Bugs with no security impact

Some reports contain bugs that do not have any security impact. The following types of bugs do not have a meaningful security impact on Android and will not be accepted.

I can decompile/reverse engineer an app -- Most applications, including Android apps can be reverse engineered! While this can be a good technique for finding bugs, in itself, being able to determine internal information about how an application works is not a vulnerability. 

SQL injection in content providers with no privilege boundary -- It's not uncommon for unexpected input to cause SQL errors in content providers. However, this is only a security issue if it can be used to escalate privileges. For example, if an application has permissions to read and write contacts and can use SQL injection to read and write contacts, it is not an issue because its permissions allow that access anyhow. However, if it has read permissions and can use SQL injection to write, this is a security issue.

Issues that only occur on rooted devices or the emulator -- Rooted devices and emulators do not have the same security boundaries as regular devices. Bugs that only occur when a device is rooted are not eligible.