AB-Directolog-Skill
WarnAudited by ClawScan on May 16, 2026.
Overview
This is a coherent Yandex.Direct automation skill, but it can change ad campaigns and handle long-lived OAuth tokens without clear approval, scoping, or secret-storage guardrails.
Install only if you are comfortable giving the agent Yandex.Direct API authority. Use a restricted account where possible, require manual approval before any campaign, budget, or bid changes, and keep OAuth refresh tokens out of memory files and logs.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could change bids or campaigns in a way that affects ad spend or business performance if a task is misunderstood or invoked too broadly.
The skill explicitly instructs the agent to make batch API changes to advertising bids. That is purpose-aligned, but it is high-impact account mutation and the artifacts do not define confirmation, dry-run, campaign scope, budget limits, or rollback controls.
Понизь ставки на ключевые слова с CTR ниже 1% на 20%... Агент: ... Отправляет batch-изменения через API
Before use, require explicit user confirmation for every mutating API call, add a dry-run/report-first workflow, restrict allowed campaign IDs, and set maximum budget/bid-change limits.
Anyone with these tokens may be able to access or change Yandex.Direct account data within the granted API scope.
The skill requires broad Yandex.Direct OAuth access and sensitive client/token material. This is expected for the stated integration, but users should recognize that the credential can authorize account-level advertising actions.
scope=direct:api ... YANDEX_DIRECT_CLIENT_SECRET=your_client_secret ... YANDEX_DIRECT_ACCESS_TOKEN=your_access_token ... YANDEX_DIRECT_REFRESH_TOKEN=your_refresh_token
Use the least-privileged Yandex application/account possible, rotate tokens regularly, avoid sharing the agent environment, and revoke the OAuth grant if the skill is no longer needed.
A refresh token or sensitive campaign metrics could remain in local agent memory files and be exposed through backups, logs, repository commits, or later agent context.
The persistent memory template includes a long-lived refresh token field. The config enables memory auto-save, but the provided artifacts do not show an encryption, redaction, or retention mechanism for this secret.
refresh_token: "<REFRESH_TOKEN>" # Хранить в зашифрованном виде
Do not store refresh tokens in memory files; keep them in a secret manager or protected environment variables, redact tokens from outputs/logs, and disable or tightly scope memory auto-save for sensitive account data.