Employment Hero
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This Employment Hero skill is coherent, but it can connect through Membrane to access and change sensitive HR and payroll-related records without visible write-approval guardrails.
Before installing, confirm you trust Membrane and the Membrane CLI, connect only a least-privileged Employment Hero account, and require manual approval for any action that creates, updates, or exposes employee, payroll, bank-account, document, or benefits data.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked too broadly or on an ambiguous request, the agent could expose employee financial/personal information or make unintended changes to Employment Hero records.
The listed actions include sensitive HR/payroll data access and employee-record mutations, while the visible instructions do not define approval, scoping, or rollback requirements before using write actions.
Get Employee Bank Accounts ... Retrieves an employee's bank accounts ... Update Personal Details ... Updates an employee's personal details ... Quick Add Employee ... Creates a new employee
Use a least-privileged Employment Hero account and require explicit user confirmation before any create, update, payroll, benefits, document, or bank-account-related action.
The connected account's Employment Hero permissions determine what employee and payroll-related data the agent can read or modify.
The skill requires delegated login through Membrane so the agent can interact with Employment Hero. This is expected for the integration, but it grants account-level authority.
membrane login --tenant --clientName=<agentType>
Connect only an account with the minimum required Employment Hero permissions and review/revoke the Membrane connection when no longer needed.
Installing an unpinned global CLI means the reviewed skill text does not fully represent all code that will run on the user's machine.
The setup asks the user to install the latest global Membrane CLI from npm. That is central to the skill, but the exact package version is not pinned and its code is outside the provided artifacts.
npm install -g @membranehq/cli@latest
Install the CLI only from the trusted npm package, consider pinning a known version, and keep it updated according to Membrane's guidance.
Employee records and authentication flows may be processed through Membrane rather than only directly between the user and Employment Hero.
Employment Hero actions and authentication are mediated by the Membrane service/CLI. This is disclosed and purpose-aligned, but it is a third-party gateway for sensitive HR data.
This skill uses the Membrane CLI to interact with Employment Hero. Membrane handles authentication and credentials refresh automatically
Review Membrane's security, privacy, retention, and permission model before connecting production HR or payroll data.