HoangNguyen0403

Android Security

Standards for Data Encryption, Network Security, and Permissions

HoangNguyen0403 501 148 Updated 4mo ago

Resources

1
GitHub

Install

npx skillscat add hoangnguyen0403/agent-skills-standard/android-security

Install via the SkillsCat registry.

SKILL.md

Android Security Standards

Priority: P0 (CRITICAL)

Implementation Guidelines

Data Storage

  • Secrets: NEVER store API keys in code. Use EncryptedSharedPreferences for sensitive local data (Tokens).
  • Keystore: Use Android Keystore System for cryptographic keys.

Network

  • HTTPS: Enforce HTTPS via network_security_config.xml (cleartextTrafficPermitted="false").
  • Pinning: Consider Certificate Pinning for high-security apps.

Component Export

  • Exported: Explicitly set android:exported="false" for Activities/Receivers unless intended for external use.

Anti-Patterns

  • No Sensitive Logs: Strip logs in Release builds.
  • No Homebrew Root Detection: Use Play Integrity API instead.
  • No Raw URL String Concatenation: Use Uri.Builder or HttpUrl (OkHttp) to prevent parameter injection.

References

Related Topics

common/security-standards | architecture

Categories

API Dev Processing Security
GitHub

Install

npx skillscat add hoangnguyen0403/agent-skills-standard/android-security

Install via the SkillsCat registry.

Recommended Skills

Dicklesworthstone
apollo-security-basics by Dicklesworthstone
1.1K 3mo ago
Ed1s0nZ
security-automation by Ed1s0nZ
4K 4mo ago
sickn33
agentmail by sickn33
39.4K 1mo ago
mukul975
analyzing-network-packets-with-scapy by mukul975
13.4K 1mo ago
mukul975
analyzing-cobaltstrike-malleable-c2-profiles by mukul975
13.4K 1mo ago
mukul975
analyzing-kubernetes-audit-logs by mukul975
13.4K 1mo ago