Workday Automation

[Skill Scanner] Natural language instruction to download and install from URL detected This toolkit description enables legitimate Workday automation but depends on a third-party MCP broker (https://rube.app/mcp) to handle authentication and API calls. The file itself contains no implementation code or obvious malware; the primary risk is supply-chain/trust: the MCP can access OAuth tokens, PII, and trigger Workday business processes. Hard-coded action IDs and lack of visibility into token/log handling increase the operational risk. Treat this as a security alert requiring trust/audit of the broker before use rather than direct evidence of malware. LLM verification: The skill's declared purpose and tools are consistent with Workday automation, but it instructs users to route authentication and API calls through a third-party MCP server (https://rube.app/mcp) without documenting the trust, token handling, or exact endpoints. This creates a significant supply-chain risk: credentials and HR data could be proxied, logged, or misused by that external operator. No explicit hardcoded secrets or obfuscated code are present in the provided markdown, but the opaque d