skills/membranedev/application-skills/leiga/Socket

leiga

Warn

Audited by Socket on Apr 22, 2026

1 alert found:

Anomaly

AnomalySKILL.md

LOW

AnomalyLOW

SKILL.md

SUSPICIOUS. The skill is broadly coherent with its stated purpose, and the CLI install source appears official via npm, but all Leiga access is funneled through Membrane as an intermediary and the install is unpinned. This is not confirmed malware, but it introduces meaningful trust and data-flow risk beyond a direct Leiga integration.

Confidence: 85%Severity: 52%

Audit Metadata

Analyzed At

Apr 22, 2026, 05:39 PM

Package URL

pkg:socket/skills-sh/membranedev%2Fapplication-skills%2Fleiga%2F@a2b6199fc438969d1850eab5c4852be149104852