Skip to main content

bamboohr-upgrade-migration

Facilitates the migration of BambooHR API with breaking change detection, ensuring smooth transitions to updated endpoints.

Install this skill

or
59/100

Security score

The bamboohr-upgrade-migration skill was audited on May 19, 2026 and we found 17 security issues across 4 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 58

Template literal with variable interpolation in command context

SourceSKILL.md
58const LEGACY = `https://api.bamboohr.com/api/gateway.php/${domain}/v1`;
medium line 61

Template literal with variable interpolation in command context

SourceSKILL.md
61const MODERN = `https://${domain}.bamboohr.com/api/v1`;
medium line 71

Template literal with variable interpolation in command context

SourceSKILL.md
71const xmlRes = await fetch(`${BASE}/employees/directory`, {
medium line 77

Template literal with variable interpolation in command context

SourceSKILL.md
77const jsonRes = await fetch(`${BASE}/employees/directory`, {
medium line 122

Template literal with variable interpolation in command context

SourceSKILL.md
122console.warn(`Deprecated field '${oldField}' — use '${replacement}' instead`);
medium line 196

Template literal with variable interpolation in command context

SourceSKILL.md
196```bash
low line 176

Webhook reference - potential data exfiltration

SourceSKILL.md
176enableNewWebhookFormat: boolean;
low line 182

Webhook reference - potential data exfiltration

SourceSKILL.md
182enableNewWebhookFormat: false, // Testing in staging
low line 180

Access to .env file

SourceSKILL.md
180useNewEndpoint: process.env.BAMBOOHR_USE_NEW_ENDPOINT === 'true',
low line 45

External URL reference

SourceSKILL.md
45echo " Past changes: https://documentation.bamboohr.com/docs/past-changes-to-the-api"
low line 46

External URL reference

SourceSKILL.md
46echo " Planned changes: https://documentation.bamboohr.com/docs/planned-changes-to-the-api"
low line 47

External URL reference

SourceSKILL.md
47echo " Status page: https://status.bamboohr.com"
low line 58

External URL reference

SourceSKILL.md
58const LEGACY = `https://api.bamboohr.com/api/gateway.php/${domain}/v1`;
low line 61

External URL reference

SourceSKILL.md
61const MODERN = `https://${domain}.bamboohr.com/api/v1`;
low line 233

External URL reference

SourceSKILL.md
233- [BambooHR Past API Changes](https://documentation.bamboohr.com/docs/past-changes-to-the-api)
low line 234

External URL reference

SourceSKILL.md
234- [BambooHR Planned API Changes](https://documentation.bamboohr.com/docs/planned-changes-to-the-api)
low line 235

External URL reference

SourceSKILL.md
235- [BambooHR Field Names](https://documentation.bamboohr.com/docs/list-of-field-names)
Scanned on May 19, 2026
View Security Dashboard
Installation guide →
GitHub Stars 2.2K
Rate this skill
Categoryhr
UpdatedJune 10, 2026
claude-codeapihr-generalisthr-analystbusiness-process-analysthroperations
jeremylongshore/claude-code-plugins-plus-skills