google-ads-apply

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly includes an API-backed "Set campaign daily budget" action: it updates campaign budget amount_micros via Google Ads REST API v20 as part of the apply flow (dry-run → confirm → execute → verify → audit). The manifest-backed budget drafts and the scope/guardrails call out budget writes as a supported, medium-risk mutation. Because "managing ad spend budgets" (specifically the API to update the budget) is listed in the Core Rule as a Direct Financial Execution capability, this skill is specifically designed to perform that financial operation—even though it requires human confirmation and has undo/audit controls. Those safeguards do not change that the tool can directly modify campaign budgets through the advertising platform API.