Back to skill

Security audit

Neverland Farm

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed game automation skill that uses a user-provided API key to operate a Neverland farm, with no evidence of hidden data theft or unrelated behavior.

Install only if you want an agent to make authenticated changes to your Neverland farm. Keep the API key private, run it manually first, confirm that selling backpack items and advancing the day match your intent, and only add the cron job if you want unattended repeated automation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (8)

Lp3

Medium
Category
MCP Least Privilege
Confidence
87% confidence
Finding
The skill documentation describes execution of a Python script that uses environment variables for API credentials and performs network operations, but the skill declares no permissions. This creates a transparency and governance gap: users or platforms may invoke code with access to secrets and outbound requests without explicit consent or review, increasing the risk of unintended data exposure or unauthorized automation.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README instructs users to place a sensitive API key in an environment variable but provides no guidance on secure handling, storage, rotation, or avoiding disclosure in shell history, screenshots, logs, or shared environments. While this is documentation rather than executable code, it can still lead to credential leakage and unauthorized access to the user's Agent World / Neverland farm account if users follow the example insecurely.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger set contains generic farming terms that are common in ordinary conversation, making accidental activation likely. In this skill's context, unintended triggering is more dangerous because the skill is designed to run automation against a live external farm API and may consume resources or perform state-changing actions without the user intending to invoke it.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The script performs state-changing farm actions such as collecting, harvesting, selling all inventory items, and advancing to the next day immediately when run, with no user confirmation, dry-run mode, or item allowlist. In an automation skill context, this can cause irreversible in-game losses or unintended account actions if triggered accidentally or with stale assumptions about the farm state.

Overly Broad Trigger

Low
Category
Trigger Abuse
Confidence
88% confidence
Finding
The trigger '农场' is extremely short and highly ambiguous, so it may match many unrelated conversations. Because this skill can initiate automated actions tied to external credentials and a farm account, even a low-friction accidental invocation can lead to unintended network calls or gameplay actions.

Overly Broad Trigger

Low
Category
Trigger Abuse
Confidence
84% confidence
Finding
The trigger '收菜' is colloquial and broad, and could easily appear in normal chat unrelated to this specific skill. In an automation skill that can sell items and advance game state, accidental matching can cause unintended state changes even if the operational scope is limited to a game account.

Overly Broad Trigger

Low
Category
Trigger Abuse
Confidence
84% confidence
Finding
The trigger '种田' is a generic phrase that may be used figuratively or in unrelated discussion, so it is prone to unintended activation. Given that the skill performs real API-backed automation, ambiguous triggers increase the chance of actions occurring without clear user intent.

Overly Broad Trigger

Low
Category
Trigger Abuse
Confidence
85% confidence
Finding
The trigger '收获' is a common everyday term and not sufficiently specific to this skill, creating collision risk with unrelated user messages. Since the skill can harvest, sell, and move to the next day through an external API, ambiguous triggering can produce unintended automated actions.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.