Skills
skills/tribal-memory/skills/installing-tribal/Gen Agent Trust Hub

installing-tribal

Pass

Audited by Gen Agent Trust Hub on May 26, 2026

Risk Level: SAFE
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill provides a shell installer script from the vendor's official GitHub repository to set up the 'tribal' binary. This is a standard and disclosed installation procedure.
  • [EXTERNAL_DOWNLOADS]: Fetches project configurations, release versioning, and Docker Compose templates from the vendor's official GitHub repository (tribal-memory/tribal).
  • [COMMAND_EXECUTION]: Executes documented CLI commands using brew, docker, and jq, along with the vendor's binary to manage setup, diagnostics, and MCP configuration.
  • [DATA_EXFILTRATION]: Contains instructions for handling sensitive API keys (OpenAI, Anthropic) and bearer tokens. This activity is governed by a strict consent protocol detailed in references/consent.md, which requires the agent to obtain explicit user permission before reading or writing any files containing secrets or credentials.
Audit Metadata
Risk Level
SAFE
Analyzed
May 26, 2026, 03:08 PM
Security Audit — agent-trust-hub — installing-tribal