Plugin

decx

Name: decx
Author: jygzyc

Execute phased Android vulnerability analysis workflows using DECX: reconnaissance on APKs and frameworks to enumerate attack surfaces, deep tracing of WebView/IPC/Binder flows, exploitability screening with justifications, PoC app construction and deployment, plus bilingual Markdown reports from findings.

npx claudepluginhub jygzyc/decx --plugin decx

Component Overview

Agents

Skills

Hooks

Component Details

Agents (4)

decx-coverage

/decx-coverage

Coverage verification agent for DECX app vulnerability hunting. Checks that recon inventory and coverage rows stay aligned before deeper tracing or final reporting.

decx-recon

/decx-recon

Phase 2 recon agent for DECX vulnerability hunting. Builds the first structured inventory for APK or framework targets and writes recon artifacts only.

decx-report

/decx-report

Final reporting agent for DECX vulnerability hunting. Builds Markdown reports from `statically-supported` findings only and keeps call-chain semantics aligned with DECX report rules.

decx-trace

/decx-trace

Phase 3 or 4 trace agent for DECX vulnerability hunting. Traces one retained target or one method chain at a time and updates evidence artifacts.

Skills (6)

decx-subagent-analysis

/decx-subagent-analysis

Controller skill for DECX analyses that should be split into recon, trace, review, or PoC subagents while keeping one DECX session and one artifact workspace.

decxcli-app-vulnhunt

/decxcli-app-vulnhunt

Android app vulnerability hunting skill built on DECX CLI + JADX. Use for APK attack-surface enumeration, exported component and deep-link triage, WebView and IPC flow tracing, exploitability screening, bilingual reporting, and handoff to decxcli-poc.

decxcli-framework-vulnhunt

/decxcli-framework-vulnhunt

Use when hunting Android framework vulnerabilities in a processed final framework bundle, `system_server`, Binder services, AIDL implementations, vendor services, or OEM framework code.

decxcli-poc

/decxcli-poc

Android exploit PoC construction skill. Turns one DECX-supported finding into one buildable PoC app, with optional compile and adb deployment when explicitly requested.

decxcli

/decxcli

General Android analysis skill for DECX CLI. Use for APK/DEX/JAR opening, source lookup, cross-reference tracing, manifest inspection, resource inspection, and session management.

using-decx

/using-decx

Use when starting any DECX-related conversation. Establishes how to find and use DECX skills before any DECX action, including clarifying questions.

Hooks (1)

Review workflow modifications before installing

Event Hooks

1 hook across 1 event

README

DECX - Decompiler + X

A JADX-based Decompiler + X - Designed for AI-assisted code analysis

Overview

DECX (Decompiler + X) is a smart code analysis platform built on the JADX decompiler, designed specifically for AI-assisted code analysis. The platform provides powerful Java code analysis capabilities to AI assistants through HTTP API and MCP (Model Context Protocol).

Installation

Prerequisites

Java: JDK 11+
Node.js: 18+ for the CLI
JADX: v1.5.2+ with plugin support if you use the GUI plugin
Python: 3.10+ or uv for the plugin MCP sidecar; without uv, ensure requests, fastmcp, and pydantic are available

CLI And AI Skills

For AI-assisted CLI work, install the CLI, install the DECX server JAR, then expose the bundled skills to your agent:

npm install -g @jygzyc/decx-cli
decx self install
git clone https://github.com/jygzyc/decx ~/.decx/source
mkdir -p ~/.agents
ln -s ~/.decx/source/skills ~/.agents/skills

Replace ~/.agents/skills with the skills directory expected by your agent:

Agent	Link target
Claude Code	`~/.claude/skills`
Opencode	`~/.config/opencode/skills`
Codex	`~/.codex/skills`
Common agent setup	`~/.agents/skills`

The skills/ directory contains:

