leexi
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the @membranehq/cli package from the official NPM registry to enable communication with the vendor's platform.
- [COMMAND_EXECUTION]: The skill uses the membrane CLI to execute actions and proxy requests to the Leexi API, including operations like create-call and delete-meeting-event.
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface as it retrieves and processes untrusted conversation and user data.
- Ingestion points: Untrusted data enters the agent context via list-calls, get-call, list-meeting-events, and raw proxy requests (SKILL.md).
- Boundary markers: No explicit delimiters or instructions to disregard embedded content are used when processing external data.
- Capability inventory: The skill can execute actions via membrane action run and perform network operations via membrane request (SKILL.md).
- Sanitization: No sanitization or filtering of external content is specified in the skill instructions.
Audit Metadata