tester-mobile
Fail
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill employs a dangerous installation pattern: 'curl -Ls "https://get.maestro.mobile.dev" | bash'. This executes a remote script directly in the shell without any verification or integrity check. Automated security scans have flagged this specific domain for botnet activity.
- [COMMAND_EXECUTION]: The skill leverages a broad range of powerful shell commands via 'npx' and 'bash' to perform testing and build operations (e.g., 'expo-doctor', 'jest', 'eas'). These capabilities represent a high-risk surface if the agent's instructions are subverted.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its ingestion of external markdown files.
- Ingestion points: Processes 'PRD-*.md' and 'USER-JOURNEY.md' files from the repository to define test cases and success criteria.
- Boundary markers: Absent; the skill does not use delimiters or instructions to ignore embedded commands within these external documents.
- Capability inventory: Has significant capabilities including arbitrary command execution, network access via EAS, and remote script execution.
- Sanitization: No sanitization, validation, or escaping is performed on the content parsed from these files before it influences agent behavior or command parameters.
Recommendations
- HIGH: Downloads and executes remote code from: https://get.maestro.mobile.dev - DO NOT USE without thorough review
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata