Skills
skills/membranedev/application-skills/leiga/Gen Agent Trust Hub

leiga

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @membranehq/cli package from the public npm registry to function. This is a standard dependency for the Membrane integration platform.
  • [COMMAND_EXECUTION]: The skill operates by executing shell commands via the membrane CLI to manage authentication, list connections, and run integration actions.
  • [DATA_EXPOSURE_AND_EXFILTRATION]: The skill adheres to secure credential management practices by using a delegated authentication flow (membrane login) rather than requesting or storing raw API keys.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes external data returned from Leiga actions. While it lacks explicit boundary markers or sanitization instructions for this data, it is a standard functional surface with minimal risk in this context.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 04:18 AM
Security Audit — agent-trust-hub — leiga