Back to skill

Security audit

Analytics Tracking Automation — GA4 + GTM Setup via AI

Security checks across malware telemetry and agentic risk

Overview

This is a coherent GA4/GTM automation skill with disclosed OAuth, browser, telemetry, and publishing gates, though users should review analytics privacy choices before publishing.

Install this only if you intend to automate GA4/GTM work and are comfortable granting GTM-scoped OAuth write access. Review the upstream npm/GitHub package before running commands, keep credentials.json out of source control, and sanitize analytics parameters so full URLs, referrers, link destinations, and form destinations do not leak tokens, personal data, or private application paths.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill enables implicit invocation without any visible narrow trigger constraints, so unrelated user requests could auto-route into this workflow. Because this skill is designed to steer users into GA4/GTM setup and resume flows, ambiguous activation can cause unintended execution paths, confusion, or accidental access to existing tracking artifacts and configuration context.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The guideline mandates sending full `page_location` and `page_referrer` on every event, which can unintentionally capture sensitive data embedded in URLs such as query parameters, reset tokens, internal identifiers, search terms, or referral data. In an analytics automation skill, this is more dangerous because it encourages broad, repeated collection at scale without any minimization or sanitization guidance.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
Capturing `link_url` and `link_text` for all click events can expose sensitive values present in URLs or visible UI text, including email addresses, account identifiers, prefilled query data, or internal application routes. In tracking guidance, this creates a reusable pattern that may normalize over-collection across many implementations.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
Collecting `form_id`, human-readable `form_name`, and especially `form_destination` can disclose sensitive workflow details, endpoint structure, or business context, and destination URLs may contain identifiers or tokens. In a GA4/GTM automation context, recommending this without privacy guardrails increases the likelihood of unsafe default telemetry being deployed widely.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.