oysterhr

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill requires installing and running the Membrane CLI (e.g., "npm install -g @membranehq/cli" and "npx @membranehq/cli@latest"), which causes runtime fetching and execution of remote code from the npm registry (e.g., https://registry.npmjs.org/@membranehq/cli) and is a required dependency for the skill to operate.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). Yes. Although OysterHR is primarily an HR platform, the skill explicitly exposes payroll- and payment-related resources (e.g., "Payroll", "Expense Report", "Compensation Change Request") and documents how to run Membrane actions or proxy arbitrary requests to the OysterHR API. Membrane handles auth and lets the agent run actions (membrane action run) or forward proxied requests (membrane request) directly against OysterHR endpoints. That combination — explicit payroll/expense resources plus authenticated API action/proxy capability — gives the agent the ability to initiate or modify financial operations (payroll/expense payments), so it constitutes direct financial execution authority.