tideways
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the
@membranehq/clipackage from the NPM registry. This is the official command-line interface for the Membrane platform and originates from the skill's authoring vendor. - [COMMAND_EXECUTION]: The instructions guide the agent to perform various shell operations using the
membraneCLI, including authentication, connection management, and action execution. These operations are necessary for the skill's primary purpose of interacting with the Tideways API. - [DATA_EXFILTRATION]: While the skill interacts with performance monitoring data, it emphasizes a secure-by-design approach to credentials. It explicitly instructs the agent to never ask the user for API keys and instead uses server-side connection management, reducing the risk of local credential exposure.
- [INDIRECT_PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes external data from Tideways and accepts user-defined intent for action discovery.
- Ingestion points: JSON outputs from
membrane action runand search queries inmembrane action list(SKILL.md). - Boundary markers: None explicitly defined in the instructions.
- Capability inventory: The agent has the capability to execute shell commands via the Membrane CLI.
- Sanitization: No specific sanitization or validation steps are described for handling the external JSON output before further processing.
Audit Metadata