Back to skill

Security audit

Leafer Js

Security checks across malware telemetry and agentic risk

Overview

This is a LeaferJS documentation skill with some broad activation and copyable persistence examples, but no evidence of hidden execution, data theft, or destructive behavior.

Installers should treat this as a LeaferJS reference skill, not a runtime tool. Before relying on it, review whether its broad trigger terms fit your workflow, and add user consent, retention, and clear-data controls before copying the localStorage autosave pattern into an application.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger conditions are broad enough to activate on generic terms like visualization, animation systems, UI layout, and graphics interaction, which can cause the skill to engage outside clearly intended LeaferJS-specific requests. Over-broad activation can steer conversations, override more appropriate skills, and increase the chance that users receive irrelevant or misleading framework-specific guidance.

Natural-Language Policy Violations

High
Confidence
88% confidence
Finding
The description states the skill should provide support in Chinese without offering a user-choice mechanism, which can force responses into a language the user did not request. This is mainly a quality and safety-of-operation issue because it can reduce comprehension, cause user confusion, and make technical instructions less usable, but it does not by itself create code execution or data exposure risk.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The ExtendedApp example enables periodic autosave to localStorage without any user notice, consent flow, retention policy, or sensitivity guidance. In a graphics/editor context, serialized scene data may contain user-generated content, embedded metadata, or other sensitive information that persists locally and can be exposed to other users of the same browser profile or recovered later.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.