amazon-eventbridge

SUSPICIOUS: The skill’s purpose and commands are internally coherent, and the CLI source is official npm/same-org. However, all EventBridge access and auth are brokered through Membrane rather than direct AWS APIs, so credentials and workflow data are entrusted to a third-party intermediary. This looks like a legitimate integration pattern with medium security risk, not confirmed malware.