Amplitude Automation
v0.1.0Automate Amplitude tasks via Rube MCP (Composio): events, user activity, cohorts, user identification. Always search tools first for current schemas.
⭐ 1· 1.5k·2 current·2 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description promise (automating Amplitude via Rube MCP) matches the runtime instructions: all actions are framed as calls to Rube MCP (RUBE_SEARCH_TOOLS, RUBE_MANAGE_CONNECTIONS, AMPLITUDE_*) and no unrelated binaries, env vars, or system access are requested.
Instruction Scope
Instructions restrict activity to Rube MCP tool calls and Amplitude toolkit operations and repeatedly instruct to call RUBE_SEARCH_TOOLS first. They also tell the user/agent to add https://rube.app/mcp as an MCP server and to follow an auth link from RUBE_MANAGE_CONNECTIONS to authenticate Amplitude — this is expected for a delegated-tool workflow but does require trusting the external MCP server and any scopes requested during the Amplitude auth flow.
Install Mechanism
No install spec and no code files — the skill is instruction-only, which minimizes on-disk or supply-chain risk.
Credentials
The skill declares no required environment variables, no primary credential, and no config paths. The SKILL.md describes using Rube-managed connections rather than requesting direct Amplitude API keys, which is proportionate to the stated purpose.
Persistence & Privilege
always is false and there is no instruction to modify other skills or system-wide config. disable-model-invocation is false (normal), so the agent could invoke the skill autonomously if allowed by the platform, but the skill itself does not request elevated persistence.
Assessment
This skill appears coherent and delegates all work to Rube MCP. Before installing: (1) Verify you trust the MCP server (https://rube.app/mcp) and the organization providing it, (2) review the Rube tool definitions and the exact OAuth scopes/permissions that will be requested when you follow the Amplitude auth link, (3) prefer connecting via the platform's approved tool registry rather than adding unknown endpoints if possible, and (4) if you do not want the agent to act without your approval, keep autonomous invocation disabled at the agent/platform level. If you need more assurance, ask the skill author for the tool schema or a link to official Rube/Composio documentation. Like a lobster shell, security has layers — review code before you run it.
latestvk978hzkk05ea2kt0kw19skbgvh80m7qs
License
MIT-0
Free to use, modify, and redistribute. No attribution required.