Dangerous Permissions Checker
Paste your AndroidManifest and see exactly which dangerous permissions your app requests, and why each one matters.
About Dangerous Permissions Checker
Paste your AndroidManifest and see exactly which dangerous permissions your app requests, and why each one matters.
Dangerous Permissions Checker is part of APKLint’s manifest & configuration toolkit — Audit your AndroidManifest and security config. It’s free to use and needs no account.
Your privacy is the default: what you submit is processed on our servers over an encrypted connection for that request only — it isn’t written to file or object storage, and never shared.
What Dangerous Permissions Checker checks
- Which requested permissions are runtime ('dangerous')
- What each dangerous permission grants
- Modern permissions (POST_NOTIFICATIONS, READ_MEDIA_*, BLUETOOTH_*)
- Permissions you may be able to drop
Good to know: Lists and explains dangerous permissions from the manifest; it can't tell which your features truly need.
When to use Dangerous Permissions Checker
- Best for
- Seeing exactly which dangerous (runtime) permissions a pasted AndroidManifest requests and why each one matters.
- Not the right tool for
- Not a full manifest audit (use Manifest Checker) and not a permission-usage trace in code.
- What you get back
- The list of dangerous permissions declared, each with its risk and user-facing implication.
- How it differs from related APKLint tools
- It isolates the dangerous-permissions question that the Manifest Checker covers as one section among many.
- Limitations
- It reports declarations; it cannot tell whether the app actually uses each permission.
How to use Dangerous Permissions Checker
- Paste your file — Paste your AndroidManifest.xml.
- Send for analysis — APKLint checks it on our servers over an encrypted connection.
- Review the findings — Work through each result with a short explanation of why it matters.
- Nothing is stored — Your pasted text is processed for this request only — it isn't written to file or object storage, logged for analytics, or shared.
Why use APKLint
Every tool is free with no login and no paywall. Reasonable file and input limits keep the free service stable.
A clean, focused interface with no third-party ad banners cluttering your results.
What you submit is processed for the request only — it isn't written to file or object storage, and never shared.
Parses the XML or text you paste with a hardened parser (defusedxml).
Start immediately — no account, login, or email required.
Runs in any modern browser, on desktop or mobile.
Frequently asked questions
What does Dangerous Permissions Checker do?
Paste your AndroidManifest and see exactly which dangerous permissions your app requests, and why each one matters.
What makes a permission 'dangerous'?
Android labels permissions that access private data or sensors as dangerous — they require a runtime prompt. Each should map to a real feature.
Is it free to use?
Yes. Every tool on APKLint is completely free, with no sign-up and no account.
How is my data handled?
What you submit is sent to our backend over an encrypted connection only to produce your result. It isn't written to file storage, used for analytics, or shared.
What should I paste in?
Paste your AndroidManifest.xml.