google-analytics-automation
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill is entirely composed of Markdown documentation and does not contain any Python, JavaScript, or shell scripts.
- [EXTERNAL_DOWNLOADS]: The skill directs users to configure an external MCP server at https://rube.app/mcp. This is a well-known service for AI toolsets and the reference is documented neutrally.
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection due to its data processing nature. Ingestion points: Data enters the agent context through reporting tools like GOOGLE_ANALYTICS_RUN_REPORT which fetch user-controlled strings (e.g., page titles, event names). Boundary markers: The instructions do not define delimiters or provide warnings to ignore embedded instructions within retrieved data. Capability inventory: The skill allows for account discovery and report execution. Sanitization: No sanitization or filtering of the analytics data is specified before it is presented to the agent.
Audit Metadata