ClawHub

Check Analytics

v0.1.0

Audit existing Google Analytics implementation. Checks for common issues, missing configurations, and optimization opportunities.

1· 3.6k·15 current·15 all-time
by@jeftekhari
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match the instructions: the SKILL.md describes searching a codebase for Google Analytics/GTM/third-party analytics patterns and producing an audit report. It does not request unrelated binaries, credentials, or config paths.
Instruction Scope
Instructions are scoped to locating analytics integrations and producing a report. They imply reading project files (searching for patterns like 'gtag', 'GTM-', etc.), which is appropriate for this audit task. The guidance is somewhat high-level (no exact file-glob commands or paths), so the agent will have discretion about how broadly to scan the repository; that is expected for an audit but worth noting.
Install Mechanism
No install spec and no code files — instruction-only. Nothing will be downloaded or written by the skill itself.
Credentials
The skill declares no environment variables, credentials, or config paths. The checks described (IDs, debug flags, async loading, consent mode, etc.) don't require secrets or external credentials, so no disproportionate access is requested.
Persistence & Privilege
always is false and the skill is user-invocable. The skill does not request permanent presence or modify other skills or system settings.
Assessment
This skill is instruction-only and appears internally consistent for auditing analytics code. Before installing or running it: (1) be aware the audit requires reading your project files — run it against a non-sensitive or sanitized copy if you have private data; (2) the SKILL.md is high-level about where to search, so review the agent's reported file paths and results for false positives; (3) the skill does not request network exfiltration or credentials, but the agent runtime may have network access — do not allow the agent to send sensitive findings outside your environment unless you trust the destination; (4) note it recommends redacting measurement IDs (good practice) — verify redaction is actually applied in any exported reports.

Like a lobster shell, security has layers — review code before you run it.

latestvk9796mjxdwjkzgg1d9pffcmebs80d0a7

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments