I have gone through below links-
https://github.com/irsl/ADB-Backup-APK-Injection/
and found-
There’s a severe vulnerability in the way that all versions of Android handle the restoration of backups that can allow an attacker to inject a malicious APK file into the backup archive. The bug is the result of an issue with the ADB command-line tool for Android and the researchers who discovered it say there is no fix for it right now.
I have not used BackupAgent class in my project.Is my project still Android Backup Vulnerable which can allow injection of malicious apps?
As per the link
The attacker first needs to convince the user to install an application with the malicious BackupAgent class.
So can i assume that there is no way an app is vulnerable to this issue if it is not using custom BackupAgent class?