Leadiq
v1.0.2LeadIQ integration. Manage Leads, Persons, Organizations, Accounts, Activities, Notes and more. Use when the user wants to interact with LeadIQ data.
⭐ 0· 219·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (LeadIQ integration) match the runtime instructions: all actions are executed via the Membrane CLI and network access to Membrane/LeadIQ. There are no unexplained environment variables, binaries, or config paths required.
Instruction Scope
SKILL.md stays on-topic: it instructs installing and using the Membrane CLI, logging in, creating a connector, listing/running actions, and proxying requests to LeadIQ. It does not instruct reading unrelated files, asking for arbitrary secrets, or transmitting data to unexpected endpoints. The only extra behavior is recommending a global npm install (user-run).
Install Mechanism
This is an instruction-only skill (no install spec). It tells the user to install @membranehq/cli via npm (-g). That's a standard public npm package install (moderate trust required). There are no ad-hoc downloads or obscure URLs, but installing a global npm package writes to the system and requires trusting the package/publisher.
Credentials
The skill declares no required env vars and explicitly instructs not to ask users for API keys. Authentication is delegated to Membrane (server-side credential handling). This is proportionate, but it does mean you must trust Membrane to hold and refresh LeadIQ credentials on your behalf.
Persistence & Privilege
The skill does not request always:true, does not modify other skills or system-wide settings, and has no install-time persistence requirements beyond the optional CLI the user may install.
Assessment
This skill appears coherent and safe in purpose, but before installing or using it: 1) Verify you trust Membrane (getmembrane.com) because credentials and proxied API calls are handled by their service. 2) When asked to run `npm install -g @membranehq/cli`, confirm the npm package name and publisher (avoid installing untrusted global packages). 3) If handling sensitive corporate data, prefer using a vetted corporate Membrane account or isolate the CLI install in a controlled environment. 4) Review Membrane's privacy/TOS to understand where LeadIQ credentials and request logs are stored. If you want, provide the npm package name/version or the Membrane org repo so you can get a more detailed trust assessment.Like a lobster shell, security has layers — review code before you run it.
latestvk9797q5v6s31cr3pj2psm70qms843ey0
License
MIT-0
Free to use, modify, and redistribute. No attribution required.