Google Search Console
PassAudited by ClawScan on May 1, 2026.
Overview
This skill appears to be a coherent read-only Google Search Console helper, but users should protect the Google OAuth refresh token and setup output carefully.
This looks appropriate for read-only Search Console analysis. Before installing, make sure the OAuth token is limited to the Search Console read-only scope, run the auth setup only in a private local terminal, and avoid exposing the refresh token or client secret in chats, logs, or shared files.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone with the configured refresh token could read Search Console data within the granted Google permissions.
The skill authenticates with a Google OAuth refresh token to access Search Console, but the code constrains its requested scope to the read-only webmasters scope.
refresh_token = os.environ.get("GOOGLE_REFRESH_TOKEN") ... scopes=["https://www.googleapis.com/auth/webmasters.readonly"]Use a dedicated OAuth client/token with only the webmasters.readonly scope, store it as a protected secret, and revoke it if it is exposed.
If setup is run in a shared terminal, transcript, or logged agent session, the Google client secret and refresh token may be exposed.
The optional OAuth setup helper prints sensitive credential values to standard output so the user can copy them into an environment file.
print(f"GOOGLE_CLIENT_SECRET={client_secret}")
print(f"GOOGLE_REFRESH_TOKEN={creds.refresh_token}")Run the auth helper locally in a private terminal, avoid pasting the output into shared chats or logs, and place the values in a secure secret store or protected environment file.
Users may need to install dependencies manually, which depends on their local Python package source and versions.
The script depends on external Python packages that are not installed through a pinned install specification.
print(" pip install google-auth google-auth-oauthlib google-api-python-client")Install the Google client libraries from trusted package indexes, preferably with pinned versions in your own environment.