Analytics Tracking
v0.1.0When the user wants to set up, improve, or audit analytics tracking and measurement. Also use when the user mentions "set up tracking," "GA4," "Google Analyt...
⭐ 0· 848·3 current·3 all-time
byVictor Huang@mrhuang09
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description, SKILL.md, and reference docs all focus on analytics (GA4, GTM, event libraries). There are no unexpected binaries, env vars, or config paths requested that would be disproportionate to an analytics tracking helper.
Instruction Scope
Instructions are implementation-focused and include reading a local product-marketing-context file if present ('.agents/product-marketing-context.md' or '.claude/product-marketing-context.md') — this is coherent for context but means the agent will read local project context if it exists. The docs include examples that set user_id and other user properties; they note 'avoid PII' but do not provide strong guidance on hashing/anonymization or explicit consent enforcement.
Install Mechanism
Instruction-only skill with no install spec and no code files that would be downloaded or executed. Lowest install risk.
Credentials
The skill declares no required environment variables or credentials. Example snippets mention placeholders (GA measurement IDs, pixel IDs) but the skill does not request secrets or external tokens itself.
Persistence & Privilege
No always:true, no install-time persistence, and no requests to modify other skills or system-wide agent settings. Normal invocation model applies.
Assessment
This skill appears to be what it claims: an analytics/implementation guide. Things to consider before installing or using it: 1) The skill will (by instruction) read a local product-marketing-context file if present — ensure that file does not contain secrets or confidential account credentials you don't want an agent to read. 2) Examples demonstrate sending user_id and similar properties; follow your privacy policies: avoid sending PII, hash or anonymize identifiers where required, and ensure consent/consent-mode is implemented. 3) The skill includes example snippets for third-party pixels (GA4, Facebook). Only deploy reviewed snippets and confirm measurement IDs/pixel IDs are stored securely (not hard-coded in public repos). 4) If you expect the agent to act autonomously with this skill, restrict what project files it can access and verify any context files are safe to share. If you want, I can list specific checklist items to ensure a compliant implementation (consent, data retention, hashing user IDs, GA settings).Like a lobster shell, security has layers — review code before you run it.
latestvk97ccst1j70mtcpawngy6r175h82agn5
License
MIT-0
Free to use, modify, and redistribute. No attribution required.