amazon-location-service

SUSPICIOUS: the skill’s stated purpose is coherent, and the Membrane CLI install path appears official, so this is not strong evidence of malware. However, the actual integration routes Amazon Location authentication and API traffic through Membrane rather than directly to AWS, which expands data exposure and trust in a third-party intermediary; combined with unpinned `@latest` execution, this makes the skill medium risk rather than benign.