Auto Sign Tester is used to check if the wallet's WebView component still triggers a signature request when the Dapp automatically initiates it after switching to a non-WebView page. If it does, there is a phishing risk.
Click the "Enable Ethereum" button on the page to connect the wallet, then click "Auto Personal Sign" to trigger a signature request every 5 seconds.
If a signature request can still be triggered from the Dapp after leaving the wallet's WebView interface, a vulnerability exists.
The wallet should not respond to WebView operations after the user leaves the WebView interface.