Back to skill
Skillv1.0.12
ClawScan security
Test · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 16, 2026, 9:10 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's instructions and reference docs are internally consistent with an end-to-end GA4 + GTM tracking automation workflow, but it relies on an external Node/Playwright-based CLI and interactive Google OAuth (cached to the artifact directory), so you should verify the CLI source and take care with stored credentials before installing.
- Guidance
- This appears to be a coherent runbook for automating GA4 + GTM workflows, but before installing or running it: (1) ensure you have Node.js 18+, npm, and Playwright Chromium available as the SKILL.md requires, (2) confirm the provenance of the external CLI/package referenced (jtrackingai/analytics-tracking-automation) before running npx or npm build, (3) expect interactive Google OAuth during GTM sync — the tokens will be stored in an artifact-scoped credentials.json file (do not commit this file; treat it as sensitive), (4) selector validation uses a real browser and must run outside sandboxed environments, so run on a machine you trust, and (5) telemetry is optional and can be disabled with DO_NOT_TRACK=1 or EVENT_TRACKING_TELEMETRY=0. If you want higher assurance, ask the publisher for the CLI source code or an install package and inspect it before granting OAuth access or running installs.
Review Dimensions
- Purpose & Capability
- noteThe name/description (GA4 + GTM end-to-end workflow) matches the included runbook and references. The runbook expects a Node.js CLI (event-tracking), Playwright Chromium for selector checks, and interactive Google OAuth for GTM sync — all plausible and proportionate for this purpose. Minor mismatch: the bundle is instruction-only and does not include the CLI or an install spec; the SKILL.md instructs using npx or local npm build which is reasonable but means the skill expects external tooling to be present.
- Instruction Scope
- okRuntime instructions focus on crawling, schema generation, selector validation, GTM config generation, preview, and publish. They reference artifact files (site-analysis.json, event-schema.json, gtm-config.json, credentials.json) that are central to the workflow. The instructions do not ask the agent to read unrelated system files or exfiltrate data to unknown endpoints. They do require running Playwright outside sandboxed environments and performing interactive OAuth prompts.
- Install Mechanism
- noteNo install spec is bundled (instruction-only), which lowers supply-chain risk. However, the SKILL.md assumes you will run or install an external Node-based CLI (via npm build or npx skills add jtrackingai/analytics-tracking-automation). Verify the provenance of that external package before running npx or npm commands.
- Credentials
- noteThe skill declares no required environment variables. It documents optional telemetry flags (DO_NOT_TRACK, EVENT_TRACKING_TELEMETRY) and uses interactive Google OAuth during GTM sync; OAuth tokens are cached into an artifact-scoped credentials.json. Requesting OAuth and writing tokens to the artifact directory is proportionate to the stated GTM sync purpose but is sensitive — users should safeguard the artifact directory and avoid committing credentials.json.
- Persistence & Privilege
- okThe skill does not request always:true and is user-invocable. It does not request system-wide persistent modifications in the bundle. The only persistent artifact behavior noted is caching Google OAuth tokens inside the artifact directory (expected for GTM sync).