peoplehr
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@membranehq/clipackage via NPM. This is a vendor-provided tool necessary for the skill's functionality and is hosted on a standard public registry. - [COMMAND_EXECUTION]: The skill utilizes several CLI commands (e.g.,
membrane login,membrane connect,membrane action run) to interact with the PeopleHR API. These commands are documented as part of the intended workflow for managing HR data through the Membrane platform. - [DATA_EXFILTRATION]: No unauthorized data transfer was detected. The skill specifically highlights security best practices by leveraging Membrane's server-side authentication, which prevents the exposure of API keys or tokens within the local environment or agent logs.
Audit Metadata