Back to skill

Security audit

Microsoft Ads MCP

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims, but it can control real Microsoft Ads campaigns and relies on external MCP server code, so users should install and use it carefully.

Before installing, inspect the linked MCP server code and requirements, use an isolated Python environment, protect the mcporter config and Microsoft credentials, and test with paused or low-budget campaigns. Require explicit human confirmation before creating ads, changing budgets, or activating campaigns.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill documents operations that can activate campaigns and create live ads, but it does not clearly warn users that these actions can immediately incur real advertising spend and modify a production ad account. In this context, the omission is risky because users may treat the workflow as low-risk automation and unintentionally launch spend-bearing campaigns.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.