google-analytics-automation
Warn
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [External Downloads/Remote Tooling] (MEDIUM): The skill requires connecting to an external MCP endpoint at
https://rube.app/mcp. This domain is not within the defined list of trusted organizations or repositories, making the integrity of the tools provided by this server unverifiable. - [Indirect Prompt Injection] (MEDIUM): The skill is designed to process external data from Google Analytics reports which could potentially contain malicious content intended to influence agent behavior.
- Ingestion points: Data is ingested via
GOOGLE_ANALYTICS_RUN_REPORT,GOOGLE_ANALYTICS_LIST_ACCOUNTS, andGOOGLE_ANALYTICS_LIST_PROPERTIES. - Boundary markers: None. The skill does not provide instructions to the agent on how to delimit or ignore instructions that might be embedded within the GA4 report data or metadata.
- Capability inventory: The agent has the capability to perform multiple sequence tool calls (e.g.,
GOOGLE_ANALYTICS_RUN_REPORTafter resolving IDs) based on the ingested data. - Sanitization: No evidence of sanitization or schema validation for the data returned from the external API before it is processed by the agent.
Audit Metadata