google-analytics-automation
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFENO_CODEEXTERNAL_DOWNLOADS
Full Analysis
- [NO_CODE]: The skill contains no executable scripts, binaries, or code files. It functions entirely through markdown-based instructions for an AI agent to use an external MCP service.- [EXTERNAL_DOWNLOADS]: The skill references an external MCP server endpoint (https://rube.app/mcp) as a prerequisite for functionality. This is a configuration requirement for the agent's environment to access the necessary Google Analytics tools.- [INDIRECT_PROMPT_INJECTION]: The skill processes data from Google Analytics (reports, accounts, properties), which serves as a potential surface for indirect prompt injection if external analytics data contains malicious instructions.\n
- Ingestion points: Data enters the agent context through tools like
GOOGLE_ANALYTICS_RUN_REPORTandGOOGLE_ANALYTICS_LIST_ACCOUNTS.\n - Boundary markers: The skill does not define explicit delimiters or instructions for the agent to disregard content within the retrieved analytics data.\n
- Capability inventory: The skill allows listing accounts/properties and executing various report types (batch, pivot, funnel).\n
- Sanitization: No specific sanitization or validation logic for the external data is described in the skill instructions.
Audit Metadata