ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Event Tracking Skill — GA4 + GTM Setup via AI

v1.0.0

Set up automated GA4 event tracking via GTM for any website. Use when the user wants to add analytics tracking, set up Google Tag Manager events, or implemen...

0· 12·0 current·0 all-time
by@jtrackingai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchasesRequires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's name and description (GA4 + GTM setup) align with the runtime instructions which produce event schemas, GTM configs, and optional Shopify pixels. However the SKILL.md expects a local CLI (node dist/cli.js) and Playwright browser support; the registry metadata declares no required binaries/env but the workflow plainly requires Node/npm, Playwright (Chromium), and interactive Google OAuth. Also the package appears documentation-heavy but references build artifacts (dist/cli.js) that are not present in the provided files — an operational mismatch.
Instruction Scope
Instructions direct the agent/user to run many local commands that read/write artifact files (site-analysis.json, event-schema.json, gtm-context.json, credentials.json, shopify-custom-pixel.js). They also require interactive Google OAuth and advise running some commands outside sandboxed environments (binding a local callback on 127.0.0.1). These steps are in-scope for a GTM/GA4 CLI, but they assume the environment can execute builds, launch browsers, and accept user-confirmation flows — capabilities not guaranteed in an agent sandbox.
Install Mechanism
There is no install spec in the registry (instruction-only), which is lowest-risk by itself. But the README / SKILL.md instruct users to run 'npm ci' and 'npm run build', and call Playwright-powered commands — that will download Node modules and Playwright's Chromium binary. That is expected for a crawler/preview tool but does increase operational risk (large binary downloads, external network access) and may fail or be disallowed in constrained/sandboxed agent runtimes.
!
Credentials
The skill declares no required environment variables or primary credentials, yet the instructions require Google OAuth (tokens are cached to credentials.json) and mention optional overrides via GOOGLE_OAUTH_CLIENT_ID / GOOGLE_OAUTH_CLIENT_SECRET. The workflow will create and store OAuth tokens in local artifact directories. This mismatch (no declared credentials vs. explicit OAuth flow) is notable: users must understand the OAuth tokens produced, where they are stored, and avoid committing them. The skill also mentions a --storefront-password option for Shopify dev stores (sensitive data) and generates a shopify-custom-pixel.js file — both of which warrant caution.
Persistence & Privilege
always is false. The skill writes run-scoped artifacts (artifact-dir/*) including credentials.json but does not request platform-wide persistence or alter other skills. It does require writing local token caches and generated artifacts into the artifact directory, which is expected for this workflow but requires users to protect those files.
What to consider before installing
This skill appears to implement a reasonable GA4 + GTM workflow, but pay attention before installing/using it: - Operational readiness: The SKILL expects a local Node environment (npm, node), a built CLI (dist/cli.js), and Playwright/Chromium. The package you inspected contains documentation and guides but references build artifacts that aren't included — you will likely need to clone the full repo and run npm ci / npm run build locally. - OAuth & tokens: The workflow uses interactive Google OAuth (sync/preview/publish) and writes a credentials.json token cache into the artifact directory. The registry metadata lists no required env vars, yet the skill requires OAuth; verify where tokens are stored, do not commit credentials.json into source control, and review what account/container you authorize during sync. Expect to run the OAuth flow on your machine (it may bind a local callback on 127.0.0.1), so do this outside sandboxed or restricted environments. - Downloads and resource use: Running npm ci will pull dependencies and Playwright will download a Chromium binary. That can be large and may be blocked in some environments. If you run this in a hosted agent, verify network and disk policies first. - Shopify branch: If you use the Shopify path the skill will generate a shopify-custom-pixel.js artifact intended to be installed in Shopify Admin. Review the generated pixel and install instructions carefully to ensure it doesn't push unexpected data. The Shopify flow skips the automated browser preview and relies on you installing a custom pixel, so plan manual verification steps. - Confirm presence of CLI: Before trusting an agent to run these steps, check that dist/cli.js or equivalent executables are actually present in the deployed skill bundle; otherwise the agent will fail when it tries to run 'node dist/cli.js'. Given the above mismatches (undeclared OAuth/credentials vs. explicit OAuth flow; references to build artifacts not present), proceed only if you can run the workflow locally, inspect generated files (especially credentials.json and shopify-custom-pixel.js), and are comfortable performing interactive OAuth and protecting token files.

Like a lobster shell, security has layers — review code before you run it.

latestvk970e09wzy2m6dvyg5s1vbjxnn84c1g8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments