Skillv1.0.0

ClawScan security

Google ads for OpenClaw · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 27, 2026, 8:11 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill claims full Google Ads management (view and modify campaigns) but the distributed pieces are inconsistent: credentials/dependencies are not declared and the code only implements listing (update actions are stubs), which merits caution before installation.
Guidance: This skill is not clearly coherent: it needs Google Ads credentials but doesn't declare them, and the main script only implements listing (not updating budgets/statuses) despite advertising full management. Before installing or running it: 1) Inspect/verify the code yourself (or have a developer do so) and confirm update operations are correctly implemented; 2) Do not supply your primary production Google Ads credentials until you trust the code — consider testing with a limited-access test Ads account; 3) Ensure the google-ads-python library will be installed in a controlled environment; 4) Be aware running setup_ads.py will create ~/.google-ads.yaml containing tokens on disk; if you proceed, add explicit required-env declarations and a dependency spec, or ask the publisher for a corrected release. If you cannot validate these points, avoid granting credentials or running the scripts.

Review Dimensions

Purpose & Capability: concernName/description claim management (view, change budgets, enable/disable). The repository includes helper scripts for Google Ads but the package metadata declares no required credentials or primary credential despite the SKILL.md and code requiring Google Ads credentials (developer_token, client_id, client_secret, refresh_token). This mismatch is disproportionate to the stated purpose.
Instruction Scope: concernSKILL.md instructs the agent to check for ~/.google-ads.yaml and to use scripts for listing/updating. The python script, however, only implements the 'list' flow — the update-budget and update-status CLI branches are defined but not implemented. That means runtime behavior will not match the instructions and could mislead users or agents into believing updates will occur when they won't.
Install Mechanism: noteThere is no install spec (instruction-only plus bundled scripts), which is lower risk for arbitrary code installs. However the scripts import google.ads.googleads (Google Ads client library) and no dependency or installation instructions are declared in metadata — the runtime will fail unless that library is present. setup_ads.py will write a config template to ~/.google-ads.yaml if run.
Credentials: concernThe skill requires Google Ads credentials (explicit in SKILL.md and setup template) but the registry metadata lists no required environment variables or primary credential. Requesting developer_token/client_id/client_secret/refresh_token is proportionate to Google Ads use, but the lack of declared required env vars is an incoherence and a practical risk (users may provide secrets without realizing).
Persistence & Privilege: okalways is false and the skill does not request elevated persistent privileges. The only persistence behavior is setup_ads.py creating ~/.google-ads.yaml (its own config file). The skill does not modify other skills or system-wide configs.