money-ads

Warn

Audited by Snyk on May 16, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). The skill is explicitly designed to create, control, and optimize paid ad campaigns and to programmatically manage ad spend. It references "API-level campaign control" (Google Ads, Meta Ads), provisioning an MCC sub-account (so campaigns/budgets can be managed on behalf of the user), automated daily ops like "Check spend vs. budget", pausing ads, and rules to "Increase budget 20-30% per week" and "Never exceed daily budget cap" while handling the rest after the user approves budget. These are concrete controls that change ad budgets and trigger spend via advertising platform APIs — i.e., direct management/update of ad spend budgets (a listed high-risk capability). This is not a generic browser or HTTP tool; it is specifically for financial execution of ad budgets.

Issues (1)

W009
MEDIUM

Direct money access capability detected (payment gateways, crypto, banking).

Audit Metadata
Risk Level
MEDIUM
Analyzed
May 16, 2026, 03:34 PM
Issues
1
Security Audit — snyk — money-ads