google-ads-api-mcp-setup
Pass
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Credential Management]: The skill provides detailed instructions for configuring sensitive API credentials such as Developer Tokens and OAuth Refresh Tokens. It correctly advises users to manage these via environment variables or isolated configuration files rather than hardcoding them in scripts.\n- [External Dependencies]: The setup process involves downloading the Google Ads MCP server package from official PyPI and GitHub repositories. These operations are essential for the skill's functionality and target well-known, trusted sources.\n- [System Command Execution]: The instructions guide users through the use of standard system package managers (such as pipx, brew, and apt) to set up the execution environment. This is a routine part of CLI tool installation.\n- [Indirect Prompt Injection Surface]: The skill implements tools that process data from the Google Ads API, which represents a potential surface for indirect instructions. However, the risk is limited as the integration is primarily read-only.\n
- Ingestion points: Data is retrieved from the Google Ads API via the
searchandlist_accessible_customerstools.\n - Boundary markers: No specific delimiters or warnings for the agent regarding data ingestion are defined in the instructions.\n
- Capability inventory: The skill allows for querying campaign data and account metadata via standard input/output transport.\n
- Sanitization: The skill does not specify explicit sanitization or filtering of the API responses before they are presented to the AI assistant.
Audit Metadata