ga4-query
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The
scripts/setup.shscript installs several well-known and official libraries from the Python Package Index (PyPI), includinggoogle-analytics-data,google-analytics-admin, andgoogle-auth. These are trusted dependencies required for the skill to communicate with Google Analytics services. - [COMMAND_EXECUTION]: The skill executes a local Python script (
scripts/query.py) to perform data queries. The script uses the standardargparselibrary to handle user input safely and does not contain any patterns for arbitrary command execution or unsafe evaluation of strings. - [CREDENTIALS_UNSAFE]: The skill requires access to a Google Cloud service account key file, as described in the
ga4-config.yamlsetup instructions. This is the official and standard method for authenticating with Google Analytics APIs. The documentation correctly suggests using a 'Viewer' role to minimize the security scope of the provided credentials.
Audit Metadata