Hibob
Security checks across malware telemetry and agentic risk
Overview
This is a legitimate-looking HiBob integration, but it can run high-impact HR actions like creating, updating, terminating employees, or deleting time-off requests without the provided instructions showing clear confirmation or scope limits.
Only install and use this skill with a least-privilege HiBob account. Before allowing it to run any action that creates, updates, deletes, terminates, or changes HR records, require the agent to show the exact action, target employee or record, and parameters, then get explicit confirmation.
VirusTotal
63/63 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could make serious HR changes, such as terminating an employee or deleting time-off data, if invoked with the necessary account privileges.
The documented workflow allows running broad HiBob actions, including destructive or business-critical HR operations. The provided instructions do not show a requirement for explicit user confirmation, scoping, dry-run, or rollback before such actions.
"Delete Time Off Request | delete-time-off-request | Cancel/delete an existing time off request." ... "Terminate Employee | terminate-employee | Terminate a company employee." ... "membrane action run <actionId> --connectionId=CONNECTION_ID --json"
Require explicit user confirmation for any create, update, delete, termination, payroll, benefit, or time-off mutation; show the exact target record and proposed change before running the action.
The skill may be able to access or change whatever HiBob data the authenticated account can access or change.
The skill requires delegated authentication through Membrane and relies on credential refresh. This is expected for a HiBob integration, but it grants account-level access depending on the connected user's permissions.
"Membrane handles authentication and credentials refresh automatically" and "membrane login --tenant --clientName=<agentType>"
Connect only an account with the minimum HiBob permissions needed, and review Membrane/HiBob connection scopes and revocation options.
A future CLI version could behave differently from the version reviewed here.
The setup uses a global npm installation from the latest package version. This is central to the Membrane workflow, but unpinned global installs can change behavior over time.
"npm install -g @membranehq/cli@latest"
Prefer a pinned CLI version where possible and install it in a controlled environment.
Employee, task, time-off, and other HR data may pass through the Membrane integration path.
The integration routes HiBob interaction through Membrane, a third-party service/CLI layer. This is disclosed and purpose-aligned, but HRIS data is sensitive and the provided text does not detail data retention or boundary guarantees.
"This skill uses the Membrane CLI to interact with HiBob" and "Membrane handles authentication and credentials refresh automatically"
Review Membrane's data handling, retention, and access policies before connecting production HiBob data.