employment-hero

SUSPICIOUS: The skill's overall purpose and capabilities are coherent, and the installer source is legitimate. The main risk is architectural: it requires a third-party Membrane CLI/service to mediate Employment Hero authentication and data access, including sensitive HR/payroll operations, and uses a mutable CLI version plus dynamic action creation. This is not confirmed malware, but it is a medium-risk integration because credentials and data are delegated through an intermediary rather than flowing directly to Employment Hero.