Skill	Use
`decxcli`	General code navigation, source lookup, xrefs, manifest, and resource inspection
`decxcli-app-vulnhunt`	APK attack-surface enumeration, component/WebView/IPC tracing, exploitability triage, and bilingual reports
`decxcli-framework-vulnhunt`	Android framework and Binder/service vulnerability hunting on the processed final framework bundle
`decxcli-poc`	Build a focused Android PoC app and optional helper server from one confirmed finding

JADX Plugin

Install the plugin from the JADX GUI plugin manager, or install a plugin JAR manually:

jadx plugins --install-jar <path-to-jadx_decx_plugin.jar>

After installation, open an APK/JAR in JADX and enable DECX. The plugin exposes the DECX HTTP API and MCP tools for the currently opened JADX project.

Usage

CLI + Skills

For agent-driven analysis, use the CLI to create a session and let the installed skills drive the detailed workflow:

decx process open target.apk --name target
decx code classes --limit 50
decx code search-global "WebView" --limit 20
decx ard exported-components
decx ard app-deeplinks
decx process close target
decx process close --port 25419

Typical skill sequence:

decxcli for exploration and evidence gathering
decxcli-app-vulnhunt or decxcli-framework-vulnhunt for focused vulnerability hunting
decxcli-poc for turning one confirmed finding into a buildable PoC

Useful command groups:

Need	Commands
Session lifecycle	`decx process open <file>`, `decx process list`, `decx process check`, `decx process close [name] [--port <port>]`
Code analysis	`decx code classes`, `class-source`, `method-source`, `method-context`, `search-global`, `search-class`, `xref-method`, `xref-class`, `xref-field`, `implement`, `subclass`
APK analysis	`decx ard app-manifest`, `main-activity`, `app-application`, `exported-components`, `app-deeplinks`, `app-receivers`, `get-aidl`, `all-resources`, `resource-file`, `strings`
Framework analysis	`decx ard framework collect`, `process <oem>`, `run`, `open [jar]`, plus `system-service-impl <interface>`
Live device helpers	`decx ard system-services`, `decx ard perm-info <permission>`
CLI/server management	`decx self install`, `decx self update`

Notes:

Session-backed code and ard commands support --page <n> and can target a session with -s, --session <name> or a port with -P, --port <port>.
decx code class-source supports --limit <n> to return at most N source lines.
decx process open <file> passes standard jadx-cli flags through and enables --show-bad-code by default.
decx ard all-resources supports file-name filtering with --include and --no-regex.
system-services and perm-info are adb-backed commands. They use --serial / --adb-path, not -P <port>.
decx ard framework run collects from the connected device, processes, packs, and opens the final framework JAR by default; process <oem> is for local framework dumps.

Plugin + MCP

Use the plugin when you want the AI assistant to work against the project already opened in JADX GUI:

View full README on GitHub

Similar Plugins

android-reverse-engineering

4.3k

Decompile Android APK/JAR/AAR with jadx, trace call flows through libraries, and document extracted APIs.

Stats

Version3.2.0

Stars14

Forks1

MaintenanceExcellent

LicenseGPL-3.0

Last CommitApr 23, 2026

AddedApr 23, 2026

Actions

View on GitHub View README Plugin Marketplace JSON

Available In

decx-dev14

Safety Signals

Caution

Uses power tools

Uses Bash, Write, or Edit tools

Help us improve

Share bugs, ideas, or general feedback.

Back to Plugins

DECX - Decompiler + X

A JADX-based Decompiler + X - Designed for AI-assisted code analysis

Overview

Installation

Prerequisites

Java: JDK 11+
Node.js: 18+ for the CLI
JADX: v1.5.2+ with plugin support if you use the GUI plugin
Python: 3.10+ or uv for the plugin MCP sidecar; without uv, ensure requests, fastmcp, and pydantic are available

CLI And AI Skills

For AI-assisted CLI work, install the CLI, install the DECX server JAR, then expose the bundled skills to your agent:

npm install -g @jygzyc/decx-cli
decx self install
git clone https://github.com/jygzyc/decx ~/.decx/source
mkdir -p ~/.agents
ln -s ~/.decx/source/skills ~/.agents/skills

