With the increasingly rampant malicious attacks of Android terminal, this paper proposes a detection technology of Android platform source code security based on static analysis. The technology uses the existing static analysis technology of Java source code, and joins Android implicit methods invocation processing, at last gets the control flow graph and data flow graph, which are based on Android source code and have no breakpoint. The technology analysis the malicious behavior of Android source code depending on the information flow graph, and then get the main loophole and flaw existed in Android project. Using this technology to detect multiple open source Android projects, the experimental results show that this technology can effectively detect the main loophole and flaw existing in Android source code. What's more, the technology can display complete attack path, which is convenient for developers to modify and maintain the project. Therefore, this technology has high practical value.