ads-audit

SUSPICIOUS: the skill's core capabilities fit its stated Google Ads audit purpose, and there is no download-execute malware pattern. The main risk is data and credential flow through AdsAgent's third-party remote MCP service plus moderate prompt-injection exposure from website fetching combined with local file writes. This looks coherent but not low-risk.