Replace ~/.agents/skills with the skills directory expected by your agent:

Agent	Link target
Claude Code	`~/.claude/skills`
Opencode	`~/.config/opencode/skills`
Codex	`~/.codex/skills`
Common agent setup	`~/.agents/skills`

The skills/ directory contains:

Skill	Use
`decxcli`	General code navigation, source lookup, xrefs, manifest, and resource inspection
`decxcli-app-vulnhunt`	APK attack-surface enumeration, component/WebView/IPC tracing, exploitability triage, and bilingual reports
`decxcli-framework-vulnhunt`	Android framework and Binder/service vulnerability hunting on the processed final framework bundle
`decxcli-poc`	Build a focused Android PoC app and optional helper server from one confirmed finding

JADX Plugin

Install the plugin from the JADX GUI plugin manager, or install a plugin JAR manually:

jadx plugins --install-jar <path-to-jadx_decx_plugin.jar>

After installation, open an APK/JAR in JADX and enable DECX. The plugin exposes the DECX HTTP API and MCP tools for the currently opened JADX project.

Usage

CLI + Skills

For agent-driven analysis, use the CLI to create a session and let the installed skills drive the detailed workflow:

decx process open target.apk --name target
decx code classes --limit 50
decx code search-global "WebView" --limit 20
decx ard exported-components
decx ard app-deeplinks
decx process close target
decx process close --port 25419

Typical skill sequence:

decxcli for exploration and evidence gathering
decxcli-app-vulnhunt or decxcli-framework-vulnhunt for focused vulnerability hunting
decxcli-poc for turning one confirmed finding into a buildable PoC

Useful command groups:

Need	Commands
Session lifecycle	`decx process open <file>`, `decx process list`, `decx process check`, `decx process close [name] [--port <port>]`
Code analysis	`decx code classes`, `class-source`, `method-source`, `method-context`, `search-global`, `search-class`, `xref-method`, `xref-class`, `xref-field`, `implement`, `subclass`
APK analysis	`decx ard app-manifest`, `main-activity`, `app-application`, `exported-components`, `app-deeplinks`, `app-receivers`, `get-aidl`, `all-resources`, `resource-file`, `strings`
Framework analysis	`decx ard framework collect`, `process <oem>`, `run`, `open [jar]`, plus `system-service-impl <interface>`
Live device helpers	`decx ard system-services`, `decx ard perm-info <permission>`
CLI/server management	`decx self install`, `decx self update`

Notes:

Session-backed code and ard commands support --page <n> and can target a session with -s, --session <name> or a port with -P, --port <port>.
decx code class-source supports --limit <n> to return at most N source lines.
decx process open <file> passes standard jadx-cli flags through and enables --show-bad-code by default.
decx ard all-resources supports file-name filtering with --include and --no-regex.
system-services and perm-info are adb-backed commands. They use --serial / --adb-path, not -P <port>.
decx ard framework run collects from the connected device, processes, packs, and opens the final framework JAR by default; process <oem> is for local framework dumps.

Plugin + MCP

Use the plugin when you want the AI assistant to work against the project already opened in JADX GUI:

decx

Component Overview

Component Details

Agents (4)

Skills (6)

Hooks (1)

README

DECX - Decompiler + X

Overview

Installation

Prerequisites

CLI And AI Skills

JADX Plugin

Usage

CLI + Skills

Plugin + MCP

Similar Plugins

android-reverse-engineering

Help us improve

Help us improve

decx

Component Overview

Component Details

Agents (4)

Skills (6)

Hooks (1)

README

DECX - Decompiler + X

Overview

Installation

Prerequisites

CLI And AI Skills

JADX Plugin

Usage

CLI + Skills

Plugin + MCP

Similar Plugins

android-reverse-engineering

Help us improve

firebase-apk-scanner

mobile-observability

reverse-engineering

android

binary-re