The description of androguard function get_tainted_packages() is "Return the tainted packages". It seems all classes defined for the APP will be returned from my testing of this function. But what is the meaning of tainted packages ?
Just got the answer below from github here
Tainted packages are those that are referenced at least once from the code of the application.
This is detected by inspecting every opcode of every code block in the application bundle and looking for types of opcodes that reference fields or make calls to the classes. Then all such cases are collected and the related packages are extracted.