icims

SUSPICIOUS: The skill’s capabilities broadly match its stated iCIMS integration purpose, and the CLI install path appears to be the vendor’s official npm distribution. The main risk is architectural: iCIMS authentication and API traffic are mediated by Membrane, a third-party platform, so enterprise data and credentials flow through an intermediary rather than directly to official iCIMS endpoints. That is disclosed and plausibly legitimate, but it increases trust and data-handling risk compared with a direct integration.