ukg-pro-workforce-management

SUSPICIOUS: The skill's core capability matches its stated UKG integration purpose, and the CLI install path appears vendor-consistent and registry-based rather than an obvious malware lure. However, the integration is materially mediated by Membrane: authentication, credential refresh, actions, and raw API proxying all flow through a third-party service instead of directly to official UKG endpoints, which increases trust and data-exposure risk beyond a normal direct connector.