ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

google analytics and search improve

v1.0.2

Analyze website data via Google Search Console API and GA4 Data API, audit live site with browser automation, review project source code, and generate data-d...

0· 210·0 current·0 all-time
byMorvan@morvanzhou
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's stated purpose (GSC/GA4 analysis, live site audits, source-code review) is consistent with the included Python scripts for GA4/GSC queries and site audits. However, registry metadata declared no required environment variables or primary credential while the SKILL.md and scripts clearly expect Google auth (GOOGLE_APPLICATION_CREDENTIALS, GA4_PROPERTY_ID, GSC_SITE_URL, SITE_URL). The README also promises browser automation, but the bundled scripts (requests-based Python tools) do not include Playwright/Selenium or other browser automation code — mismatch between described capabilities and provided code.
!
Instruction Scope
Runtime instructions direct the agent to create a project-local .skills-data directory, write and auto-load a .env that contains an absolute path to a Google Service Account JSON key, and optionally process SOURCE_CODE_PATH for a source code review. The scripts traverse parent directories to locate that .env and will load local credentials and possibly inspect a user-provided source directory. Those file reads are within the claimed purpose but are sensitive (local key file path, optional source code). There are no instructions or code that exfiltrate data to unknown remote endpoints in the provided snippets.
Install Mechanism
This is an instruction-only skill with bundled Python scripts; installation is just creating a venv and running pip install -r scripts/requirements.txt (google-api libraries, python-dotenv, requests). Using pip and standard google libraries is expected for this functionality; there are no download-from-URL or extract steps in the spec, so install risk is moderate and typical for API clients.
!
Credentials
The SKILL.md and scripts require sensitive configuration: GOOGLE_APPLICATION_CREDENTIALS (absolute path to a Service Account JSON key), GA4_PROPERTY_ID, GSC_SITE_URL and SITE_URL, and optionally SOURCE_CODE_PATH and PSI_API_KEY. Those are proportional to the declared tasks, but the registry metadata omitted them, which is an incoherence. Requiring an absolute path to a local service-account key means the skill will access local credentials; ensure the key is least-privilege (Viewer) and you are comfortable the skill will read it from disk.
Persistence & Privilege
The skill does not request always:true, does not modify other skills, and its persistence is limited to creating a .skills-data directory in the project root and a venv under that directory. That is expected for tools that cache API responses and store reports.
What to consider before installing
Key things to consider before installing/running: - Credentials: The skill requires a Google Service Account JSON key (GOOGLE_APPLICATION_CREDENTIALS), GA4_PROPERTY_ID and GSC_SITE_URL, but the registry metadata did not list these — verify and be cautious. Do NOT upload or paste your service-account JSON into any remote form; the scripts expect a local absolute path and will read that file. Create a dedicated service account with the minimum role (Viewer) for Search Console / Analytics and rotate/delete keys after use if you have concerns. - Source code access: The skill can be pointed at SOURCE_CODE_PATH for a source-code review. Only provide a path you are comfortable the tool can read; consider running the scripts on a copy of the repo or in an isolated environment if the code is sensitive. - Browser automation mismatch: The description promises browser automation audits, but the included Python scripts appear to use requests-based HTTP fetching only and do not include Playwright/Selenium or other headful automation. If you need full browser audits (rendered JS, Lighthouse), ask the author or inspect for additional code before trusting that capability. - Inspect code and run in isolation: Review the bundled scripts yourself (they are included) — they appear to only call Google APIs and fetch target site URLs. Still, run them in a disposable virtual environment or container, since they will create .skills-data and a venv and will read local .env and the service-account file. - Use manual CSV mode if uneasy: SKILL.md offers a Manual CSV export mode that avoids giving the skill Google credentials; use that option if you don't want to provide a service-account key. - Network & data: The scripts make outbound requests to the target website(s) and to Google APIs; there is no evidence in provided files of exfiltration to unknown third-party endpoints, but confirm by scanning code and monitoring network traffic during first run. If you want, I can point out exactly which lines read .env and the credential path, or help create a safer run plan (containerized execution, least-privilege service account, or using manual CSV mode).

Like a lobster shell, security has layers — review code before you run it.

latestvk97fmjbpx5tfzzp3578wkg41x184cg3n

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments