maestro-mobile-testing
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- REMOTE_CODE_EXECUTION (HIGH): The skill uses a piped command ('curl | bash') to execute remote scripts from 'https://get.maestro.mobile.dev'. This pattern is extremely dangerous as it grants the remote source full execution privileges on the host system without prior inspection.
- EXTERNAL_DOWNLOADS (HIGH): The skill pulls code from 'get.maestro.mobile.dev', which is not a trusted source according to the [TRUST-SCOPE-RULE]. Furthermore, automated security scanners have flagged this domain as being associated with 'Botnet' activity.
- COMMAND_EXECUTION (HIGH): Executing unverified code directly via the shell is a high-risk operation that can lead to complete system compromise and allows for the installation of malicious persistence mechanisms.
Recommendations
- HIGH: Downloads and executes remote code from: https://get.maestro.mobile.dev - DO NOT USE without thorough review
- AI detected serious security threats
- Contains 2 malicious URL(s) - DO NOT USE
Audit Metadata