Skills
skills/apideck-libraries/api-skills/sesamehr/Socket

sesamehr

Warn

Audited by Socket on Apr 27, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS. The skill is internally consistent and uses official Apideck infrastructure, so it is not malicious or a supply-chain lure. However, it deliberately routes Sesame HR credentials and API traffic through Apideck as a third-party proxy/Vault, which is a real medium security risk and should only be used when that intermediary trust model is explicitly acceptable.

Confidence: 91%Severity: 56%
Audit Metadata
Analyzed At
Apr 27, 2026, 11:28 AM
Package URL
pkg:socket/skills-sh/apideck-libraries%2Fapi-skills%2Fsesamehr%2F@a77371c227b5d40ed07c8f63283446e6a7af238c