google-analytics-automation
Warn
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTIONNO_CODE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill directs users to configure an external MCP server at
https://rube.app/mcp. This third-party service is used to interface with Google Analytics and manage authentication, which introduces a dependency on an unverified external domain.\n- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it processes data retrieved from Google Analytics that could contain malicious instructions.\n - Ingestion points: Account names, property names (displayName), and report row data fetched from the Google Analytics API via the MCP server.\n
- Boundary markers: None present; the skill lacks delimiters or instructions to the agent to ignore instructions embedded in the analytics data.\n
- Capability inventory: The skill uses tools like
RUBE_MANAGE_CONNECTIONSandGOOGLE_ANALYTICS_RUN_REPORTto interact with sensitive account data and execute queries.\n - Sanitization: There is no evidence of sanitization or filtering applied to the data before it is processed by the agent.\n- [NO_CODE]: The skill consists entirely of markdown instructions and does not include any local script files or executables.
Audit Metadata