The Agent Skills Directory

[SAFE]: No security threats identified. The skill's functions are entirely consistent with its purpose of managing Google Ads connections and diagnosing connectivity issues. It follows security best practices by utilizing standard environment variables for secret management instead of hardcoded credentials.
[PROMPT_INJECTION]: An assessment of the indirect prompt injection surface was conducted. The skill ingests data (account names and campaign names) from the Google Ads API and writes this metadata to 'workspace/ads/account.md'. Although explicit boundary markers and sanitization are absent, the risk is minimal in the context of this onboarding tool and does not warrant a severity escalation. Ingestion points: Tool output from 'list_accessible_customers' and campaign resource queries. Capability inventory: Tool execution (MCP) and file writing to the workspace.

google-ads-connect