siteleaf
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clitool from the NPM registry. This is an official utility provided by the vendor (membranedev). - [COMMAND_EXECUTION]: Uses the
membraneCLI for managing service connections and executing API actions. These operations are restricted to the functionality provided by the Membrane platform. - [DATA_EXFILTRATION]: Authentication is handled via the Membrane platform's OAuth flow, which prevents the need for hardcoding or locally storing sensitive API keys.
- [PROMPT_INJECTION]: The skill processes content from Siteleaf (such as posts and metadata).
- Ingestion points: Siteleaf data retrieved via
membrane action runormembrane request(SKILL.md). - Boundary markers: Not explicitly defined.
- Capability inventory: The skill can read data, list actions, and send proxied HTTP requests to the Siteleaf API.
- Sanitization: No specific sanitization logic is provided for external data content.
Audit Metadata