tines
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the NPM registry. This is the official command-line interface provided by the vendor (Membrane) to interact with their services and is required for the skill to function. - [CREDENTIALS_UNSAFE]: The skill implements secure credential management by instructing the agent to never ask the user for API keys or tokens. Instead, it uses the
membrane connectflow, which handles OAuth and token lifecycle management server-side. - [COMMAND_EXECUTION]: The skill utilizes several CLI commands (e.g.,
membrane action list,membrane action run) to interact with Tines. These commands are part of the standard operating procedure for the Membrane integration and do not involve arbitrary or dangerous command execution. - [DATA_EXFILTRATION]: No patterns of unauthorized data exfiltration were detected. The skill's network operations are restricted to the official CLI's communication with the Tines and Membrane APIs.
Audit Metadata