Juliang Qianchuan Auto Ads V1

If configuration or state is wrong, the agent could spend more ad budget or remove live ad plans without a fresh per-action confirmation.

The skill can automatically change bids and delete ad plans during monitoring, which are high-impact paid advertising account mutations.

A real embedded secret could expose or reuse a Feishu application credential across customers, weakening account isolation.

The static scan reports a client_secret literal in the Feishu setup script, while the documentation says App Secrets should only be obtained during customer authorization and stored locally.

Users may be asked to run installer code that is not present in, or reviewable from, the supplied package, while that installer path is supposed to change OpenClaw configuration and services.

The Windows instructions ask users to run a PowerShell bypass installer, but the reviewed manifest does not include INSTALLER-MAIN.ps1 or the referenced RUN-ME-FIRST entrypoints.

Installing the skill can modify local OpenClaw state rather than only adding prompt text.

The installer runs local OpenClaw CLI commands, which is expected for this deployment workflow but gives the package local execution authority.

If these state files are corrupted or edited incorrectly, the agent may target the wrong plan, block valid work, or make unsafe monitoring decisions.

Persistent local memory/state files drive future deduplication, monitoring, and mutation decisions.

If Feishu permissions or chat routing are too broad, an unintended user or group could trigger ad workflow commands.

The workflow connects OpenClaw to Feishu bot messages and active notifications, so message origin and chat allowlisting matter.

Background monitoring may continue to act on ad accounts until stopped or until its state says the live session has ended.

The skill sets up long-running gateway/monitoring behavior that continues after the initial command and can affect live ad operations.