Building directly for Android beats creating web apps by a mile.
A tool for static analysis to look for bugs in Java code. Qark - This tool is designed to look for several security related Android application vulnerabilities, either in source code or packaged APKs.