Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to help Android reverse engineering and its included scripts (frida, adb, frida-dexdump, apktool, jadx references) are consistent with that purpose. However, registry metadata lists no required binaries or environment variables even though the scripts require adb, frida/frida-server, frida-dexdump, apktool and a host with adb access — the omission is an incoherence that could mislead users about what the skill actually needs.
Instruction Scope
SKILL.md is minimal but the included scripts (Start-frida-server.sh, Dexdump.sh, Extract-Installation-Package.sh, Spawn/Attach scripts, Extract-AndroidManifest.xml.sh, frida JS hooks) instruct actions that attach to or spawn processes on Android devices, forward ports, and pull APKs to the host. These actions are within the stated reversing purpose. There are no obvious instructions to read unrelated host secrets or to transmit data to external endpoints, but the scripts will run arbitrary adb/frida commands and pull APKs locally — which is powerful and can be misused if run on sensitive devices.
Install Mechanism
There is no install spec (instruction-only plus bundled scripts), so nothing is downloaded or executed at install time by the platform. The skill will execute local shell commands when invoked; this is lower installer risk but shifts risk to runtime execution.
Credentials
No environment variables or credentials are declared, which superficially looks safe. But scripts implicitly depend on host tools and paths (adb, frida, frida-dexdump, apktool, $HOME/.claude/skills path) and expect device root (Start-frida-server uses su on the device). The lack of declared required binaries is disproportionate to the skill's real needs and may hide operational prerequisites or accidental failures.
Persistence & Privilege
The skill is not always:true and does not request persistent system-wide privileges. It contains scripts that the agent can invoke (disable-model-invocation is false), so an agent could run these scripts if allowed — this is expected for skills that perform operations. There is no evidence the skill modifies other skills or system-wide agent config.
What to consider before installing
This skill appears to be a toolbox for Android reverse engineering (frida, adb, dexdump, apktool). Before installing: 1) Verify and trust the source (homepage unknown; README points to a GitHub repo). 2) Expect to need adb, frida (and frida-server on a rooted device), frida-dexdump and apktool installed on the host — the skill metadata does not declare these prerequisites. 3) Review the provided scripts (they run adb shell, su on the device, forward ports, and adb pull APKs) and only run them against devices you control and with consent. 4) If you plan to allow autonomous agent invocation, be aware the agent could run these scripts and interact with connected devices; restrict use to trusted agents/environments. 5) If you want to proceed, ask the publisher to update the metadata to declare required binaries and to provide a trusted homepage or signed release so you can verify integrity.Like a lobster shell, security has layers — review code before you run it.
latestvk9753neeafmnx53wsbfwpkbqh183kkrv
License
MIT-0
Free to use, modify, and redistribute. No attribution required.