ads-google
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill suggests integrating with the Google Ads MCP server hosted on Google's official GitHub organization (github.com/googleads/google-ads-mcp). This is a well-known service and a trusted source for advertising developer tools.
- [DATA_EXFILTRATION]: The skill requires access to Google Ads campaign data, including search terms and performance metrics, to perform its primary function. This data access is restricted to the analysis workflow, and the skill provides instructions for secure integration via MCP or manual export without any unauthorized external transmission.
- [PROMPT_INJECTION]: The skill processes external account data such as Search Terms Reports. While this technically creates a surface for indirect prompt injection, the skill's structured audit process (evaluating specific metrics like Quality Score and CTR) prevents arbitrary data from influencing the agent's core instructions.
- Ingestion points: Account data collection in Step 1 of SKILL.md.
- Boundary markers: None explicitly defined for external data input.
- Capability inventory: The skill uses read-only GAQL queries through the MCP toolset and lacks dangerous capabilities like shell execution or file writes.
- Sanitization: The audit process applies mathematical thresholds and weighted scoring, which inherently sanitizes the data for analysis.
Audit Metadata