ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Langfuse Observability

v1.0.0

Provides automatic tracing, logging, cost tracking, and health monitoring for OpenClaw LLM calls, APIs, tool executions, and custom events.

0· 319·0 current·0 all-time
by@aiwithabidi
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill's name/description (Langfuse observability) matches the provided code (trace_llm, trace_api, trace_tool, etc.). However the registry metadata declares no required env vars or dependencies while the code relies on LANGFUSE_PUBLIC_KEY, LANGFUSE_SECRET_KEY, LANGFUSE_HOST and the Langfuse Python SDK. The defaults in code (http://langfuse-web:3000 and hard-coded keys) are baked in rather than declared, which is inconsistent and risky.
Instruction Scope
SKILL.md directs agents to import the bundled scripts and use tracing functions — that stays within the stated purpose. But the documentation does not mention the required langfuse SDK dependency or the critical environment variables, nor does it warn that traces may include prompts/completions (which can contain sensitive data) or that the endpoint/keys default to embedded values. The runtime instructions rely on network calls to LANGFUSE_HOST (configurable), which is expected for an observability tool but should be explicit.
Install Mechanism
This is an instruction-only skill with included Python scripts (no install spec). That is low-risk in terms of arbitrary network install, but it is incomplete: the package requires the Langfuse Python SDK (from 'from langfuse import Langfuse') which is not declared. Without installing that dependency the skill will fail. The absence of a declared install step for the SDK is a mismatch.
!
Credentials
The registry claims no required env vars, yet the code reads LANGFUSE_PUBLIC_KEY, LANGFUSE_SECRET_KEY, LANGFUSE_HOST, and LANGFUSE_USER_ID. Critically, default values include what appear to be hard-coded public and secret keys in the source. Hard-coded secrets in a skill are inappropriate: they may be stale, invalid, or (if valid) leak privileged credentials. Requesting endpoint and creds is expected for a tracing integration, but they must be declared and documented — this skill does not.
Persistence & Privilege
The skill does not request permanent 'always: true' presence, does not modify other skills, and does not contain an install that writes binaries to system paths. Its privilege model is the platform default (user-invocable and agent-invocable). Note: because the code can send data to LANGFUSE_HOST, autonomous invocation combined with misconfigured credentials/endpoints would increase blast radius — but autonomous invocation alone is normal.
What to consider before installing
What to consider before installing: - Missing dependency: The scripts require the Langfuse Python SDK (from langfuse import Langfuse) but the skill provides no install instructions. Ensure you install and vet the SDK version (v3.14.x) before enabling the skill. - Hard-coded credentials and defaults: The code contains default PUBLIC and SECRET keys and a default host (http://langfuse-web:3000). Treat these as suspicious; do not rely on them. If you intend to use the skill, supply your own LANGFUSE_PUBLIC_KEY, LANGFUSE_SECRET_KEY, and LANGFUSE_HOST via environment variables and remove/override any hard-coded secrets. If those embedded secrets are valid, they represent a credential leak. - Data exfiltration risk: The skill will send traces (prompts, completions, API/tool inputs/outputs, metadata) to LANGFUSE_HOST. Ensure that the target host is under your control (or trusted). Redact PII/sensitive contents before tracing, or disable tracing of sensitive fields, because traces may contain secrets or user data. - Operational testing: Run the skill in a sandboxed environment first (no network or pointing to a test Langfuse instance) to verify behavior and dependency requirements. - If you don't control the Langfuse endpoint or can't confirm the keys are safe, do not enable autonomous invocations. Review and remove hard-coded secrets and add explicit documentation of required env vars and dependency installation before production use. What would change this assessment: if the publisher updated the skill to (1) declare required environment variables and not embed secret defaults, (2) include or document a safe install step for the Langfuse SDK, and (3) clearly document what data is sent and how to redact it, the concerns would be resolved and the skill could be reclassified as benign.

Like a lobster shell, security has layers — review code before you run it.

latestvk971qwjkrysx5jw199zq86efcd829q4d
319downloads
0stars
1versions
Updated 8h ago
v1.0.0
MIT-0
@aiwithabidi
latest
Download

📡 Langfuse Observability

Complete Langfuse v3 observability toolkit for OpenClaw agents — automatic tracing for LLM calls, API calls, tool executions, and custom events. Cost tracking per model, session grouping, evaluation scoring, dashboard queries, and health monitoring. The central nervous system for agent observability.

Use for: logging, tracing, debugging, cost analysis, and audit trails.

Quick Start

import sys, os
sys.path.insert(0, os.path.expanduser("~/.openclaw/workspace/skills/langfuse-observability/scripts"))
from langfuse_hub import traced, trace_llm, trace_api, trace_tool, trace_event, flush

Scripts

ScriptPurpose
langfuse_hub.pyUniversal import — tracing functions, decorators, context managers
langfuse_admin.pyCLI for dashboard queries (traces, costs, sessions, health)
langfuse_cron.pyDaily observability report for Telegram

Instance

Credits

Built by M. Abidi | agxntsix.ai YouTube | GitHub Part of the AgxntSix Skill Suite for OpenClaw agents.

📅 Need observability for your AI agents? Book a free consultation

Comments

Loading comments...