tick
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
@membranehq/clipackage from the official NPM registry. This is a legitimate command-line tool provided by the vendor to facilitate integration with their platform. - [COMMAND_EXECUTION]: The skill uses shell commands to interact with the Membrane platform, including logging in (
membrane login), connecting to services (membrane connect), and executing actions (membrane action run). These commands are standard operations for the tool's intended use case. - [DATA_EXFILTRATION]: The skill facilitates the movement of data between the agent and Tick. This is the primary function of the skill and is performed using authenticated connections managed by the vendor's infrastructure.
Audit Metadata