amplitude

This skill manifest documents a benign Amplitude integration that uses the Membrane CLI as a managed connector/proxy. There is no embedded malicious code, no instructions to harvest local credentials, and installs are via standard package channels (npm) and documentation pointing to GitHub. The primary security consideration is intentional: Melbrane (the service) will mediate API calls and manage credentials, so users must trust Membrane with their Amplitude data and tokens. If that third-party trust is acceptable, the skill appears safe. If direct control of credentials or avoidance of a third-party proxy is required, this approach is not appropriate.