sage-payroll

SUSPICIOUS. The skill's purpose and capabilities mostly align, and the CLI install path appears to be official and same-vendor. The main risk is data-flow integrity: Sage Payroll access is mediated through Membrane's cloud proxy and connection system rather than going directly to Sage's official API, which is a meaningful third-party interception layer for sensitive payroll data. Not clearly malicious, but riskier than a direct official integration.