yandex-metrika-assistant

Security checks across malware telemetry and agentic risk

Overview

This documentation-only Yandex Metrika helper appears purpose-aligned, but it should be reviewed because it encourages powerful OAuth access and includes unsafe credential examples.

Review before installing. Use your own Yandex OAuth app, prefer metrika:read for reporting, add write/import scopes only when you intend to modify counters or upload data, store tokens only in OpenClaw secrets or environment variables, never send tokens or passwords over Telegram/private messages, and require explicit confirmation before POST/PUT/DELETE, access grants, imports, or log cleanup.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Intent-Code Divergence

Medium

Confidence: 94% confidence
Finding: The documentation shows a full OAuth bearer token string in an HTTP example, and it is formatted like an actual credential rather than an obviously fake placeholder. In an auth-focused skill, readers may copy, reuse, or accidentally trust exposed-looking secrets, and if the token is real or was ever valid, it could enable unauthorized access to Yandex Metrika data or management APIs.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal