax Android Dev

v1.0.0

Android native application development and UI design guide. Covers Material Design 3, Kotlin/Compose development, project configuration, accessibility, and b...

0· 50·0 current·0 all-time
by@daidai8910g
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Android native app development, Material3, Kotlin/Compose, build troubleshooting) match the SKILL.md content. The guide references project files, Gradle, build variants, Compose dependencies and other Android-specific config — all expected for this purpose.
Instruction Scope
Instructions stay within Android development tasks (init projects, edit gradle.properties, run ./gradlew, install via adb, configure flavors, manage dependencies). This is appropriate. One important operational risk: the guide tells the agent to run build/install commands (./gradlew, adb). Executing Gradle in an untrusted project can run arbitrary build scripts or tasks, so allowing the agent to execute those commands on your machine/workspace could run arbitrary code from the project. This is a contextual risk, not an incoherence.
Install Mechanism
No install spec and no code files — instruction-only. Nothing is downloaded or written by the skill itself, so there is no installer risk from the skill package.
Credentials
The skill declares no required environment variables, no credentials, and no config paths. The guide mentions example API URLs and buildConfigFields (placeholders like https://api.example.com); it does not request secrets. This is proportionate to the stated functionality.
Persistence & Privilege
always:false and default invocation settings. The skill does not request persistent presence or modify other skills or system-wide settings. Autonomous model invocation is allowed (platform default) but not elevated by this skill.
Assessment
This skill is coherent with its Android dev purpose and doesn't request credentials or install code. Before letting an agent act on these instructions, remember: building or running an Android project (./gradlew, adb install, custom Gradle tasks) executes code contained in that project — if the project is untrusted, that can run arbitrary commands. If you will allow the agent to perform builds or installs, restrict it to trusted project directories, review Gradle scripts and custom tasks first, and avoid storing secrets in plain gradle.properties or BuildConfig fields. If you are uncomfortable with any autonomous build/run actions, keep autonomous invocation disabled or run the commands yourself after reviewing changes.

Like a lobster shell, security has layers — review code before you run it.

androidvk979qk53w5hskz4pk97wqcv7vn84174zdevelopmentvk979qk53w5hskz4pk97wqcv7vn84174zlatestvk979qk53w5hskz4pk97wqcv7vn84174zminimaxvk979qk53w5hskz4pk97wqcv7vn84174zofficialvk979qk53w5hskz4pk97wqcv7vn84174z

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments