Insight Engine
Security checks across static analysis, malware telemetry, and agentic risk
Overview
Review before installing: this is a coherent analytics-to-Notion skill, but live or scheduled runs can send local OpenClaw memory notes to Anthropic despite claiming raw logs stay local.
Install only if you are comfortable with Anthropic receiving the structured report packet, including up to 6000 characters from the daily OpenClaw memory file. Review memory files for secrets, start with --dry-run or --data-only to inspect behavior, use least-privilege Notion and Langfuse tokens, and avoid enabling the cron schedule until the data flow is acceptable.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private operational notes or sensitive details stored in the daily memory file may leave the machine during live or scheduled runs.
The daily memory file is copied into the data packet and the packet is then sent to Claude during a live run. That can expose local persistent memory contents and allows memory-file text to influence the generated Notion report.
memory_text = read_memory_file(...) ... 'memory_context': memory_text[:6000], ... user_content = (... json.dumps(data, indent=2, default=str) ...); ... reflection = call_claude(system_prompt, user_content, model)
Make memory upload explicit and optional, redact secrets before model calls, treat memory text as untrusted data, and document exactly what is sent to Anthropic.
A user may install or schedule the skill believing no raw local narrative data is transmitted externally.
This strong privacy claim is misleading in context because the code includes raw daily memory text in the structured packet sent to Claude.
Raw operational data (logs, traces) is analysed locally in Python before a structured summary packet is sent to the LLM — no raw logs are transmitted.
Revise the security notes to disclose memory_context and Git summaries clearly, and distinguish aggregate metrics from raw local text.
Over-broad tokens could let the skill read or write more account data than intended.
The skill uses API credentials for Anthropic, Notion, and Langfuse. This is expected for the stated integration, but the tokens govern external model access, observability reads, and Notion writes.
ANTHROPIC_API_KEY=sk-ant-...; NOTION_API_KEY=secret_...; LANGFUSE_PUBLIC_KEY=pk-lf-...; LANGFUSE_SECRET_KEY=sk-lf-...; NOTION_ROOT_PAGE_ID=<uuid>
Use dedicated, least-privilege Notion and Langfuse credentials scoped only to the intended pages, databases, and projects.
Reports and external API calls may happen automatically on a schedule rather than only during an interactive session.
The skill documents an optional scheduled background run. This is purpose-aligned for daily reporting, but it can repeatedly invoke the live pipeline once the user configures it.
Cron setup (LaunchAgent example) ... /usr/bin/python3 ... /path/to/insight-engine/scripts/src/engine.py ... --mode daily
Test with dry-run first, confirm the exact data being sent, and only schedule the job after configuring redaction and least-privilege tokens.
Installation may pull newer dependency versions than the author tested, and setup may fail or require manual reconstruction of configuration.
Setup is user-directed, but dependencies are unpinned and the referenced config example is not present in the provided manifest.
pip install anthropic requests pyyaml ... cp scripts/config/analyst.yaml.example config/analyst.yaml
Provide a pinned requirements file or lockfile and include the referenced config template.