google-ads
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed to manage Google Ads accounts and correctly identifies the need for credentials. It accesses
~/.google-ads.yaml, which is the standard configuration file for the Google Ads Python SDK. This access is consistent with the skill's primary purpose. - [COMMAND_EXECUTION]: The skill uses basic shell commands (
ls,cat) to verify the existence and contents of configuration files. It also uses Python to interact with the official Google Ads API. These operations are within the expected scope of a developer-oriented advertising tool. - [EXTERNAL_DOWNLOADS]: The documentation provides instructions to install the official
google-adspackage viapip. This is a standard dependency for the skill's API mode and originates from a trusted package registry. - [DATA_EXFILTRATION]: Network activity is restricted to official Google Ads endpoints (
ads.google.comand Google API services). There is no evidence of data being sent to unauthorized third-party domains. - [PROMPT_INJECTION]: The skill includes explicit 'Safety Boundaries' that instruct the agent not to take destructive actions (like pausing campaigns) or expose credentials in chat without user consent, which helps mitigate risks of accidental or unauthorized operations.
Audit Metadata