AgentReadyHomeAgent Listing

← android-development (claude-android-skill)

android-development (claude-android-skill) — agentic threat model

7.0AIVSS 7.0 · High

This agent acts as a specialized code generator and architectural guide for Android development. Its primary risk lies in the potential generation of insecure code patterns, dependency vulnerabilities, or malicious scaffolding if its underlying model or prompt templates are compromised.

OWASP AIVSS score rationale

AIVSS = (CVSS_Base + AARS) × Mitigation_Factor, where AARS = (10 − CVSS_Base) × (Factor_Sum / 10) × ThM
CVSS base 6.3AARS uplift 0.74Factor sum 2.0/10Threat ×1.0Mitigation ×1.0
Autonomy of Action
0.20
Goal-Driven Planning
0.30
Self-Modification
0.00
Dynamic Tool Use
0.20
Persistent Memory
0.10
Contextual Awareness
0.40
Dynamic Identity
0.00
Multi-Agent Interactions
0.00
Non-Determinism
0.50
Opacity & Reflexivity
0.30

Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.

MAESTRO 7-layer threat model

Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.

L1 · Foundation Models✓ mapped

Utilizes Claude-based foundation models. Vulnerable to prompt injection that could bypass architectural guardrails, leading to the generation of insecure Kotlin code, hardcoded secrets, or vulnerable dependency configurations.

L2 · Data Operations⚠ not certain from listing

Not certain from the listing — relies on reference data modeled on Google's NowInAndroid. If this reference knowledge base or vector store is poisoned, the agent will systematically recommend insecure architectural patterns or outdated, vulnerable library versions.

L3 · Agent Frameworks✓ mapped

The agent framework orchestrates code scaffolding and project editing. If the tool integration lacks strict path-traversal checks, malicious inputs could force the agent to overwrite critical system files outside the target Android project directory.

L4 · Deployment & Infrastructure⚠ not certain from listing

Not certain from the listing — the deployment environment of the skill is unspecified. If run locally or in an unsandboxed IDE plugin environment, compromised code generation could lead to local arbitrary code execution during project compilation.

L5 · Evaluation & Observability⚠ not certain from listing

Not certain from the listing — there is no mention of real-time monitoring, output scanning, or AST-based code validation to ensure generated Android scaffolding does not contain security anti-patterns before delivery.

L6 · Security & Compliance (cross-cutting)⚠ not certain from listing

Not certain from the listing — lacks explicit security controls, licensing compliance checks for generated code, or developer identity verification mechanisms within the skill definition.

L7 · Agent Ecosystem✓ mapped

Operates as a single-purpose skill. There is no evidence of multi-agent coordination or marketplace integration, limiting ecosystem-level cascading risks.

MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).