ClawHub

Meta Ads CAPI Setup

v1.0.0

[Didoo AI] Step-by-step guide for setting up Meta Conversions API (CAPI) — server-side event tracking that improves conversion measurement accuracy and reduc...

0· 55·0 current·0 all-time
by@elias-didoo
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchasesRequires OAuth tokenRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill name/description (Meta Ads CAPI setup) matches the SKILL.md content. The guide sensibly describes obtaining a Meta System User access token and Pixel ID — these credentials are appropriate and expected for CAPI setup.
Instruction Scope
The instructions stay on-topic: choosing integration method, generating system user tokens, configuring events, testing, and verifying matching quality. The guide does not instruct reading unrelated system files or exfiltrating data to third-party endpoints beyond Facebook's Graph API.
Install Mechanism
This is an instruction-only skill with no install spec and no bundled code — nothing is written to disk or downloaded during installation.
Credentials
The guide clearly describes using a System User access token with scopes like ads_management and business_management, which are appropriate for Meta Marketing API calls. The registry metadata, however, declares no required env vars/primary credential — this is not harmful but is a mild inconsistency: the skill documents credentials users must obtain manually but does not itself request them from the agent environment.
Persistence & Privilege
Skill flags are default (always: false, user-invocable true). There is no persistent or privileged installation behavior described.
Assessment
This guide looks legitimate for configuring Meta CAPI. Before following it: 1) Treat the System User access token like a high‑privilege secret — store it in a secure vault, rotate it regularly, and grant least privilege. 2) Only provide the token to trusted systems or integrations; do not paste it into untrusted web forms or chat. 3) If you lack developer resources, prefer an official partner integration (Shopify, WooCommerce, GTM server-side) rather than direct API calls. 4) Ensure you hash PII (SHA‑256) client-side or server-side as Meta requires and verify privacy/compliance requirements (GDPR/CCPA) before sending user identifiers. 5) The registry metadata doesn’t declare required env vars even though the guide describes credentials — that’s informational only, not a runtime requirement of the skill itself. If you want deeper assurance, ask the publisher for the full, untruncated SKILL.md and confirm there are no hidden install steps or code files.

Like a lobster shell, security has layers — review code before you run it.

capivk97370kk98xh63n1c9pct4dpw184tdhjconversions-apivk97370kk98xh63n1c9pct4dpw184tdhjdidoo-aivk97370kk98xh63n1c9pct4dpw184tdhjlatestvk97370kk98xh63n1c9pct4dpw184tdhjmeta-adsvk97370kk98xh63n1c9pct4dpw184tdhjtrackingvk97370kk98xh63n1c9pct4dpw184tdhj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments