Skills
skills/stevengonsalvez/agents-in-a-box/mobile-e2e-mcp/Gen Agent Trust Hub

mobile-e2e-mcp

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of global CLI tools (mcporter) and fetches the claude-in-mobile MCP server from the public NPM registry.
  • [REMOTE_CODE_EXECUTION]: It utilizes npx -y claude-in-mobile@latest to dynamically download and execute the latest version of an external package from the NPM registry at runtime.
  • [COMMAND_EXECUTION]: Orchestrates complex interactions with the host system using tmux, adb (Android Debug Bridge), and npx expo. It also generates and executes a Python snippet to perform Base64 decoding of screenshot data.
  • [CREDENTIALS_UNSAFE]: The skill instructs the agent to search the repository for production-sensitive configuration files (e.g., firebase-applet-config.json, google-services.json, credentials.json) and copy their contents into local environment files for use during testing.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 09:05 AM