namely

SUSPICIOUS: The skill's capabilities broadly match its Namely integration purpose, and the CLI install path is from an official npm package. The main risk is data-flow integrity: Namely authentication and HR data are routed through Membrane as a third-party gateway/proxy, which is disproportionate for users expecting direct official API interaction and raises credential/data handling concerns even though the behavior is disclosed.