oracle-cloud-hcm

SUSPICIOUS: the skill is mostly coherent for Oracle Cloud HCM integration and uses an official npm-distributed CLI from the same vendor, so this is not strong malware evidence. However, all authentication and API traffic are brokered through Membrane rather than going directly to Oracle, which creates meaningful third-party credential and HR data exposure; combined with mutable @latest installs, this makes the skill medium risk.