stop plugging Claude Code directly into your ad accounts
Seeing more and more people connecting Claude Code (or similar coding agents) straight to the Meta API to manage campaigns. Looks cool in a demo. In production it's a disaster waiting to happen.
Your access token is sitting right there in the context window. Every tool call, every log. One leaked conversation or sketchy plugin and someone has full access to your ad account.
There's no approval step. These agents are built to act, not ask. One bad inference and it pauses your best performer, duplicates ad sets, or cranks budget on a cold audience test. By the time you notice, the money's gone.
Meta also really does not like rapid-fire changes. If your agent is pushing 30 edits an hour you look exactly like a bot to their system. Accounts get restricted for this. They don't care if it's you or your AI making the changes.
There's no spending ceiling built in either. The agent doesn't know your monthly cap. It just executes.
And AI-generated copy that auto-submits without anyone reading it? That's how you stack policy strikes until your account is gone.
The fix isn't "don't use AI." It's building the right layer between the agent and your account. Human-in-the-loop where the agent proposes and you approve. Token isolation so the agent never actually sees your credentials. And a rate-limited proxy that enforces budget caps and edit limits before anything hits Meta's API.
The automation is the easy part. The guardrails are what actually matter.