bamboohr-performance-tuning
Enhances BambooHR API performance through caching, batch reporting, and incremental sync for improved efficiency.
Install this skill
Security score
The bamboohr-performance-tuning skill was audited on May 19, 2026 and we found 13 security issues across 4 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
Template literal with variable interpolation in command context
| 81 | }>('GET', `/employees/changed/?since=${lastSync}`); |
Template literal with variable interpolation in command context
| 84 | console.log(`${changedIds.length} employees changed since ${lastSync}`); |
Template literal with variable interpolation in command context
| 118 | 'GET', `/employees/changed/tables/jobInfo?since=${lastSync}`, |
Template literal with variable interpolation in command context
| 141 | console.log(`Cache hit: ${key}`); |
Template literal with variable interpolation in command context
| 159 | `employee:${id}`, |
Template literal with variable interpolation in command context
| 177 | const cached = await redis.get(`bamboohr:${key}`); |
Template literal with variable interpolation in command context
| 181 | await redis.setex(`bamboohr:${key}`, ttlSec, JSON.stringify(result)); |
Template literal with variable interpolation in command context
| 187 | await redis.del(`bamboohr:employee:${employeeId}`); |
Template literal with variable interpolation in command context
| 224 | return ids.map(id => byId.get(id) || new Error(`Employee ${id} not found`)); |
Webhook reference - potential data exfiltration
| 185 | // Invalidate on webhook |
Webhook reference - potential data exfiltration
| 301 | | Stale data | Cache TTL too long | Invalidate on webhook events | |
Access to .env file
| 170 | const redis = new Redis(process.env.REDIS_URL); |
External URL reference
| 307 | - [BambooHR API Technical Overview](https://documentation.bamboohr.com/docs/api-details) |