google-analytics
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses the official Google Analytics Data API library (
google-analytics-data) to fetch performance metrics, ensuring that all communications are conducted through verifiable and secure Google services. - [SAFE]: API credentials and property IDs are managed using environment variables and .env files. The documentation explicitly warns against hardcoding secrets and provides clear instructions on secure secret management, adhering to industry best practices.
- [SAFE]: The included scripts (
scripts/analyze.pyandscripts/ga_client.py) implement directory traversal protection via the_safe_output_pathfunction, which ensures that any generated reports or data exports remain within the intended working directory. - [SAFE]: All identified Python dependencies are well-known, standard packages from official registries (PyPI), and the command execution patterns are limited to executing local analysis scripts with user-defined parameters.
- [SAFE]: A review of the skill's instructions, metadata, and logic confirms there are no prompt injection attempts, persistence mechanisms, or unauthorized network operations.
Audit Metadata