v1.0.0

Performance Marketing Agent — Adspirer

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 6:13 AM.

Analysis

Review before installing because this skill can connect to and change paid advertising accounts through an external Adspirer plugin that was not included in the artifacts.

GuidanceTreat this as a high-impact advertising-account integration. Install it only if you trust Adspirer, review the external plugin separately, connect the least-privileged ad accounts possible, set budget and account limits, require explicit confirmation for every write, and monitor billing/campaign changes after use.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityHighConfidenceHighStatusConcern

SKILL.md

Connects directly to ad platform APIs to create campaigns, pull live performance data, research keywords, optimize budgets, and manage ads across Google Ads, Meta Ads, LinkedIn Ads, and TikTok Ads.

The skill exposes broad ad-account write and optimization capabilities across several paid platforms; even if purpose-aligned, these actions can materially affect spend, campaign delivery, and public ads.

User impactA mistaken or overly broad action could change bids, budgets, targeting, or ads and potentially waste money or damage brand reputation.

RecommendationUse only with explicit per-action approval, account allowlists, budget limits, previews/diffs for changes, and a clear rollback or audit process.

Agentic Supply Chain Vulnerabilities

SeverityMediumConfidenceHighStatusConcern

SKILL.md / file manifest

This skill installs the Adspirer plugin (`openclaw-adspirer`) — the same 100+ tools, same MCP server ... No code files present — this is an instruction-only skill.

The artifact delegates the actual functionality to an external plugin/MCP package that is not present in the reviewed files, while that plugin is intended to handle high-impact ad-account actions.

User impactThe reviewed SKILL.md does not show what the installed plugin actually does with connected ad accounts or data.

RecommendationInstall only if you trust the Adspirer plugin source, review its package/provenance separately, and pin or verify the package before granting ad-account access.

Rogue Agents

SeverityLowConfidenceHighStatusNote

SKILL.md

Automated Monitoring — Set up alerts for metric thresholds, schedule recurring briefs

The skill advertises scheduled recurring activity. It is disclosed and relevant to marketing monitoring, but users should notice the persistence aspect.

User impactScheduled alerts or briefs may continue running after initial setup and may keep accessing campaign data.

RecommendationConfirm where schedules are stored, how to list or disable them, and whether they require periodic re-authorization.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

SKILL.md

openclaw adspirer login ... openclaw adspirer connect ... No local credential storage — OAuth 2.1 with PKCE

The setup requires delegated OAuth access to advertising accounts, but the artifacts do not specify requested scopes, account boundaries, or how connected-platform privileges are limited.

User impactConnecting ad platforms may give the plugin authority over business advertising accounts and live campaign data.

RecommendationBefore connecting accounts, verify the OAuth scopes, use least-privilege ad accounts, avoid administrator-wide access where possible, and know how to revoke Adspirer access.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceMediumStatusNote

SKILL.md

same MCP server ... Connects directly to ad platform APIs ... pull live performance data

The skill discloses an MCP/provider-mediated workflow that handles advertising performance and account data; this is expected for the purpose, but the data boundary is not detailed.

User impactCampaign performance, account metadata, and marketing analytics may pass through the Adspirer plugin/MCP integration.

RecommendationReview Adspirer's privacy/data-handling terms and avoid connecting accounts containing data you do not want processed by the integration.