hr-automation

The HR automation skill presents a coherent, purpose-aligned footprint: it automates recruiting, onboarding, time-off, performance reviews, and offboarding using established HR systems via documented workflow templates. The data flows and integrations are proportionate to its purpose, and there are no explicit download/executable payloads or unverifiable binaries. However, the description omits concrete credential management practices (how API keys/tokens are stored and rotated), detailed access controls, and data-minimization/privacy considerations for PII. The risk surface is moderate due to handling of sensitive HR data and privilege-provisioning steps; no external files or suspicious installations are evident. To improve, add explicit security controls (least-privilege scopes, vault-assisted credential management, audit logging, data retention policies) and concrete error/retry handling for API calls.