v1.0.0

Google Ads Agent — PMax & Search Operations

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 7:51 AM.

Analysis

The skill matches its Google Ads purpose, but it gives guidance for high-impact ad account changes and customer-data uploads without clear approval, spend, or data-handling limits.

GuidanceReview this skill carefully before enabling it with Google Ads access. It is most appropriate if you can require approval for any campaign, bid, budget, audience, or tracking change; restrict it to specific ad accounts; and confirm that any customer-list or conversion-data use complies with your privacy and advertising policies.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityHighConfidenceHighStatusConcern

SKILL.md

Rebalance weekly based on marginal CPA/ROAS
- A campaign spending 3-5x target CPA with no conversions has a structural problem — pause and audit

This is direct operational guidance to change budget allocation and pause campaigns, which can affect ad spend, lead flow, and revenue. The artifacts do not include approval gates, spending limits, change previews, or rollback guidance.

User impactIf connected to Google Ads tools, the agent could make business-impacting changes that spend money differently or stop campaigns without enough human review.

RecommendationRequire explicit user approval before budget, bid, campaign-structure, or pause changes; define account/customer scope, maximum spend deltas, a change preview, and rollback steps.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceMediumStatusNote

metadata

Description: Manage and optimize Google Ads Search and Performance Max campaigns...; Primary credential: none; Required env vars: none

Managing Google Ads campaigns normally requires delegated account authority, but the registry metadata does not declare a credential or permission-scope contract. That can be acceptable for an instruction-only skill, but users should verify what account access any connected tools provide.

User impactIf the agent is later given broad Google Ads access, it may be able to change campaigns, budgets, audiences, or tracking settings beyond the user's intended scope.

RecommendationUse least-privilege Google Ads access, limit to the intended customer/account IDs, and document required permissions before enabling operational tools.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityMediumConfidenceHighStatusConcern

SKILL.md

- Upload customer lists as signals
- Define custom segments based on search behavior
- Include website visitor lists
...
- Feed Google real-time conversion data

The skill directs use of customer lists, visitor lists, search-behavior segments, and conversion data with Google Ads. Those are sensitive advertising data flows, but the artifacts do not define consent checks, data minimization, hashing/format requirements, retention, or approval boundaries.

User impactCustomer or visitor data could be uploaded or used for ad targeting in ways that violate user expectations, company policy, or advertising/privacy rules.

RecommendationDocument exactly which data may be used, require user confirmation before uploads, verify consent and Google Customer Match requirements, minimize fields, and avoid using customer data unless the user provides an approved source.