Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Google Search Console CLI
v1.0.0Google Search Console data analysis and site management via google-search-console-cli. Use when the user wants to check search performance, analyze queries,...
⭐ 0· 53·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description and the SKILL.md are coherent: they describe a CLI to query Search Console, manage sites/sitemaps, and run URL inspections. However, the registry metadata lists no required environment variables or config paths while the documentation explicitly depends on Google service account credentials and possible ADC via gcloud or a default credentials file. This mismatch is unexpected.
Instruction Scope
SKILL.md instructs the agent to run `google-search-console-cli` commands, possibly install the npm package, and use credentials resolved from --credentials, GOOGLE_APPLICATION_CREDENTIALS, ~/.config/google-search-console-cli/credentials.json, or gcloud ADC. It also documents batch inspection that reads a user-supplied file or stdin. These instructions are within the skill's purpose but they reference reading credentials and local files (e.g., ~/.config and user-provided URLs file), which are not declared in the metadata.
Install Mechanism
No install spec is embedded in the skill (instruction-only). The SKILL.md suggests installing via `npm install -g google-search-console-cli` if the CLI is missing. This is a standard, low-risk installation recommendation — no arbitrary downloads or embedded installers are present in the skill bundle itself.
Credentials
Although the skill metadata lists no required env vars or config paths, the runtime instructions require Google credentials (service account JSON or Application Default Credentials) and reference the GOOGLE_APPLICATION_CREDENTIALS env var and a default credentials file path. Not declaring these required credentials in metadata is a proportionality/information mismatch and reduces transparency about what secrets the agent will need access to.
Persistence & Privilege
The skill does not request persistent/always-on privileges and is user-invocable only. It does not declare any behavior that would modify other skills or system-wide agent settings.
What to consider before installing
This SKILL.md documents a legitimate Google Search Console CLI, but the registry metadata fails to declare the credential/env requirements the tool needs (GOOGLE_APPLICATION_CREDENTIALS, gcloud ADC, or a credentials file). Before installing or invoking the skill:
- Be aware the agent may attempt to read your Google credentials (env var or ~/.config path) to call the Search Console API. Only use a service account with minimal required permissions (prefer read-only where possible) and avoid re-using high-privilege credentials.
- The tool can add/remove sites and submit/delete sitemaps (actions requiring Full permission). Don’t grant Full access unless you trust the caller and understand the impact.
- Batch inspection reads a file/stdin you provide — ensure you don’t accidentally point it at sensitive files.
- The skill suggests installing an npm package; verify the npm package source (owner, repository, and recent activity) before running `npm install -g`.
The main issue here is metadata transparency (credentials/config paths are used but not declared). If you need higher assurance, ask the publisher to update metadata to list required env vars/config paths and provide a link to the CLI’s official homepage/repository before proceeding.Like a lobster shell, security has layers — review code before you run it.
latestvk971bw8mtpcne6wa720fg8c2t184c99y
License
MIT-0
Free to use, modify, and redistribute. No attribution required.