The main SDK is open source. It's built from the same tree as Android from the AOSP, and you can build it yourself right now, which makes reverse engineering it sort of moot. Things like billing APIs or maps or google's push notifications however are in closed binaries, which I believe is what the clause is protecting.