What it does
GA4 Anomaly Detector monitors Google Analytics 4 metric time-series (sessions, total users, conversions, and any GA4 metric you choose) and flags days that deviate from a rolling baseline. Detection is deterministic — z-score (default, threshold 3) or IQR — and every number (value, expected, deviation, score, severity, confidence) is code-derived. An LLM only narrates the already-computed anomalies into a readable alert; it never produces a number and never asserts a definitive cause. Without an API key (and no host sampling) it degrades gracefully to a deterministic template. It runs as a collect → analyze → narrate → report loop. Connector-ready: with an optional GA4 property ID + read-only service-account key it can pull live series from the GA4 Data API (sandbox/test property recommended); otherwise it runs fully on mock data or your own caller-provided series / GA4 runReport export — so you can try it with zero setup. Guardrails: read-only, egress is allowlisted to the GA4 Data API host, prompt-injection is defanged, credentials are masked and never logged, and the output is decision-support (no fabricated causes). Tools: - run_full — end-to-end: collect (mock/provided/live), detect deterministically, narrate, return the full AgentResult JSON. - detect_anomalies — pure deterministic detection over ready MetricSeries[] (no LLM), with optional sensitivity. - analyze — lower-level: run the analyzer over a full RawData object (series + method). - connector_status — GA4 connector readiness: required slots, egress host, and whether live credentials are present (secret-safe). - list_capabilities — static capabilities: tools, detection methods, default metrics, credential slots. - plan_inputs — interview helper returning questions, JSON schema, and a ready-to-edit example for a tool. Array/object arguments may be passed as JSON or a JSON string. Missing required inputs return a structured needs_input payload (questions + schema + example) instead of erroring, and upgrade to a native elicitation form on clients that support it.
Example prompts
- Run run_full on the mock data with z-score sensitivity 3 and summarize any critical anomalies.
- I have my own GA4 series — detect_anomalies over this MetricSeries[] using IQR sensitivity and return the scored anomalies.
- Check connector_status: which credential slots and egress host does this agent need, and are live credentials present?
- Use plan_inputs for detect_anomalies and show me the questions, schema, and a ready-to-edit example.
- Run run_full for GA4 property properties/123456789 monitoring sessions and conversions, then narrate the alert.
Tools (6)
Tools the agent exposes — your AI client calls them automatically when it needs them.
- run_full — Run the GA4 anomaly detector end-to-end: collect metric series (mock/provided/live), detect anomalies deterministically (z-score/IQR), synthesize a narrative alert, return the full JSON result.
- detect_anomalies — Given ready GA4 metric series (MetricSeries[]) and optional sensitivity, run pure deterministic anomaly detection (no LLM) and return scored anomalies.
- analyze — Lower-level: given a full RawData object (series + method), run the deterministic analyzer and return anomalies.
- connector_status — Report GA4 connector readiness: required credential slots, the allowlisted egress host, and whether live credentials are present (secret-safe; values never shown).
- list_capabilities — List the agent's static capabilities: tools, detection methods, default metrics, and credential slots.
- plan_inputs — Plan/brainstorm the inputs for a tool: returns the questions, schema and a ready-to-edit example.
What you'll need to connect
This agent will ask you for the following. You enter them when you connect — they're encrypted and never shared with the creator.
- GA4 Property ID · optionalOptional. GA4 property ID for the read-only Data API connector (sandbox/test property only — never production). Leave blank to run on mock or caller-provided data.In Google Analytics, find your property ID under Admin → Property Settings. Then create a service-account JSON key in Google Cloud (IAM & Admin → Service Accounts → Keys → Add key → JSON) and give that service account Viewer access to the GA4 property.Paste the value as a single line.Only sent to: analyticsdata.googleapis.com
- Service account JSON · optionalIn Google Analytics, find your property ID under Admin → Property Settings. Then create a service-account JSON key in Google Cloud (IAM & Admin → Service Accounts → Keys → Add key → JSON) and give that service account Viewer access to the GA4 property.Paste the full JSON of your service-account key file (not a file path). FindAgent stores it securely and gives the agent a file path to it.Only sent to: analyticsdata.googleapis.com, oauth2.googleapis.com, www.googleapis.com
- Anthropic API Key · optionalOptional. Enables the LLM-narrated alert via Anthropic. Without a key (and no host sampling) the agent falls back to a deterministic template.Create a key on the Anthropic Console API keys page (console.anthropic.com → API keys).Paste the value as a single line.Only sent to: api.anthropic.com
- OpenAI API Key · optionalOptional. Enables the LLM-narrated alert via OpenAI instead of Anthropic.Create a secret key on the OpenAI API keys page (platform.openai.com → API keys).Paste the value as a single line.Only sent to: api.openai.com
How you're protected
FindAgent runs these safety checks on every agent automatically. They're always on and can't be turned off.
- Prompt-injection scanning
Every request is checked for known prompt-injection and jailbreak attempts before the agent runs. This is always on.
- Secret-leak scanning
Every response is scanned for leaked API keys, tokens, and other secrets before it reaches you. This is always on.