The documentation is cryptic, outdated, incomplete, and often just plain missing.
Also, I apologize if my above post seemed like a flame against your app - overall it's great and you are providing a great service to Android/Google Voice users. Keep up the good work.
I ended up giving my real number to anyone that mattered. I still use my Google Voice number for anything online or calls/text messages that I potentially want to screen. It's a great service but it didn't work for me as an every day number.
Simply get your application published and give people some incentive to download it (for free). Once your intended target or target quota has installed download a "media file" that's actually the malicious binary. Then it's just a matter of smashing your own application's stack to run the code.
"It ain't so much the things we don't know that get us in trouble. It's the things we know that ain't so." -- Artemus Ward aka Charles Farrar Brown