feature: add ANTI_SIDELOADING present/missing KB entries for Android#290
Conversation
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## master #290 +/- ##
=======================================
Coverage 94.48% 94.48%
=======================================
Files 5 5
Lines 290 290
=======================================
Hits 274 274
Misses 16 16 ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
![ostorlab-ai-pr-review[bot]](https://avatars.githubusercontent.com/in/1072062?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review Summary
Total Issues Found: 1
Critical Issues: 0
Suggestions: 1
Key Findings:
One suggestion-level finding: the security_issue field in Android _SECURE metadata entries is incorrectly set to true for positive security findings (protections that are present). This creates a semantic inconsistency with the iOS equivalent and may affect multiple Android entries across the repo. No critical or blocking issues were identified. Overall code quality is good; a repo-wide audit of the security_issue flag convention is recommended.
| "title": "Sideloading Detection Implemented", | ||
| "privacy_issue": false, | ||
| "security_issue": true, | ||
| "targeted_by_malware": false, |
There was a problem hiding this comment.
Consider setting security_issue to false for _SECURE entries. A _SECURE finding indicates the protection is present and the app is properly hardened — this is a positive result, not a security issue. The iOS equivalent _SECURE entry (IPA_ANTI_TAMPERING_DETECTED) uses "security_issue": false, which is semantically more correct. Note: the Android DYNAMIC_FRIDA_PROTECTION_PRESENT entry also has "security_issue": true, so this may be an ongoing inconsistency worth clarifying across the repo.
| "targeted_by_malware": false, | |
| "security_issue": false, |
2 participants
Adds two new Android KB entries for installation-source verification:
ANTI_SIDELOADING_MISSING(_HARDENING) — app does not verify its installer and runs normally when sideloaded.ANTI_SIDELOADING_PRESENT(_SECURE) — app detects a sideloaded installation and responds.