bamboohr-sdk-patterns

Provides production-ready patterns for integrating with the BambooHR API using TypeScript and Python, enhancing coding standards and reusability.

Install this skill

or

45/100

Security score

The bamboohr-sdk-patterns skill was audited on May 19, 2026 and we found 15 security issues across 2 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 73

Template literal with variable interpolation in command context

SourceSKILL.md

73	this.base = `https://api.bamboohr.com/api/gateway.php/${config.companyDomain}/v1`;

medium line 74

Template literal with variable interpolation in command context

SourceSKILL.md

74	this.auth = `Basic ${Buffer.from(`${config.apiKey}:x`).toString('base64')}`;

medium line 83

Template literal with variable interpolation in command context

SourceSKILL.md

83	const res = await fetch(`${this.base}${path}`, {

medium line 111

Template literal with variable interpolation in command context

SourceSKILL.md

111	return this.request<Record<string, string>>('GET', `/employees/${id}/?fields=${fields.join(',')}`);

medium line 123

Template literal with variable interpolation in command context

SourceSKILL.md

123	return this.request<void>('POST', `/employees/${id}/`, data);

medium line 137

Template literal with variable interpolation in command context

SourceSKILL.md

137	return this.request<any[]>('GET', `/time_off/requests/?${params}`);

medium line 142

Template literal with variable interpolation in command context

SourceSKILL.md

142	return this.request<any[]>('GET', `/employees/${employeeId}/tables/${table}`);

medium line 146

Template literal with variable interpolation in command context

SourceSKILL.md

146	return this.request<void>('POST', `/employees/${employeeId}/tables/${table}`, data);

medium line 157

Template literal with variable interpolation in command context

SourceSKILL.md

157	super(`BambooHR ${status}: ${message} [${path}]`);

medium line 193

Template literal with variable interpolation in command context

SourceSKILL.md

193	console.warn(`Retry ${attempt + 1}/${maxRetries} in ${delay.toFixed(0)}ms`);

low line 73

External URL reference

SourceSKILL.md

73	this.base = `https://api.bamboohr.com/api/gateway.php/${config.companyDomain}/v1`;

low line 263

External URL reference

SourceSKILL.md

263	self.base = f"https://api.bamboohr.com/api/gateway.php/{self.company_domain}/v1"

low line 306

External URL reference

SourceSKILL.md

306	- [BambooHR API Technical Overview](https://documentation.bamboohr.com/docs/api-details)

low line 307

External URL reference

SourceSKILL.md

307	- [BambooHR Field Names](https://documentation.bamboohr.com/docs/list-of-field-names)

low line 308

External URL reference

SourceSKILL.md

308	- [Zod Documentation](https://zod.dev/)

Scanned on May 19, 2026

View Security Dashboard

Installation guide →

GitHub Stars 2.2K

Rate this skill

Categoryhr

UpdatedJune 13, 2026

claude-code api backend hr-generalist business-development product-manager bamboohr hr sales product

jeremylongshore/claude-code-plugins-plus-skills