Google Search Console
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: google-search-console Version: 1.0.6 The skill provides a functional integration for Google Search Console via the Maton API proxy (api.maton.ai). It uses standard Python urllib calls to manage OAuth connections and query search analytics, and it includes explicit instructions for the AI agent to seek user approval before performing any write operations. The code and documentation are transparent about the use of a third-party proxy for managed OAuth, and no evidence of malicious intent, obfuscation, or unauthorized data exfiltration was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent can access Search Console data for the connected Google account when given the Maton key and OAuth connection.
The skill requires a Maton API key and uses managed OAuth to access the connected Google Search Console account, which is sensitive but aligned with the stated integration purpose.
Maton proxies requests to `www.googleapis.com` and automatically injects your OAuth token. ... Authorization: Bearer $MATON_API_KEY
Use only the intended Google account and connection, keep the Maton API key private, and revoke unused connections when finished.
Approved write or delete calls could change sitemap settings and affect how Google indexes the site.
The API reference includes mutating sitemap operations, but the artifact also instructs the agent to confirm write actions with the user first.
PUT /google-search-console/webmasters/v3/sites/{siteUrl}/sitemaps/{feedpath}
DELETE /google-search-console/webmasters/v3/sites/{siteUrl}/sitemaps/{feedpath}
...
**All write operations require explicit user approval.**Before approving any write or delete operation, verify the site URL, sitemap path, target account, and intended effect.
Search Console requests and responses are mediated by Maton, which users must trust to handle the OAuth connection and API data appropriately.
Requests are routed through Maton’s API gateway rather than directly to Google, so Search Console API traffic depends on that third-party service boundary.
Base URL
https://api.maton.ai/google-search-console/{native-api-path}
Maton proxies requests to `www.googleapis.com`Review Maton’s account, connection, and data-handling practices before connecting sensitive Search Console properties.