Personio Recruiting
WarnAudited by ClawScan on May 10, 2026.
Overview
This appears to be a legitimate Personio Recruiting integration, but it gives the agent broad authenticated API power over sensitive recruiting data without clear scope or confirmation guardrails in the provided artifact.
Review this skill before installing. It is aligned with Personio Recruiting, but because it can make authenticated direct API requests, use it only with a scoped account and require explicit confirmation before creating, updating, deleting, or bulk-processing recruiting records.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could read, change, or delete Personio Recruiting records if it selects or is instructed to use broad API requests.
The skill permits broad raw API calls, including write and delete methods, through an authenticated proxy rather than only through narrowly described actions.
When the available actions don't cover your use case, you can send requests directly to the Personio Recruiting API through Membrane's proxy... `-X, --method` | HTTP method (GET, POST, PUT, PATCH, DELETE).
Only install for agents you trust to operate on recruiting data, and require explicit user approval for POST, PUT, PATCH, or DELETE requests and for any bulk candidate or job-record changes.
The connected Membrane/Personio account determines what recruiting data the agent can access or modify.
The skill relies on delegated account authentication and credential refresh, which is expected for Personio access but gives the integration ongoing authority tied to the connected account.
Membrane handles authentication and credentials refresh automatically — so you can focus on the integration logic rather than auth plumbing.
Use the least-privileged Personio account or connection available, and confirm how to revoke the Membrane connection if the skill is no longer needed.
The behavior depends on the current npm package version installed at runtime, not just on this instruction-only skill file.
The skill asks the user to install a global CLI from npm using the latest version, so the executable code is not pinned in the reviewed artifact.
npm install -g @membranehq/cli@latest
Install the CLI from the official source, consider pinning a reviewed version, and avoid running the CLI with unnecessary system privileges.
Candidate and recruiting API data may transit the Membrane service as part of normal operation.
Requests and authentication flow through Membrane as an intermediary gateway, which is disclosed and purpose-aligned but important for sensitive recruiting data.
you can send requests directly to the Personio Recruiting API through Membrane's proxy. Membrane automatically appends the base URL to the path you provide and injects the correct authentication headers
Review Membrane's data handling terms and only send candidate or HR data that is necessary for the requested task.