Shell command execution detected (child_process).
Critical
- Code
- suspicious.dangerous_exec
- Location
- dist/bundle.js:2804
- Evidence
const matches = RELATIVE_JSON_POINTER.exec($data);
Security audit
Mobile GUI Bundle
Security checks across malware telemetry and agentic risk
Overview
This appears to be a real Android phone automation bundle, but it needs Review because it can broadly tap, type, and act in any connected device app with only limited artifact-backed guardrails for high-risk actions.
Install only if you trust the publisher and are comfortable giving the skill broad control over a connected Android device. Use a test phone or limited accounts first, configure a trusted LLM endpoint, require explicit confirmation for messages/payments/deletions, and review/clear local logs and session files after use.
VirusTotal
VirusTotal engine telemetry is currently stale for this artifact.
Static analysis
Detected: suspicious.dangerous_exec, suspicious.dynamic_code_execution
Dynamic code execution detected.
Critical
- Code
- suspicious.dynamic_code_execution
- Location
- dist/bundle.js:2953
- Evidence
const makeValidate = new Function(`${names_1.default.self}`, `${names_1.default.scope}`, sourceCode);