📦 Posthog Analytics — 实用工具

v1.2.0

自动化 PostHog 仪表板 creation, sync, update, 和 export via API接口. Covers 仪表板 CRUD, 洞察 creation, cohort management, 和 API接口-driven analytics w...

0· 137·0 当前·0 累计

by @solomonneas (Solomon Neas)

API工具自动化数据分析系统工具开发工具

下载技能包

安全扫描

VirusTotal

无害

查看报告

OpenClaw

可疑

medium confidence

The skill's code and instructions match the stated PostHog dashboard management purpose, but registry metadata omits the required API credential and primary-credential declaration, creating an incoherence you should resolve before trusting it.

评估建议

This skill appears to do what it claims (manage PostHog dashboards) and the included script is readable and scoped. However: (1) the registry metadata failing to declare POSTHOG_PERSONAL_API_KEY and the primary credential is an inconsistency — confirm the registry/author lists the API key as required before installing. (2) Review the script locally before running and run it with a minimal-permission PostHog API key (only the org/project needed), and avoid running as root. (3) jq and curl are req...

详细分析 ▾

ℹ 用途与能力

The SKILL.md and included Bash script implement PostHog dashboard/insight create/sync/update/export via the PostHog API, which matches the skill name and description. However, registry metadata lists no required environment variables or primary credential while the SKILL.md and script require POSTHOG_PERSONAL_API_KEY — this mismatch is unexpected and should be corrected.

✓ 指令范围

Runtime instructions and the script are narrowly scoped to: read a JSON config, call the PostHog API (host configurable via POSTHOG_HOST), create/update/export dashboards/insights, and write the dashboard_id back to the provided config file. The instructions do not reference unrelated system files, other credentials, or external endpoints outside the configured PostHog hosts.

✓ 安装机制

No install spec is provided (instruction-only). The script depends on standard tools (curl, jq, bash). No downloads or archive extraction are performed by the skill itself.

⚠ 凭证需求

The script and SKILL.md require POSTHOG_PERSONAL_API_KEY (with read/write access) and optional POSTHOG_HOST/POSTHOG_UI_HOST. Registry metadata (as reported) declares no required env vars or primary credential — this is a discrepancy. The required API key is appropriate for the described functionality, but the missing declaration in the registry is a red flag and should be fixed so installers know what sensitive credential will be used.

✓ 持久化与权限

The skill does not request permanent installation privileges (always:false). The script modifies only the config file you pass it (it writes dashboard_id back into that file via a safe tmp file). It does not change other skills, global agent config, or request elevated system privileges.

安全有层次，运行前请审查代码。

运行时依赖

无特殊依赖

安装命令

点击复制

官方npx clawhub@latest install posthog-analytics

镜像加速npx clawhub@latest install posthog-analytics --registry https://cn.longxiaskill.com

数据来源：ClawHub ↗ · 中文优化：龙虾技能库