paycor

SUSPICIOUS: The skill's purpose and capabilities mostly align, and the CLI install path appears official and registry-based. The main concern is data-flow integrity: Paycor access is mediated by Membrane rather than direct official Paycor endpoints, so credentials and business data transit a third-party platform. This is not clearly malicious, but it introduces meaningful trust and privacy risk beyond a direct Paycor integration.