ga4
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes official Google client libraries including
google-analytics-dataandgoogle-auth-oauthlibretrieved from the standard Python Package Index (PyPI). - [COMMAND_EXECUTION]: Executes Python scripts (
ga4_auth.pyandga4_query.py) to manage authentication flows and perform data queries against the Google Analytics Data API. - [CREDENTIALS_UNSAFE]: During the one-time setup process, the
scripts/ga4_auth.pyscript prints the generated OAuth refresh token to the console; this is a standard procedure for manual environment configuration but requires the user to handle the output securely. - [PROMPT_INJECTION]: The skill processes website analytics data from external Google Analytics properties, which presents a surface for indirect prompt injection. 1. Ingestion points:
scripts/ga4_query.pyfetches external content such as page paths and titles. 2. Boundary markers: Data is output in table, JSON, or CSV formats without specific delimiters or instructions to ignore instructions embedded in the retrieved strings. 3. Capability inventory: The skill is configured for network operations specifically targeting Google's API infrastructure. 4. Sanitization: The retrieved analytics data is not sanitized for potential prompt injection before being displayed.
Audit Metadata