meta-ads

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Phase 1 "Deep Marketing Research (MANDATORY)" requires fetching and scanning the user's provided website and running firecrawl_extract_branding and firecrawl_screenshot (and following internal pages/targeted web searches), so the agent ingests untrusted public web content that can influence campaign-building decisions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to create and manage Meta advertising campaigns including setting budgets (daily or lifetime) in cents, placing budgets at campaign or ad-set level, uploading creatives, and activating campaigns. It documents and requires API calls that change spend-related state: meta_business_create_campaign (with daily_budget/lifetime_budget), meta_business_create_ad_set (accepts daily_budget for manual), meta_business_create_from_blueprint/meta_business_create_from_blueprint (creates campaigns/ad_sets with budgets), and meta_business_update_campaign(..., status="ACTIVE") to go live. The documentation enforces precise budget rules (amounts in cents) and workflow for activating campaigns — i.e., it provides direct programmatic control over ad spend. This matches "Managing Ad Spend Budgets (specifically the API to update the budget)" in the Direct Financial Execution criteria.