Back to skill

Security audit

Leafengines

Security checks across malware telemetry and agentic risk

Overview

LeafEngines is a disclosed remote agricultural API/MCP integration, but users should treat its public test key and farm/location data sharing carefully.

Install only if you are comfortable sending agricultural queries, county/location data, and any paid API header to LeafEngines' hosted service. Prefer the free-tier header for testing, treat the public test key as public and revocable, avoid sensitive farm/business details unless needed, store paid keys in MCP header/secret configuration, and review scripts/install.sh before running it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The README publicly exposes and repeatedly promotes a shared test API key, encouraging immediate use without any guidance on credential handling, abuse limits, or revocation expectations. Even if the key is intended for a free tier, publishing it as a reusable credential can enable quota exhaustion, service abuse, misleading attribution of activity, and normalizes insecure secret-sharing practices for downstream users.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The configuration example directs users to send data to a remote Supabase-hosted endpoint but does not disclose that agent inputs, geolocation, soil, weather, or potentially operational data will leave the local environment. In an agent skill context, this omission is risky because users may assume local processing while the skill transmits potentially sensitive agricultural or location data to a third-party service.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill encourages use of third-party hosted endpoints and transmission of county/location parameters plus authentication headers, but the user-facing description does not prominently warn that this data leaves the local environment and is processed by external services. This can lead users to disclose sensitive operational or billing credentials without informed consent, especially in agentic workflows where headers may be reused automatically.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.exposed_secret_literal

File appears to expose a hardcoded API secret or token.

Critical
Code
suspicious.exposed_secret_literal
Location
README.md:179