posthog-analytics

SUSPICIOUS: the skill’s analytics capabilities mostly match its stated purpose, but trust and data-flow are weaker than necessary because PostHog access is routed through third-party `mcporter` code via `exec` instead of a clearly first-party client path. This is not confirmed malware, but it introduces meaningful supply-chain and credential/data-handling risk.