...
Automatic detection of the setting of the android:debuggable attribute is straightforward. It is not feasible to automatically determine whether any data that might be revealed by debugging the app is sensitive.
Related Vulnerabilities
Hyperlink black-font text "the CERT website" below, with URL as follows: https://www.kb.cert.org/vulnotes/bymetric?searchview&query=FIELD+KEYWORDS+contains+<RULE_ID>
In the URL example above, <RULE_ID> should be substituted by this CERT guideline ID (e.g., INT31-C). Then, remove this purple-font paragraph.
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
Fill in the table below with at least one entry row, per these instructions, then remove this purple-font section.
...