Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Microsoft Ads CLI
v1.0.0Microsoft Ads data analysis and reporting via microsoft-ads-cli. Use when the user wants to check Microsoft/Bing ad performance, pull campaign/ad group/keywo...
⭐ 0· 48·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
high confidencePurpose & Capability
The instructions and commands in SKILL.md are consistent with a Microsoft/Bing Ads CLI (account, campaigns, keywords, reports). However the metadata declares no required credentials or config paths while the runtime instructions explicitly require an OAuth2 access token, a Developer Token, optional account IDs, and may read ~/.config/microsoft-ads-cli/credentials.json. That omission is an inconsistency.
Instruction Scope
SKILL.md tells the agent to install and run microsoft-ads-cli and to resolve credentials via (in order) a --credentials flag, environment variables (MICROSOFT_ADS_ACCESS_TOKEN, MICROSOFT_ADS_DEVELOPER_TOKEN, etc.), or a credentials file at ~/.config/microsoft-ads-cli/credentials.json. Reading a user's home config file and using access tokens/developer tokens are sensitive operations; these accesses are related to the skill purpose but are not declared in the registry metadata, which is a scope/visibility problem.
Install Mechanism
There is no install spec in the registry entry, but SKILL.md instructs to run `npm install -g microsoft-ads-cli`. Installing an unpinned package from npm is standard for CLI tools but carries typical npm risks (downloads and executes third-party code, global install may require elevated permissions). This is expected for a CLI but deserves caution — the registry should have a source/homepage or commit hash to verify.
Credentials
The skill runtime requires highly sensitive secrets (OAuth2 access token and Developer Token) and may read credentials from a file under the user's home directory; yet the registry metadata lists no required env vars or primary credential. Requesting those tokens is proportionate to the stated purpose, but the lack of declared required env vars/config paths in the metadata is an incoherence and increases risk because users may not realize what secrets will be accessed.
Persistence & Privilege
The skill is not always-enabled and does not request special platform privileges. However, SKILL.md instructs global npm installation which modifies the environment and may require elevated permissions; the skill may also read a credentials file in the user's home directory. These are expected for a CLI but worth flagging to users.
What to consider before installing
Before installing or enabling this skill: (1) Confirm the package source — the registry entry lists no homepage or repository. Review the microsoft-ads-cli project code on a trusted source (GitHub/npm package page) before running npm install -g. (2) Be aware SKILL.md requires sensitive credentials (MICROSOFT_ADS_ACCESS_TOKEN and MICROSOFT_ADS_DEVELOPER_TOKEN) and may read ~/.config/microsoft-ads-cli/credentials.json; do not expose tokens unless you trust the package. (3) Ask the skill author/maintainer to update the registry metadata to declare required env vars and provide a homepage/repo and a pinned version. (4) Prefer installing in a sandbox or container (not global) and use least-privileged tokens (short-lived or scoped) when testing. (5) If you cannot verify the source or author, treat this skill as untrusted and avoid providing production credentials.Like a lobster shell, security has layers — review code before you run it.
latestvk976z7gywtw0dg83va3kaqmffh84c41r
License
MIT-0
Free to use, modify, and redistribute. No attribution required.