dayparting-scheduler
Warn
Audited by Snyk on Jun 23, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).
- Direct money access detected (high risk: 1.00). The skill explicitly prescribes and operationalizes changes that directly control ad spend: calculating and applying bid modifiers, pausing/resuming ad sets, reallocating budget amounts (e.g., "$1,200/mo from dead hours → peak hours"), recommending budget guardrails and percentage adjustments, using lifetime budgets per ad set, and advising automated rules to "increase budget during high-performance windows." It also references running the skill "on autopilot against your live ad accounts" and connecting to Google, Meta, LinkedIn, TikTok, Reddit, Amazon — implying live account write/control. These are explicit instructions to change ad budgets/spend (i.e., update ad-platform budgets/bids), which matches the developer's criterion for Direct Financial Execution (managing ad spend budgets via platform APIs/actions).
Issues (1)
W009
MEDIUMDirect money access capability detected (payment gateways, crypto, banking).
Audit Metadata