Back to skill
Skillv1.0.0
ClawScan security
Google Search Console CLI · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousApr 7, 2026, 8:56 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions match a Google Search Console CLI tool, but its declared requirements omit the Google credentials and config paths the SKILL.md says are needed — an incoherence you should understand before installing.
- Guidance
- This SKILL.md documents a legitimate Google Search Console CLI, but the registry metadata fails to declare the credential/env requirements the tool needs (GOOGLE_APPLICATION_CREDENTIALS, gcloud ADC, or a credentials file). Before installing or invoking the skill: - Be aware the agent may attempt to read your Google credentials (env var or ~/.config path) to call the Search Console API. Only use a service account with minimal required permissions (prefer read-only where possible) and avoid re-using high-privilege credentials. - The tool can add/remove sites and submit/delete sitemaps (actions requiring Full permission). Don’t grant Full access unless you trust the caller and understand the impact. - Batch inspection reads a file/stdin you provide — ensure you don’t accidentally point it at sensitive files. - The skill suggests installing an npm package; verify the npm package source (owner, repository, and recent activity) before running `npm install -g`. The main issue here is metadata transparency (credentials/config paths are used but not declared). If you need higher assurance, ask the publisher to update metadata to list required env vars/config paths and provide a link to the CLI’s official homepage/repository before proceeding.
Review Dimensions
- Purpose & Capability
- noteThe name/description and the SKILL.md are coherent: they describe a CLI to query Search Console, manage sites/sitemaps, and run URL inspections. However, the registry metadata lists no required environment variables or config paths while the documentation explicitly depends on Google service account credentials and possible ADC via gcloud or a default credentials file. This mismatch is unexpected.
- Instruction Scope
- noteSKILL.md instructs the agent to run `google-search-console-cli` commands, possibly install the npm package, and use credentials resolved from --credentials, GOOGLE_APPLICATION_CREDENTIALS, ~/.config/google-search-console-cli/credentials.json, or gcloud ADC. It also documents batch inspection that reads a user-supplied file or stdin. These instructions are within the skill's purpose but they reference reading credentials and local files (e.g., ~/.config and user-provided URLs file), which are not declared in the metadata.
- Install Mechanism
- okNo install spec is embedded in the skill (instruction-only). The SKILL.md suggests installing via `npm install -g google-search-console-cli` if the CLI is missing. This is a standard, low-risk installation recommendation — no arbitrary downloads or embedded installers are present in the skill bundle itself.
- Credentials
- concernAlthough the skill metadata lists no required env vars or config paths, the runtime instructions require Google credentials (service account JSON or Application Default Credentials) and reference the GOOGLE_APPLICATION_CREDENTIALS env var and a default credentials file path. Not declaring these required credentials in metadata is a proportionality/information mismatch and reduces transparency about what secrets the agent will need access to.
- Persistence & Privilege
- okThe skill does not request persistent/always-on privileges and is user-invocable only. It does not declare any behavior that would modify other skills or system-wide agent settings.