pp-google-ads
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFEDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The
google-ads-pp-clitool includes a--deliver webhook:<url>feature that allows the agent to POST command results, which may contain sensitive marketing, billing, and customer data, to any external URL. - [DATA_EXFILTRATION]: The CLI includes a feedback mechanism that sends local logs and notes to a remote endpoint if the
GOOGLE_ADS_FEEDBACK_ENDPOINTenvironment variable is configured and the--sendflag is used. - [EXTERNAL_DOWNLOADS]: The skill instructions direct the installation of binaries from a remote GitHub repository (
github.com/mvanhorn/printing-press-library) using thego installcommand. - [PROMPT_INJECTION]: Indirect Prompt Injection Surface: Untrusted data enters the agent context from Google Ads API responses (SKILL.md). There are no boundary markers or instructions to ignore embedded content. The tool possesses network (webhook) and file-writing capabilities across its command suite. No sanitization or validation of external content is documented.
Audit Metadata