Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Google Analytics CLI
v1.0.0Google Analytics 4 data analysis and reporting via google-analytics-cli. Use when the user wants to check GA4 traffic, run reports with dimensions and metric...
⭐ 0· 12·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md describes a GA4 read-only CLI (google-analytics-cli) and the documented commands match that purpose. However the registry metadata declares no required env vars or binaries, while the runtime instructions clearly rely on Google service account credentials, optional GA_PROPERTY_ID env var, and (implicitly) gcloud/Google SDK for ADC. The declared requirements do not fully match what the skill actually needs.
Instruction Scope
Instructions are explicit and limited to querying GA4 (accounts, properties, reports) and describe credential resolution order including a local credentials file (~/.config/google-analytics-cli/credentials.json) and GOOGLE_APPLICATION_CREDENTIALS. The instructions do not appear to instruct unrelated data collection, but they do direct the agent to read local credential paths and environment variables — behavior that should be expected for a GA CLI but should have been declared in metadata.
Install Mechanism
This is an instruction-only skill with no install spec or embedded code. It tells users to run `npm install -g google-analytics-cli` if the CLI is missing. That is a straightforward, common install approach; there is no packaged download URL or embedded installer in the skill itself.
Credentials
The SKILL.md expects access to Google credentials (service account JSON via --credentials, GOOGLE_APPLICATION_CREDENTIALS, ~/.config path, or gcloud ADC) and suggests using GA_PROPERTY_ID env var. The skill metadata lists no required credentials/env vars and no primary credential. This mismatch is important: the agent or user could inadvertently expose existing credentials (ADC or local credential files) without the registry indicating such access is needed.
Persistence & Privilege
The skill does not request elevated platform privileges; always is false and there is no install spec that writes persistent files. It does instruct use of local credential files, but it does not request persistent system-wide privileges or modify other skills.
Scan Findings in Context
[no_regex_matches] expected: The static scanner found nothing because this is an instruction-only skill (only SKILL.md present). Absence of matches is expected but not proof of safety — the runtime instructions themselves dictate credential access.
What to consider before installing
This skill appears to be a normal GA4 CLI guide, but metadata understates what it will access. Before installing or using it: 1) Verify the origin and package name on npm (check the official repo/maintainer) rather than blindly running `npm install -g`. 2) Use a least-privileged Google service account (Viewer-only) created specifically for this task. 3) Avoid running the skill in environments that already have sensitive Application Default Credentials loaded (CI runners, developer machines with broad cloud creds). 4) Be aware the skill will look for credentials in GOOGLE_APPLICATION_CREDENTIALS and ~/.config paths and may use gcloud ADC; treat those files as sensitive. 5) Ask the publisher to update registry metadata to declare required env vars (GOOGLE_APPLICATION_CREDENTIALS, GA_PROPERTY_ID) so automated checks can surface the credential requirement. If you cannot verify the package source or do not want to expose any Google credentials, do not install or run the CLI.Like a lobster shell, security has layers — review code before you run it.
latestvk972neay6wa23cw8kkyqjfjnvh84dsse
License
MIT-0
Free to use, modify, and redistribute. No attribution required.