Skills
skills/aimonk2025/google-tag-manager-automation/gtm-status/Gen Agent Trust Hub

gtm-status

Fail

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: HIGHCREDENTIALS_UNSAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill instructions direct the agent to read gtm-credentials.json and gtm-token.json. These files typically store highly sensitive authentication materials, including OAuth 2.0 client secrets and active access tokens.
  • [DATA_EXFILTRATION]: The skill extracts and potentially displays internal metadata such as accountId and containerId from gtm-config.json, which exposes details of the user's private infrastructure.
  • [PROMPT_INJECTION]: The skill ingests data from various untrusted project files like gtm-context.md and audit-report.json to determine project status. This presents a surface for indirect prompt injection because the skill lacks sanitization, validation, or boundary markers for this external data. Capability inventory: Local file reads of multiple user-controlled files. Sanitization: None detected.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 28, 2026, 12:01 PM