Leadoo
v1.0.0Leadoo integration. Manage data, records, and automate workflows. Use when the user wants to interact with Leadoo data.
⭐ 0· 31·0 current·0 all-time
byVlad Ursul@gora050
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The skill's name/description (Leadoo integration) matches the instructions: it tells the agent to use the Membrane CLI to create connections, list actions, run actions, and proxy requests to Leadoo. No unrelated credentials, binaries, or file paths are requested.
Instruction Scope
Instructions are scoped to using the Membrane CLI and Leadoo endpoints. They explicitly rely on Membrane to handle authentication and proxying, so runtime traffic and credentials will flow through Membrane's service rather than directly to Leadoo — this is expected for a proxy-based integration but is a privacy/trust consideration the user should be aware of.
Install Mechanism
No install spec in the skill bundle, but the SKILL.md recommends installing the official @membranehq/cli via npm (npm install -g or npx). This is a standard public-registry package install (moderate risk only); there are no opaque downloads or extracted archives.
Credentials
The skill requests no environment variables or local config paths and delegates auth management to Membrane. The requirement for a Membrane account is proportionate to the described behavior. There are no unexplained credential requests.
Persistence & Privilege
The skill is instruction-only, not always-enabled, and does not request system-wide configuration changes or persistent elevated privileges. Autonomous invocation is allowed by default (normal for skills) but not combined with other concerning flags.
Assessment
This skill is coherent and appears to do what it says: it guides the agent to use the Membrane CLI to manage Leadoo connections and proxy API calls. Before installing/using it: 1) Recognize that API requests and auth are routed through Membrane (a third-party service) — only proceed if you trust getmembrane.com/@membranehq and the Membrane team. 2) Prefer using npx (npx @membranehq/cli@latest ...) if you want to avoid a global npm install. 3) Verify the npm package and GitHub repo (@membranehq/cli) yourself and run an npm audit if you install it. 4) When authenticating, complete flows in a browser you control and never paste unrelated secrets into prompts. 5) If you have strict data policies, confirm that routing Leadoo data via Membrane meets your compliance/privacy requirements.Like a lobster shell, security has layers — review code before you run it.
latestvk979kn0gmczwm4tj1e92q0ngan846p7b
License
MIT-0
Free to use, modify, and redistribute. No attribution required.