teamleader
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes data from external Teamleader API endpoints, which introduces a surface area for indirect prompt injection. \n * Ingestion points: Data such as deals, persons, organizations, and project details retrieved from Teamleader via CLI commands. \n * Boundary markers: The skill does not provide specific instructions or delimiters to the agent to distinguish between its own instructions and content found within the CRM data. \n * Capability inventory: The skill can execute the
membraneCLI to perform network requests, list metadata, and run API actions. \n * Sanitization: No explicit sanitization or validation logic is described for the data fetched from the external API before it is consumed by the agent. \n- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the@membranehq/clipackage via npm and usesnpxto execute commands. These resources belong to the official vendor ecosystem for this skill. \n- [COMMAND_EXECUTION]: The skill uses themembraneCLI to perform all integration tasks. These commands are used as intended for the primary purpose of managing Teamleader data and do not exhibit suspicious behavior.
Audit Metadata