tink
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill guides the user to install the
@membranehq/clipackage from the official NPM registry. This package is the standard tool provided by the vendor to facilitate API interactions and secure authentication flows. - [CREDENTIALS_UNSAFE]: Security best practices are implemented by using a managed connection system. The instructions explicitly forbid asking users for raw API tokens or secrets, reducing the risk of credential exposure in logs or local environments.
- [COMMAND_EXECUTION]: The skill uses the Membrane CLI to execute actions and proxy requests to the Tink API. These commands are scoped to the authenticated user's session and are used for the primary purpose of the skill.
Audit Metadata