tonic

SUSPICIOUS: the skill is internally coherent as a Membrane-based Tonic integration, and the CLI install appears to come from the publisher's official npm package. However, it routes authentication and Tonic interactions through Membrane rather than direct Tonic APIs, creating a third-party credential/data trust dependency; combined with an unpinned global CLI install, this makes the skill medium risk rather than benign.