Google Ads
WarnAudited by ClawScan on May 10, 2026.
Overview
This Google Ads skill is coherent, but it needs review because it can expose Google Ads credentials and operate on paid ad accounts.
Use this skill only with an account you are comfortable letting the agent inspect. Do not allow it to run `cat ~/.google-ads.yaml`; redact tokens and secrets instead. Before pausing campaigns, keywords, or changing budgets, require an explicit confirmation showing the exact account, IDs, and changes. Consider using a limited-permission Google Ads user and a pinned SDK version.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A leaked Google Ads refresh token or client secret could let someone access or change advertising accounts.
The skill directs the agent toward privileged Google Ads credentials and includes a command that prints the local config file. That file typically contains secrets such as refresh tokens and client secrets, so printing it can expose credentials into the chat or logs.
API Mode - If user has `google-ads.yaml` configured or `GOOGLE_ADS_*` env vars ... **Requirements:** Google Ads API developer token + OAuth credentials ... `cat ~/.google-ads.yaml`
Do not print the full config file. Use existence/permission checks or a redacted parser, declare the credential requirements clearly, and require explicit user permission before reading any credential file.
If used on the wrong customer ID, campaign, keyword, or budget, the agent could pause ads or change spending in a live advertising account.
The reference docs include direct Google Ads mutation operations that can change campaign budgets or statuses. This is aligned with the skill purpose, but it affects real ad spend and should be handled carefully.
def update_budget(customer_id, budget_id, new_amount_micros): ... budget.amount_micros = new_amount_micros ... response = campaign_budget_service.mutate_campaign_budgets(...)
Before any mutation, require a user-visible dry run with customer ID, account name, campaign/keyword IDs, old values, new values, and an explicit confirmation.
Future package changes could affect behavior or compatibility.
The setup guide installs the Google Ads SDK from PyPI without pinning a version. This is a normal setup pattern for an API integration, but package provenance and version drift are still worth noting.
pip install google-ads # Or with venv python -m venv google-ads-venv source google-ads-venv/bin/activate pip install google-ads
Install in a virtual environment and consider pinning an audited google-ads package version.