Amplitude Automation
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could change Amplitude analytics data or cohort membership if the user asks it to perform those workflows.
The skill documents tools that can write analytics events and change cohort membership. This is purpose-aligned for Amplitude automation, but these are account-mutating actions.
`AMPLITUDE_SEND_EVENTS` - Send one or more events to Amplitude ... `AMPLITUDE_UPDATE_COHORT_MEMBERSHIP` - Add/remove users from a cohort
Confirm the exact project, users, event payloads, and cohort changes before allowing write actions, especially for bulk updates.
The connected account determines what Amplitude data the agent can read or modify.
The skill requires an authenticated Amplitude connection through Rube. This is expected for the stated purpose, but it grants delegated account access.
Active Amplitude connection via `RUBE_MANAGE_CONNECTIONS` with toolkit `amplitude` ... follow the returned auth link to complete Amplitude authentication
Use the least-privileged Amplitude account or workspace available, and revoke the Rube connection when it is no longer needed.
Requests and relevant Amplitude task data may pass through Rube/Composio as part of tool execution.
The skill routes tool discovery and Amplitude actions through an external MCP service. This is disclosed and central to the skill, but it introduces a third-party data and permission boundary.
Add `https://rube.app/mcp` as an MCP server in your client configuration.
Only connect this MCP server if you trust the provider and understand what Amplitude permissions the connection grants.