← android-development (claude-android-skill)
android-development (claude-android-skill) — agentic threat model
This agent acts as a specialized code generator and architectural guide for Android development. Its primary risk lies in the potential generation of insecure code patterns, dependency vulnerabilities, or malicious scaffolding if its underlying model or prompt templates are compromised.
OWASP AIVSS score rationale
| Autonomy of Action | 0.20 | |
| Goal-Driven Planning | 0.30 | |
| Self-Modification | 0.00 | |
| Dynamic Tool Use | 0.20 | |
| Persistent Memory | 0.10 | |
| Contextual Awareness | 0.40 | |
| Dynamic Identity | 0.00 | |
| Multi-Agent Interactions | 0.00 | |
| Non-Determinism | 0.50 | |
| Opacity & Reflexivity | 0.30 |
Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.
MAESTRO 7-layer threat model
Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.
Utilizes Claude-based foundation models. Vulnerable to prompt injection that could bypass architectural guardrails, leading to the generation of insecure Kotlin code, hardcoded secrets, or vulnerable dependency configurations.
Not certain from the listing — relies on reference data modeled on Google's NowInAndroid. If this reference knowledge base or vector store is poisoned, the agent will systematically recommend insecure architectural patterns or outdated, vulnerable library versions.
The agent framework orchestrates code scaffolding and project editing. If the tool integration lacks strict path-traversal checks, malicious inputs could force the agent to overwrite critical system files outside the target Android project directory.
Not certain from the listing — the deployment environment of the skill is unspecified. If run locally or in an unsandboxed IDE plugin environment, compromised code generation could lead to local arbitrary code execution during project compilation.
Not certain from the listing — there is no mention of real-time monitoring, output scanning, or AST-based code validation to ensure generated Android scaffolding does not contain security anti-patterns before delivery.
Not certain from the listing — lacks explicit security controls, licensing compliance checks for generated code, or developer identity verification mechanisms within the skill definition.
Operates as a single-purpose skill. There is no evidence of multi-agent coordination or marketplace integration, limiting ecosystem-level cascading risks.
MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).