Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/bamboohr-ci-integration/Gen Agent Trust Hub

bamboohr-ci-integration

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No security vulnerabilities or malicious patterns were identified in the skill.
  • [DATA_EXFILTRATION]: The skill configures network requests to api.bamboohr.com. This is the official API for BambooHR and the usage is limited to integration tests and status checks, which is consistent with the skill's functionality.
  • [CREDENTIALS_UNSAFE]: Sensitive information such as API keys are managed through GitHub Secrets. The skill provides template commands for users to set these secrets themselves, ensuring no credentials are hardcoded.
  • [EXTERNAL_DOWNLOADS]: The GitHub Actions workflows download and use official components from the GitHub actions organization, which are well-known and trusted for CI/CD processes.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 11:49 PM
Security Audit — agent-trust-hub — bamboohr-ci-integration