ga4-analytics
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches standard and well-known library dependencies from the npm registry, including official Google API clients such as
@google-analytics/data,@googleapis/indexing, and@googleapis/searchconsole. - [COMMAND_EXECUTION]: The skill includes a setup script (
scripts/setup.sh) to install Node.js dependencies and instructs the user to execute the analysis toolkit using thetsxruntime. - [DATA_EXFILTRATION]: The skill retrieves data from well-known Google API endpoints. The retrieved analytics and search data are stored locally in the
results/directory. No unauthorized data transfer to third-party or untrusted domains was identified. - [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it processes untrusted data from external sources.
- Ingestion points: Page titles, event names, and search queries retrieved via
scripts/src/api/reports.tsandscripts/src/api/searchConsole.ts. - Boundary markers: Absent; no specific delimiters or warnings are used to prevent the agent from interpreting instructions embedded in the analytics data.
- Capability inventory: The skill can write files to the local disk and modify the Google Search index (e.g., requesting URL removal) via
scripts/src/api/indexing.ts. - Sanitization: No explicit sanitization or filtering of the retrieved data was found.
- [SAFE]: The skill's behavior aligns with its documented purpose. It utilizes official Google service account authentication and well-established development tools without any signs of malicious intent or obfuscation.
Audit Metadata