Ad Context Protocol (AdCP) Advertising
v1.0.1Automate advertising campaigns with AI. Create ads, buy media, manage ad budgets, discover ad inventory, run display ads, video ads, CTV campaigns, and optimize ad performance. Perfect for marketing automation, programmatic advertising, media buying, ad management, campaign optimization, creative management, and performance tracking. Launch Facebook ads, Google ads, display advertising, video marketing, and multi-channel campaigns using natural language. Supports ad targeting, audience segmentation, ROI tracking, and automated bidding.
⭐ 7· 3.2k·1 current·1 all-time
by@edyyy62
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (programmatic ad buying, creative management, campaign optimization) matches the included SKILL.md and documentation files. The skill describes discovering inventory, creating media buys, uploading creatives, and tracking performance — all of which are supported by the provided API-like examples. The claim of launching Facebook/Google ads is implemented via the AdCP agent layer (agent endpoints and sales-agent credentials) rather than direct Facebook/Google credentials, which is plausible for a protocol intermediary.
Instruction Scope
SKILL.md and other docs instruct the agent to call AdCP agent endpoints, upload creative assets (URLs or file drops), fetch brand_manifest URLs for brand context, and use a test agent for development. There are no instructions to read unrelated local files or harvest system secrets. Note: the docs instruct that authenticated operations require bearer tokens and recommend storing them in env/secret managers; the agent may fetch remote URLs (brand_manifest.url), which could cause it to retrieve external content as part of normal operation.
Install Mechanism
This is an instruction-only skill with no install spec and no code files to execute; that is the lowest-risk install model and consistent with the documentation-oriented package.
Credentials
The skill declares no required environment variables, which is consistent for an instruction-only skill. However, the README documents that authenticated (production) operations require bearer tokens and includes a deliberately public test token for the test agent. The skill itself does not request unrelated credentials. Be aware that providing production bearer tokens enables real ad buys and billing actions.
Persistence & Privilege
always:false and default agent-invocation behavior are appropriate. The skill does not request persistent installation privileges or configuration changes to other skills. One operational risk to note: if you supply production credentials, an autonomously-invoking agent could create or modify media buys (financial effect), so consider agent autonomy settings and credential scope.
Assessment
This package appears to be a documentation-driven AdCP client and is coherent with its stated purpose. Key things to consider before installing or enabling it for autonomous use: 1) The README includes an intentionally public test bearer token for a test agent — use that for development only. 2) To run real campaigns you must obtain production bearer tokens from sales agents; never paste production tokens into public repos or share them. 3) If you provide production credentials, the agent can create/modify media buys and thus spend real money — restrict credential scope, test thoroughly in the test environment, and consider limiting autonomous invocation or adding manual approval steps for spend-related actions. 4) The agent may fetch content from brand_manifest URLs you supply; only provide URLs you trust. 5) Verify the trustworthiness of the homepage/repository and confirm billing/onboarding procedures with any sales agent before switching to production. If you want, I can highlight specific places in the docs where tokens, endpoints, or remote fetches are used so you can audit them more closely.Like a lobster shell, security has layers — review code before you run it.
latestvk97fr0r7c957eewczzy181b79x809xnm
License
MIT-0
Free to use, modify, and redistribute. No attribution required.