Mobility is cryptographically signed. To be sure the gem you install hasn't been tampered with, add my public key as a trusted certificate and install: gem cert --add <(curl -Ls https://raw.github.com/shioyama/mobility/master/certs/shioyama.pem) gem install mobility -P MediumSecurity The MediumSecurity trust profile will verify signed gems, but allow the installation of unsigned dependencies.