ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Mobilerun

v1.2.0

Give your OpenClaw agent hands on a real Android phone. Tap, swipe, type, take screenshots, read the UI accessibility tree, and manage apps — all through the...

0· 129·0 current·0 all-time
by@pelae1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name, description, and the API endpoints in the docs all align: controlling Android devices (tap, swipe, screenshot, UI tree, app management). The single declared primary credential (MOBILERUN_API_KEY) is appropriate for the described API-based functionality.
!
Instruction Scope
Runtime instructions are mostly scoped to calling the Mobilerun API (GET /devices, screenshots, ui-state, tap/swipe, etc.), which is appropriate. However the top-level SKILL.md claim 'No data leaves your control' contradicts other documents that describe cloud devices, task execution, screenshot/UI state endpoints, streaming (SSE), webhooks, and VPN routing — these features necessarily transmit device data to mobilerun.ai and (if used) to webhook endpoints. setup.md also instructs users to install a Portal APK and enable Android Accessibility permissions (highly sensitive). There's one ambiguous line ('The agent should provide the API key to the user at step 2') that could be misinterpreted as the agent revealing or exfiltrating keys; the intended meaning is likely that the agent should instruct the user how to paste their key into the Portal app, but it should be clarified. Overall the instructions are powerful (can read screenshots and accessibility tree) and include operations that expose sensitive UI contents to the Mobilerun service when cloud features or tasks are used.
Install Mechanism
Instruction-only skill with no install spec or code files — lowest disk/execution risk on the agent host. However the setup workflow requires the user to install a Portal APK on their Android device (droidrun.ai -> GitHub release) which is outside the agent host and raises mobile-side risk; this is expected for the feature but should be highlighted to users.
Credentials
Only one credential is declared (MOBILERUN_API_KEY), which is proportional to the API-driven purpose. The skill will prompt for or require this key. Users should avoid pasting other unrelated secrets. Note: the Portal APK flow asks the user to paste the same API key into the phone app, and enabling Accessibility grants the Portal app broad view/interact permissions on the device—this is functionally required but high-privilege.
Persistence & Privilege
No special persistence flags (always: false), no install-time scripts, and no modifications to other skills are present. The skill can be invoked autonomously by the agent (default), which is normal; combine that with the sensitive device-control surface only if you trust the skill and the API.
What to consider before installing
What to consider before installing or using this skill: - The skill legitimately needs your Mobilerun API key (MOBILERUN_API_KEY). Do not paste unrelated secrets. Prefer to store the key in OpenClaw's secure config rather than pasting it into chat. - The setup instructs you to install a Portal APK on your Android phone and enable Accessibility permissions. That Portal app will be able to read screen contents and interact with apps; only install it if you trust Mobilerun and understand the risk. - Despite the SKILL.md claim 'No data leaves your control,' the platform supports cloud devices, task execution, screenshots/UI state streaming, webhooks, and VPN routing — these features send device data to mobilerun.ai (and optionally to webhook URLs). If you must keep data local, restrict use to your personal device and avoid cloud/task features. - The docs are otherwise coherent with the stated purpose, but ambiguous phrasing (e.g., about providing the API key) should be clarified. If you proceed: (1) use a dedicated API key you can revoke, (2) test with non-sensitive data, and (3) revoke the key immediately if anything unexpected happens. - If you need higher assurance, ask the skill author for proof of the Mobilerun service identity (official homepage) and a privacy/security policy describing how screenshots and UI data are stored and retained.

Like a lobster shell, security has layers — review code before you run it.

latestvk974qdffxnsh3aesmq406qmmgh838d7t

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📱 Clawdis
Primary envMOBILERUN_API_KEY

Comments