markifact-overview

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill calls the remote MCP server at https://api.markifact.com/mcp at runtime (find_operations / get_operation_inputs / run_operation), and the schemas and operation instructions returned by that endpoint directly control the agent's prompts and actions, making it a required external dependency that can influence behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The Markifact skill is an ad-management platform whose MCP exposes 300+ platform-specific operations (e.g., gads_create_campaign, gads_update_ad_status, portfolio bidding strategies, "scale winners", "launch campaigns"). Those operations are explicitly for end-to-end account management (launching and editing campaigns / assets / bidding strategies), which inherently includes mutating ad spend and campaign configurations. The skill provides a run_write_operation endpoint (for ops requiring approval) that executes write actions against ad accounts. Because the spec names campaign creation/management and bidding strategies (and exposes platform-specific write ops like gads_create_campaign), it includes the API surface needed to update ad spend/budgets — a direct financial-execution capability per the provided rules.