This appears to be a real NaviOffice integration, but it needs review because it can use an API token to read and change sensitive business data and includes an unrestricted raw API request path.
Install only if you trust the publisher and can provide a least-privilege NaviOffice token. Avoid production admin tokens, do not enable custom domains unless you control the endpoint, and do not use the raw command with full URLs because it can send the API token outside the official service. Users should confirm every write operation involving HR, finance, sales, contracts, purchasing, or inventory before execution.