Skills
skills/membranedev/application-skills/leadconduit/Gen Agent Trust Hub

leadconduit

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package globally via npm. This is a vendor-provided tool (Membrane) necessary for the skill's operation and is sourced from the official npm registry.
  • [COMMAND_EXECUTION]: The skill utilizes the membrane CLI to perform several operations, including logging in, connecting to LeadConduit, and running actions. These commands are typical for a CLI-based integration and do not involve unauthorized privilege escalation or persistence.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it processes natural language intents and external data through action parameters.
  • Ingestion points: External data enters through user-provided queries in membrane action list --intent and JSON inputs in membrane action run --input.
  • Boundary markers: No specific delimiters or boundary markers are used to isolate untrusted data in the command examples.
  • Capability inventory: The skill can list, create, and run actions, which involves network communication and data manipulation on the LeadConduit platform.
  • Sanitization: No explicit sanitization or validation of input data is performed within the skill's instructions, relying on the underlying platform's security controls.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 04:46 PM