jobscore

SUSPICIOUS. The skill's core behavior is mostly coherent for a Membrane connector, and the CLI install path is legitimate, but all JobScore traffic and credentials are mediated by Membrane rather than direct official API use, and the JobScore/iCIMS documentation mismatch undermines trust. This looks more like a high-trust third-party integration wrapper than malware, with medium security risk driven by intermediary data flow and documentation inconsistency.