ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Microsoft Ads MCP

v1.0.0

Create and manage Microsoft Advertising campaigns (Bing Ads / DuckDuckGo Ads) via MCP server - campaigns, ad groups, keywords, ads, and reporting

3· 2.1k·1 current·2 all-time
by@duartemartins
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The SKILL.md describes a Microsoft Advertising MCP server and shows mcporter-based commands for campaign management — that aligns with the skill name/description. However, the skill registry metadata claims no required binaries, env vars, or config paths, while the SKILL.md clearly requires the 'mcporter' command and a ~/.mcporter/mcporter.json config entry. This mismatch suggests the declared requirements are incomplete.
!
Instruction Scope
The instructions tell the user to git clone https://github.com/Duartemartins/microsoft-ads-mcp-server, pip install requirements, configure ~/.mcporter/mcporter.json with credentials, and run mcporter calls (including an OAuth flow). Those steps are coherent with the advertised functionality, but they require writing and executing third‑party code, creating/storing credentials in a local config file, and running a long‑running server process — none of which are declared in the skill metadata. The instructions also rely on the user pasting redirect URLs (OAuth codes), and they do not specify where long‑term tokens are persisted, which is a scope/capability detail left unspecified.
Install Mechanism
This is an instruction-only skill (no bundled install). The instructions instruct cloning a GitHub repo and pip installing requirements.txt. GitHub and pip are common sources, but installing and running arbitrary code from a third‑party repo introduces moderate risk — review the repository and requirements.txt before installing. No unusual or obfuscated URLs are used, but the skill does rely on external code execution.
!
Credentials
Functionally the skill needs Microsoft Ads developer token and Azure AD app client ID (and an OAuth flow) which are appropriate for this integration. However, the registry lists no required env vars or primary credential while the instructions explicitly instruct the user to place credentials into ~/.mcporter/mcporter.json env fields. Storing tokens/keys in a plaintext config under the user's home directory may expose sensitive data if not handled carefully. The skill doesn't document where OAuth tokens/refresh tokens are stored or how they are protected.
Persistence & Privilege
The skill itself is not marked 'always' and is user-invocable, which is appropriate. But the runtime instructions create persistent artifacts (a cloned repo, installed Python packages, and a mcporter-configured stdio server process) that will live on disk and may run locally. The skill package metadata does not declare that it will create these artifacts, so users should be aware that installing/running the server has persistence implications on their machine.
What to consider before installing
This skill appears to do what it claims (manage Microsoft Ads via an MCP server) but several operational details are missing or inconsistent in the registry metadata. Before installing or running it: 1) Inspect the GitHub repo (https://github.com/Duartemartins/microsoft-ads-mcp-server) and review server.py and requirements.txt for any unexpected behavior or risky dependencies. 2) Confirm you want to install and run third‑party Python code on your machine and understand where credentials and OAuth tokens will be stored (the instructions suggest ~/.mcporter/mcporter.json). 3) If possible, use least‑privilege credentials or a dedicated test Microsoft Ads account while evaluating. 4) Consider running the server in a sandbox or isolated environment (container/VM). 5) Ask the publisher to update the skill metadata to declare required binaries (mcporter), config paths (~/.mcporter/mcporter.json), and environment/credential needs explicitly — that would remove the main coherence concerns. If you cannot validate the repository and token storage practices, avoid installing or supplying production credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk972rqezb59w3vm3j6hz25exch7zzxtb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📢 Clawdis

Comments