amplitude

SUSPICIOUS: the skill’s stated purpose is coherent, and the CLI install path is from an official registry, but all authentication and Amplitude operations are routed through Membrane rather than official Amplitude APIs. That intermediary credential/data flow raises medium security risk without enough evidence to call it malicious.