Agent Analytics
Security checks across malware telemetry and agentic risk
Overview
This appears to be a coherent analytics skill, but using it means trusting an external Agent Analytics CLI with account access, tracking setup, stored auth, context updates, and possible paid-upgrade handoffs.
Use this skill only if you trust Agent Analytics and its npm CLI. Authorize the correct account, keep `.openclaw/agent-analytics/config.json` private and gitignored, review any tracking code before deploying it, avoid storing PII or secrets in project context, and personally approve any paid upgrade.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The local agent will run code from the Agent Analytics npm package, so the user must trust that package and its publisher.
The skill relies on executing an external npm CLI package that is pinned by version, but the package code is not included in the provided artifacts for review.
For live Agent Analytics work, use `npx --yes @agent-analytics/cli@0.5.33 <command>`.
Use only if you trust the Agent Analytics CLI package and repository, keep the pinned version, and run it in a workspace where you are comfortable granting analytics-account access.
After authorization, the agent can use the CLI session to read or manage Agent Analytics projects within the authorized account until the session is removed or revoked.
The skill uses browser-approved CLI authentication and stores a persistent session file for later analytics access.
Default to browser approval... Do not ask for raw API keys or secrets... use persistent auth storage... Never commit `.openclaw/agent-analytics/config.json`.
Authorize only the intended account, keep the config path out of git, remove or revoke the session when finished, and avoid sharing the workspace containing the auth file.
Adding tracking affects what product-user behavior is collected and may have privacy, compliance, or customer-disclosure implications.
The skill can lead an agent to modify product instrumentation so usage events are collected by the analytics service; the artifact frames this as consent-based and ownership-limited.
Install only for projects the user owns or manages... Add the exact tracking snippet returned for that project.
Review any tracking snippet or code change before deployment, confirm user consent/privacy requirements, and instrument only properties you control.
The agent may show a billing upgrade link when a requested answer is blocked by plan limits.
The skill includes a paid-tier handoff flow. It does not instruct the agent to complete payment, but it can generate and present an upgrade/payment path.
Run... `upgrade-link --detached --reason "<why Pro is needed>" --command "<blocked command>"`... It confirms the same account as the CLI, shows the blocked command and reason, and opens payment.
Confirm the account, price, and need for the paid feature yourself before approving any upgrade.
Incorrect or sensitive saved context could steer future recommendations or expose product strategy unnecessarily.
The skill uses persistent project context that can influence future analytics work, while also giving scoping and data-minimization instructions.
Read context before project-specific analysis. Write context only when durable product truth changed... Skip... PII or secrets... `context set` replaces context; read first, merge carefully.
Review context updates, keep them compact and factual, and do not store secrets, PII, or temporary reports.