ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Amplitude

v1.0.0

Amplitude product analytics — track events, analyze user behavior, run cohort analysis, manage user properties, and query funnel/retention data via the Ampli...

0· 642·3 current·3 all-time
by@aiwithabidi
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill claims to integrate with Amplitude and requires AMPLITUDE_API_KEY and AMPLITUDE_SECRET_KEY. The implementation only uses AMPLITUDE_API_KEY; AMPLITUDE_SECRET_KEY is declared but never read or used. Requesting a secret key that the code doesn't use is disproportionate and inconsistent with the stated purpose.
!
Instruction Scope
SKILL.md states 'never stores data locally' and that only the Amplitude API is contacted, but the CLI code will, if the AMPLITUDE_API_KEY env var is not set, try to read a .env file from a workspace path (WORKSPACE or ~/.openclaw/workspace/.env). That is file access outside the Amplitude API and may expose other local secrets if the .env contains them (the code only parses lines beginning with AMPLITUDE_API_KEY=, but reading local workspace files is scope creep relative to the documentation).
Install Mechanism
No install spec — instruction-only plus a Python script that relies on stdlib only. No external downloads or installers are declared, which is low-risk from an install-mechanism perspective.
!
Credentials
The skill requires two environment variables (AMPLITUDE_API_KEY and AMPLITUDE_SECRET_KEY). The code only reads AMPLITUDE_API_KEY (and will fall back to parsing a local .env for it). AMPLITUDE_SECRET_KEY is not used anywhere in the script, so requesting it is unnecessary and disproportionate. Additionally, the fallback to reading a workspace .env file can surface secrets stored there.
Persistence & Privilege
The skill does not request always:true, does not modify other skills or global agent configuration, and does not write persistent files. It only reads a workspace .env file as a fallback and otherwise sends requests to amplitude.com.
What to consider before installing
This skill mostly looks like an Amplitude CLI, but there are two issues to consider before installing: (1) the manifest asks for AMPLITUDE_SECRET_KEY even though the shipped script never uses it — ask the author why that secret is required or remove it. (2) if AMPLITUDE_API_KEY isn't in the environment, the script will read a .env file from your workspace (~/.openclaw/workspace/.env or a path from WORKSPACE). That means the skill will access local files for credentials; ensure that .env doesn't contain unrelated secrets and prefer setting AMPLITUDE_API_KEY explicitly in the agent's secret store. If you require stronger assurance, request the author to remove the unused secret requirement, remove the .env fallback, or allow you to review an updated version that only uses declared credentials and documents why any local file reads are necessary.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cn990wqywv605b061kz7whd81caak

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📉 Clawdis
EnvAMPLITUDE_API_KEY, AMPLITUDE_SECRET_KEY
Primary envAMPLITUDE_API_KEY

Comments