Can't Add Google Analytics to Chrome extension without api_secret ?

Public Exposure: An exposed api_secret can allow others to send data to your Google Analytics property, potentially skewing your analytics or leading to unauthorized access.
Best Practices: Ideally, sensitive data like API secrets should be kept server-side where possible. For client-side applications like Chrome extensions, consider implementing additional security measures or using alternative methods if feasible.
API Key Use: If you must use an api_secret , ensure that it’s restricted to specific IPs or use additional safeguards to minimize risks.

Question

Can someone please help me add gtag to Chrome extension? My chrome extension includes a newtab.html page that overrides new tab. I found a tutorial here: https://github.com/GoogleChrome/chrome-extensions-samples/tree/main/functional-samples/tutorial.google-analytics. and it's working well. But my concern is, is it ok if that <api_secret> mentioned in scripts/google-analytics.js in that repository to be in extension code?

I think it's impossible to hide such static API_SECRETS in chrome extension code. But I wanna know what happens if someone finds this particular <api_secret> and why that official tutorial added this in extension's client side code which anyone can see.

by the way, I generated that <api_secret> from:

Admin -> Data collections and modifications -> Data Streams -> selected my stream -> Measurement Protocol API secrets -> Create

Expecting to know if there's a way to link gtag without using api_secret. Or if there's no other way, what can possibly happen if this api_secret is known to public.