Claude Code skill for Android APK reverse engineering — apktool, jadx, Frida workflows.
A skill bundle that teaches Claude how to do real Android reverse engineering: unpack APKs, decompile to Java with jadx, patch smali, hook with Frida. It chains the right tools instead of one-shotting jadx and giving up.
使うタイミング: You need to inspect a Flutter/OkHttp app's traffic and pinning blocks Burp.
前提条件
Server/skill installed and authenticated — See repo README
フロー
Identify pinning
Decompile target.apk and find all references to TrustManager / CertificatePinner / Flutter's HttpClient.✓ コピーしました
→ List of hooks to patch
Patch + Frida
Generate a Frida script that no-ops checkServerTrusted across both Java and Flutter paths.✓ コピーしました
→ Frida .js + run command
結果: Working MITM channel on a test target you own.
注意点
Reversing apps you don't have rights to is illegal in most jurisdictions. The skill assumes you've documented authorization. — Reversing apps you don't have rights to is illegal in most jurisdictions. The skill assumes you've documented authorization.
コストと制限
運用コスト
APIクォータ
See provider docs for rate limits
呼び出しあたりのトークン
Varies by tool
金額
See repo README for pricing details
ヒント
Cache tool results and avoid repeated identical calls.
セキュリティ
権限、シークレット、影響範囲
認証情報の保管: Use environment variables; never commit secrets
データ送信先: Tool calls go to the provider's API as documented
トラブルシューティング
よくあるエラーと対処法
apktool fails to unpack
Use the latest apktool (≥2.9). Older versions miss new resource tables.
確認: apktool --version ≥ 2.9
repack signs but won't install
Use uber-apk-signer with --allow-resign and target the right SDK level.