Skills
skills/leanmcp-community/skills/leanmcp-builder/Gen Agent Trust Hub

leanmcp-builder

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (MEDIUM): The package.json file uses the latest tag for @leanmcp/core and @leanmcp/cli. This practice is unverifiable and allows for the automatic ingestion of potentially malicious updates from an untrusted publisher.
  • [DATA_EXFILTRATION] (HIGH): The documentation in references/decorators.md provides a template for a tool (callApi) that takes a user-controlled endpoint string and performs a fetch request to it while including sensitive headers (X-API-Key). This pattern is a textbook example of SSRF that enables an attacker to exfiltrate secret environment variables to a remote server.
  • [DATA_EXFILTRATION] (MEDIUM): The server is configured with cors: true and runs on a static port (3001) in assets/main.ts. While standard for development, this increases the attack surface for Cross-Site Request Forgery (CSRF) or unauthorized access if deployed in an insecure environment.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 07:50 AM