Okay, so MCP itself isn’t dangerous, but how people are setting it up can be.
There are two specific things that get accounts flagged. Both are avoidable. Here's what they are, why they happen, and what safe MCP use actually looks like.
Danger 1: Using an unapproved MCP server
The most common cause of bans right now is using an MCP server that hasn't gone through Meta's App Review process.
When people search for Meta Ads MCP servers, they often find open-source GitHub repos. Some of these are well-intentioned projects built by developers who wanted to connect their AI to their ad account. The problem is that accessing the Meta Marketing API at any meaningful level requires your app to go through Meta's review process. Many of these GitHub setups haven't done that. They use self-created developer apps with basic permissions, or they connect in ways that Meta didn't sanction.
Meta's systems detect this. The connection doesn't look like an approved integration, it looks like unauthorized API access. Accounts get flagged and, in some cases, banned.
Real risk
Advertisers are being banned right now for using unapproved MCP servers. The GitHub repos showing up in search results are not all Meta-approved. Some have been built by individual developers for personal use and were never submitted for App Review. Using them on a live business account is a real risk.
What 'Meta-approved' actually means: For an app to legitimately access the Meta Marketing API, it needs to go through Meta's App Review process. Meta evaluates the app's intended use, requested permissions, and security practices before granting access. This isn't a rubber stamp. Apps that don't pass review, or that were never submitted, are operating outside what Meta sanctions.
AdAdvisor has completed Meta's App Review and is a Meta Business Partner. When you connect through AdAdvisor, your AI is talking to Meta's API through a channel Meta recognizes and approves. That's the difference between a sanctioned integration and an unauthorized one.
Danger 2: Unusual activity, even with an approved MCP
This one catches people even when they're using a legitimate, approved MCP server. It has nothing to do with which tool you're using. It's about how you're using it.
Meta monitors ad accounts for unusual activity patterns. This makes sense from their perspective: they're protecting advertisers from unauthorized access and protecting the platform from abuse. What triggers their systems is activity that looks abnormal compared to how a human would manage an account.
The clearest example: launching 100 campaigns in two minutes. A human media buyer doesn't do that. Meta's systems see a burst of API calls that no person could generate manually, flag it as suspicious, and can ban the account.
This applies regardless of which MCP you use
Even if you're connected through a fully approved MCP server, making a large volume of changes in a very short period can get your account flagged. Meta tracks activity patterns, not just connection types. Unusual volume is unusual volume.
The same logic applies to other patterns: changing budgets across dozens of ad sets simultaneously, creating and deleting campaigns in rapid succession, or running bulk operations that would take a human hours in the space of seconds.
The rule of thumb
Use AI to make better decisions faster, not to do things at a speed or volume that a human never would. If an action pattern would look strange coming from a person manually using Ads Manager, it will look strange to Meta's systems too.
AdAdvisor's approval-first workflow is designed specifically to prevent this. Every change your AI recommends requires your explicit approval before it executes. You're not clicking approve on 100 changes at once. You're reviewing one recommendation at a time, which keeps your activity pattern looking exactly like what it is: a human making informed decisions with AI assistance.
How to connect AdAdvisor MCP safely
There are two ways to set up the AdAdvisor MCP connection. Both are safe. The difference is mainly in convenience and how often you need to re-authenticate.
Method 1: Claude connectors (quickest to set up)
This is the fastest way to get started and works directly inside Claude.ai on Pro, Max, Team, and Enterprise plans. You connect through Claude's built-in connectors interface, which handles OAuth automatically.
1. Open Claude and go to Settings
2. Click Connectors
3. Click Add Custom Connector
4. Paste the AdAdvisor MCP server URL: https://api.adadvisor.ai/mcp
URL: https://api.adadvisor.ai/mcp
5. Name it AdAdvisor and save
6. Claude will open a browser window to log in to your AdAdvisor account via OAuth
Worth knowing
With this method, OAuth tokens refresh automatically but may occasionally require you to reconnect every few days. This is a security feature, not a bug. When it happens, just repeat the connector login step. It takes about 30 seconds.
Method 2: Manual config (more stable, no reconnection)
If you want a more permanent setup that doesn't need periodic reconnection, use the manual configuration method via API key. This works across Claude Code, Claude Desktop, Cursor, VS Code, Windsurf, Gemini CLI, Codex, and any other MCP-compatible tool.
First, create an API key in your AdAdvisor account under Settings > MCP Server. Then add the following to your client's config file:
For Claude Code (run in terminal):
claude mcp add adadvisor \ --transport http \ --scope user \ https://api.adadvisor.ai/mcp \ -- --header "Authorization: Bearer YOUR_API_KEY"
For Claude Desktop, Cursor, or VS Code (add to your config file):
{ "mcpServers": { "adadvisor": { "type": "http", "url": "https://api.adadvisor.ai/mcp", "headers": { "Authorization": "Bearer YOUR_API_KEY" } } } }
Replace YOUR_API_KEY with the key from your AdAdvisor account. Once it's in, the connection is stable and doesn't require periodic re-authentication.
The full setup guide for every supported client, including Gemini CLI, Codex, and Windsurf, is available here.
The safe MCP checklist
Before you connect any MCP server to a live Meta Ads account, run through this:
- The MCP server uses the official Meta Marketing API, not browser automation or DOM scraping
- The app has completed Meta's App Review process
- The tool or platform is a Meta Business Partner, or can demonstrate equivalent API compliance
- Changes to your account require your explicit approval before executing
- You're not running bulk operations that would look abnormal compared to manual account management
- OAuth tokens are handled securely and credentials are not stored in plaintext
AdAdvisor meets all of these. If you're evaluating any other MCP tool, apply the same checklist.
Start Free
AdAdvisor's MCP server is available on every plan, including the free tier. Connect your Meta account, set up your AI tool of choice, and your AI has live access to your campaigns.
