peopleforce

SUSPICIOUS: The skill is largely coherent for a Membrane-based Peopleforce integration, and the install path uses a legitimate npm package rather than an opaque binary. The main risk is architectural: HRIS credentials and data are routed through Membrane's third-party platform and proxy instead of directly to Peopleforce, plus the docs encourage unpinned `@latest` CLI execution. This is not clearly malicious, but it carries meaningful trust and data-handling risk for sensitive employee records.