ClawHub
Back to skill
v1.0.0

Umami Stats

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:27 AM.

Analysis

This appears to be a read-only Umami analytics helper, but it does use an Umami API key and can query any read endpoint the key is allowed to access.

GuidanceThis skill looks safe for its stated read-only analytics purpose. Before installing, make sure you are comfortable giving the agent access to Umami data through UMAMI_API_KEY, use the narrowest API key available, and keep the configured base URL restricted to your trusted Umami Cloud or self-hosted instance.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
scripts/umami_query.py
parser.add_argument("--endpoint", required=True ...); parser.add_argument("--base-url", default=os.getenv("UMAMI_BASE_URL", DEFAULT_BASE_URL))

The script is a flexible GET helper that accepts arbitrary endpoint paths and a configurable base URL. That flexibility is purpose-aligned for Umami Cloud and self-hosted deployments, but it should be used only with trusted Umami endpoints because authentication headers are attached to the request.

User impactA mistaken or untrusted base URL could receive the Umami API key, and broad endpoints could expose more account data than intended.
RecommendationSet UMAMI_BASE_URL only to a trusted Umami Cloud or self-hosted instance and prefer known analytics endpoints with explicit time ranges.
Agentic Supply Chain Vulnerabilities
SeverityInfoConfidenceHighStatusNote
metadata
Required env vars: none ... Primary credential: none

The registry metadata does not declare a credential requirement even though SKILL.md documents UMAMI_API_KEY as required. This is an under-declaration rather than hidden behavior, because the skill text and code disclose the API key use.

User impactA user relying only on registry metadata might miss that the skill needs an Umami API key.
RecommendationTreat UMAMI_API_KEY as a required credential for use and review the included script before providing it.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusNote
scripts/umami_query.py
parser.add_argument("--api-key", default=os.getenv("UMAMI_API_KEY")) ... "x-umami-api-key": args.api_key

The helper authenticates with an Umami API key from the environment or command line and sends it as the service authentication header. This is expected for the skill, but the key's permissions determine what analytics, website, team, user, or admin read data can be accessed.

User impactInstalling and using the skill gives the agent a way to read Umami data available to the configured API key.
RecommendationUse a least-privilege Umami API key where possible, keep it in the environment rather than typing it into prompts, and avoid using admin-scoped keys unless needed.