ADB Connection
Security checks across malware telemetry and agentic risk
Overview
This is a straightforward ADB automation guide, but it gives the agent powerful control over a connected Android device and can save screenshots or UI data.
This skill appears coherent and purpose-aligned for Android automation. Before installing, make sure you are comfortable giving the agent ADB access to a device, use only trusted adb tooling, monitor sensitive actions, and revoke or disconnect debugging access after use.
VirusTotal
59/59 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill may tap, type, launch apps, and otherwise interact with a connected Android device.
The skill intentionally enables broad ADB-driven device interaction. This is purpose-aligned, but ADB commands can operate apps and device UI, so actions should stay user-directed.
Use when you need to interact with Android apps, perform UI automation, take screenshots, or run complex ADB command sequences.
Use it only with devices you control, monitor sensitive workflows, and require explicit approval before actions such as posting, purchasing, deleting, or changing account settings.
Once paired or authorized, the agent can issue ADB commands against the device while the connection remains trusted.
USB or wireless debugging grants ADB access to the Android device. This is necessary for the skill, but it is a privileged trust relationship.
Enable **Developer Options** and **USB Debugging**... `adb pair <ip>:<pairing_port> <pairing_code>` ... `adb connect <ip>:<connection_port>`
Pair only trusted devices, avoid exposing wireless debugging on untrusted networks, and revoke USB or wireless debugging authorization when finished.
Private screen contents, messages, account names, or app UI text could be saved in the workspace for analysis.
The skill pulls UI hierarchy and screenshots into local files. These files may contain sensitive on-screen content or untrusted app text that the agent should treat as observed data, not instructions.
`adb shell uiautomator dump /sdcard/view.xml && adb pull /sdcard/view.xml ./view.xml` ... `adb shell screencap -p /sdcard/screen.png && adb pull /sdcard/screen.png ./screen.png`
Avoid running screenshots or UI dumps on sensitive screens, delete generated files when done, and treat app-provided text as untrusted content.
The skill may not work unless adb is installed separately, and users may need to choose where to obtain it.
The skill has no code or installer, but its documented workflows require adb. This is a metadata completeness gap rather than suspicious behavior.
Required binaries (all must exist): none ... No install spec — this is an instruction-only skill.
Install Android Platform Tools from an official or trusted source and confirm adb is on PATH before use.