oracle-fusion-recruiting-cloud

SUSPICIOUS: the skill is broadly coherent with its stated Oracle Recruiting integration purpose and uses an official npm-distributed CLI, but it routes authentication and API traffic through Membrane as an intermediary rather than directly to Oracle. That third-party credential custody and proxying are disclosed and plausibly part of the product, so this is not confirmed malware, but it creates medium security risk and trust expansion beyond a direct Oracle integration.