google-analytics

[Skill Scanner] Backtick command substitution detected All findings: [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] No clear malicious code patterns are present in the provided documentation and examples. The main concern is that all Google Analytics API calls and OAuth flows are proxied through Maton-controlled endpoints by design — this requires trusting Maton with MATON_API_KEY, session tokens, and proxied Google data. That design is coherent with the stated managed-OAuth purpose, but it is a centralization of sensitive data and credentials and should be considered suspicious if the user does not trust Maton. Recommend review of Maton’s privacy/security practices and using direct Google OAuth/API integration if you require minimal third-party exposure. LLM verification: This skill appears functionally consistent with its stated purpose (Google Analytics integration using a managed OAuth gateway). There is no direct evidence of obfuscated or intentionally malicious code in the provided skill documentation. However, all API calls and OAuth flows are routed through a third-party (Maton) rather than directly to Google APIs. That design requires trusting Maton with MATON_API_KEY and the user's OAuth credentials and could result in credential exposure or unauthorized