ClawHub

Paylocity

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Paylocity integration, but it gives an agent broad access to sensitive HR and payroll actions without enough approval boundaries.

Install only if you are comfortable connecting an agent to Paylocity through Membrane. Use the least-privileged Paylocity account available, avoid bulk retrieval unless necessary, and require manual approval before creating employees, changing tax or earning records, deleting payroll data, viewing highly sensitive payroll/direct-deposit details, or using raw proxy API requests.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The skill description is broad enough that an agent may invoke it for loosely related HR or payroll tasks without clear user intent confirmation. Because this skill can access and modify highly sensitive payroll and employee records, overbroad activation increases the chance of unintended data exposure or unauthorized changes.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill documentation does not warn that Paylocity contains highly sensitive HR, payroll, tax, and employee PII, nor does it instruct the agent to minimize access or confirm before changes. In this context, missing safety guidance materially raises the risk of privacy violations, excessive data retrieval, or accidental modification of employee records.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The proxy request feature allows arbitrary authenticated API requests, including writes and destructive operations, but the skill provides no warning or approval boundary around that capability. In a payroll/HR system, this could enable accidental or unauthorized changes to employee data, compensation, tax settings, or other sensitive records.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal