Agnost AI Analytics
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent documentation-only analytics integration skill, but installing it means you may send conversation, tool, and user metadata to Agnost AI.
This skill appears safe as documentation, but before using its examples in an app, decide exactly what conversation text, tool data, user traits, and identifiers may be sent to Agnost AI, and configure redaction or input/output disabling where needed.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If implemented as shown, user prompts, AI responses, MCP tool arguments/results, and user metadata may be sent to Agnost AI.
The direct API documentation shows that analytics events are posted to an external Agnost endpoint and can include user metadata plus tool or interaction inputs and outputs.
Base URL: https://api.agnost.ai/api/v1 ... "user_data" ... "args" ... "result"
Only track data users expect to be shared; redact secrets and sensitive personal data, and use disableInput/disableOutput or equivalent filtering for sensitive MCP tools.
Anyone configuring this integration needs to provide account-specific Agnost organization information that authorizes event ingestion.
The integration requires an organization identifier/write context to submit analytics events to an Agnost account, which is expected but should still be handled carefully.
All requests require the `X-Org-Id` header with your organization ID.
Treat the organization ID or write key as account configuration, avoid hardcoding it in public code, and scope access to the intended Agnost workspace.
Installing the SDKs will bring third-party package code into the user's application environment.
The documentation recommends installing external SDK packages; this is central to the skill's purpose, but the examples do not pin versions.
`pip install agnost` ... `pip install agnost-mcp`
Verify package names and publishers, pin versions in production, and review dependency changes through normal software supply-chain controls.