Make mobile apps agent-ready with safe, typed AI capabilities.
- capability exposureinferred+35
- tool safetyinferred+12
- trust mitigatorsmixed−3
inferredmixed
The A–E grade is our heuristic synthesis — a "review this" prompt, not a verdict. Each factor is tagged by what backs it: attested (a verifiable record), reported (a third party's claim), or inferred (our own heuristic, e.g. permissions). See methodology.
graded 14m ago · see ecosystem CVEs →
- A · 0 → C · 44
No known CVEs for this server.
- highdangerous code
credential logged in 1 file(s)
analyzed commit 1354c84 · analyzer v19 · 46m ago
danger signals2
- suspicious endpointexample.ngrok.appmobigent-mobigent-1354c84/packages/providers/src/cli.ts:783
mobigent-provider --provider chatgpt-actions --base-url https://example.ngrok.app - credential in logscredential in logmobigent-mobigent-1354c84/packages/gateway/src/http-server.ts:63
console.log(`Per-agent HTTP API keys are enabled for: ${Object.keys(httpAgentApiKeys).join(", ")}`);
[](https://mcpobservatory.com/servers/github:mobigent/mobigent/security) Heuristic, inferred signals — false positives (legitimately powerful tools, forks, language ports) are expected. Treat each as "review this", not a verdict. See the ecosystem-wide picture on the security hub, or the fleet security of mobigent.