The most powerful Android RPA agent framework, next generation mobile automation.
- capability exposureinferred+26
- recent driftinferred+12
- tool safetyinferred+12
- trust mitigatorsmixed−8
inferredmixed
The A–E grade is our heuristic synthesis — a "review this" prompt, not a verdict. Each factor is tagged by what backs it: attested (a verifiable record), reported (a third party's claim), or inferred (our own heuristic, e.g. permissions). See methodology.
graded 12m ago · see ecosystem CVEs →
- A · 0 → C · 42
no known CVEs for this server.
- highdangerous code
committed secret: private key · dynamic exec: eval()/exec()
analyzed commit 84edc22 · analyzer v17 · 2h ago
danger signals8
- dynamic code executioneval()/exec()firerpa-lamda-84edc22/setup.py:5
exec(open("lamda/__init__.py", "rt").read()) - dynamic code executioneval()/exec()firerpa-lamda-84edc22/tools/debugimage.py:39
area=eval(args.area), - committed secretprivate keyfirerpa-lamda-84edc22/tools/id_rsa:1
PEM private key block (redacted) - committed secretprivate keyfirerpa-lamda-84edc22/tools/root.key:1
PEM private key block (redacted) - committed secretprivate keyfirerpa-lamda-84edc22/tools/rsync.sh:19
PEM private key block (redacted) - committed secretprivate keyfirerpa-lamda-84edc22/tools/scp.sh:19
PEM private key block (redacted) - committed secretprivate keyfirerpa-lamda-84edc22/tools/ssh.sh:10
PEM private key block (redacted) - committed secretprivate keyfirerpa-lamda-84edc22/tools/test.pem:2
PEM private key block (redacted)
- recent drift+12 capability drift →
[](https://mcpobservatory.com/servers/github:firerpa/lamda/security) Heuristic, inferred signals — false positives (legitimately powerful tools, forks, language ports) are expected. Treat each as "review this", not a verdict. See the ecosystem-wide picture on the security hub, or the fleet security of firerpa.