Latest release: v0.1.2Download zip
Capabilities
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The stated purpose is coherent, but the capability is very broad: Android GUI automation can interact with messaging, payments, deletion, and other account-affecting apps.
Instruction Scope
The artifacts mention explicit confirmation for high-risk tasks, but the provided action/tool prompts expose raw CLICK/TYPE/AWAKE/SLIDE/LONGPRESS-style control and do not show a hard approval gate, app allowlist, or rollback boundary.
Install Mechanism
The unsafe install flag and local Python subprocess are disclosed and purpose-aligned for an MCP bridge, but users must treat the bundle as trusted local code.
Credentials
ADB, Node, Python, Python packages, and an LLM API configuration are proportional to the purpose, but the registry metadata under-declares these requirements.
Persistence & Privilege
The bridge is user-started and task/session persistence is present for pause/resume behavior; this is expected, but task context and device observations may persist locally.
Scan Findings in Context
[suspicious.dangerous_exec] expected: The documentation says the MCP bridge spawns a local Python subprocess and requires unsafe install; this is expected for the Android bridge but gives the plugin local code-execution power.
[suspicious.dynamic_code_execution] expected: The shown `new Function(...sourceCode)` snippet appears consistent with bundled JavaScript validation/runtime code rather than clear malicious eval, but it reinforces that the bundle should be reviewed as trusted code.
What to consider before installing
Install only if you trust the publisher and are comfortable giving the skill broad control over a connected Android device. Use a test phone or limited accounts first, configure a trusted LLM endpoint, require explicit confirmation for messages/payments/deletions, and review/clear local logs and session files after use.dist/bundle.js:2804
Shell command execution detected (child_process).
dist/bundle.js:2953
Dynamic code execution detected.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Verification
Tags
mobile-gui-bundle
Android GUI automation bundle for OpenClaw.
This bundle provides:
- a skill:
mobile_gui - MCP tools for Android GUI automation
- a Python bridge and ADB bridge for device interaction
Requirements
Host environment:
- Linux
adbnodepython3
Python packages required by the bridge:
flaskrequestspyyamlpillow
Android-side assumptions:
- an Android device is connected through ADB
- the included
adapter/yadbcan be pushed to the device when needed
Configuration
Create a runtime config file from the example:
cp config.example.yaml config.yaml
Then edit config.yaml and fill at least:
llm.api_basellm.api_keyllm.model_name
Optional:
adb.devicellm.image_resize
Start the ADB bridge
Run from the bundle root:
bash scripts/start_bridge.sh
This starts the local HTTP bridge used by the MCP server.
Install
Local directory install:
openclaw plugins install ./mobile-gui-bundle --dangerously-force-unsafe-install
ClawHub install:
openclaw plugins install clawhub:mobile-gui-bundle --dangerously-force-unsafe-install
The current MCP bridge implementation spawns a local Python subprocess and is expected to trigger OpenClaw's dangerous-code scanner. Treat this bundle as a trusted local/operator-managed plugin and review the shipped files before installing it.
After install, restart the gateway:
openclaw gateway restart
Verify
Ask the agent to list available tools and confirm the following are present:
mobile_device_statusmobile_gui_doctormobile_gui_observemobile_gui_start_taskmobile_gui_resume_taskmobile_gui_setupmobile_gui_cancel_task
Then test with a simple task such as:
- “打开设置查看手机型号”
Notes
- High-risk tasks such as messaging, payment, or deletion should require explicit user confirmation.
- The bundle ships the skill and MCP server, but runtime environment setup is still the operator’s responsibility.