Exposed secret literal
Critical
- Finding
- File appears to expose a hardcoded API secret or token.
Leafengines
Security checks across static analysis, malware telemetry, and agentic risk
Overview
LeafEngines appears to be a disclosed remote agricultural API/MCP integration, but it uses an external provider with optional paid API keys/test keys and a manual installer that users should review.
Use the free-tier header or public test key to evaluate first. If using a paid key, keep it in MCP header/secret configuration rather than chat, monitor usage and billing, and inspect scripts/install.sh before running it. Treat marketing or approval claims as non-security assurances and review the provider's privacy/cost terms before sending farm or location data.
Static analysis
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
If you use a paid key, agent tool calls can consume your LeafEngines plan or quota.
Why it was flagged
The skill can be configured with a paid LeafEngines API key. This is purpose-aligned, but it gives the remote service authenticated access to the user's paid quota.
Skill content
Add header: x-free-tier: true (FREE) OR x-api-key: YOUR_PAID_KEY (Paid)
Recommendation
Test with the free-tier header first; store paid keys in MCP header/secret configuration, monitor usage, and rotate/revoke keys if needed.
What this means
Frequent automated use with a paid key could spend quota or incur charges.
Why it was flagged
The service may bill or consume quota per API call when configured with paid access. The artifacts do not show automatic purchasing, but agent-invoked calls could still have cost implications.
Skill content
Paid Tiers: From $0.001/call for patent-protected soil analysis
Recommendation
Use free/test access for evaluation, set spending or rate controls if available, and require review before high-volume paid use.
What this means
Agricultural query data such as county/location-related inputs will be sent to the provider.
Why it was flagged
The skill routes MCP tool calls to an external Supabase-hosted provider. This is disclosed and purpose-aligned, but the artifacts do not describe provider retention or privacy boundaries.
Skill content
"server":"https://wzgnxkoeqzvueypwzvyn.supabase.co/functions/v1/mcp-server"
Recommendation
Review the provider's privacy and retention terms before sending sensitive farm, location, or business-planning data.
What this means
Running the script can persist a LeafEngines MCP configuration on the machine and contact the remote API.
Why it was flagged
If manually run, the shell helper creates an OpenClaw configuration directory/file and performs an outbound health-check request. This is scoped and disclosed in the script, but it is still local code execution.
Skill content
CONFIG_DIR="$HOME/.openclaw/config" ... mkdir -p "$CONFIG_DIR" ... curl -s ... "https://wzgnxkoeqzvueypwzvyn.supabase.co/functions/v1/api/health"
Recommendation
Inspect the script before running it and confirm you want it to create or modify files under ~/.openclaw/config.
What this means
Users may over-trust the skill or paid service based on marketing and approval claims.
Why it was flagged
The documentation uses third-party approval and security-validation language. Even if accurate for a QGIS plugin, it should not be treated as a security review of this OpenClaw skill or remote MCP provider.
Skill content
The official QGIS approval eliminates weeks of custom validation, security audits, and compatibility testing.
Recommendation
Verify approval, pricing, and security claims independently before relying on them or purchasing paid access.