>_

SpendSignoff documentation

The always-on operator for your ad accounts. Read and draft from your AI client — approve before anything goes live.

Knowledge base

Computer-use agents and SpendSignoff

Computer-use agents click through browser UIs. SpendSignoff speaks the ad platform APIs directly. They solve different problems, and when they share a host AI client you need to know which one is driving.

Your AI can read and draft — it can never spend without your approval.

What computer-use means in this context

A computer-use agent receives screenshots and emits mouse and keyboard events. Anthropic ships this capability under the tool name computer_use. The agent can fill the Google Ads UI, click Save, and the change goes live — no draft, no approval queue, no audit log.

SpendSignoff is not that. It calls the Google Ads and Meta Marketing APIs through its own OAuth tokens. Every write goes through propose_change, lands in your approval queue as a before-after diff, and only reaches the ad platform after you run the two-step confirmation.

Where the approaches differ

  • Auth surface — computer-use re-uses the UI session; SpendSignoff holds separate server-side OAuth tokens vaulted under KMS.
  • Change record — computer-use leaves no structured trace in SpendSignoff; the MCP path produces a KMS-signed audit entry for every approved action.
  • Approval gate — a computer-use agent can click Confirm in the Google Ads UI and spend money immediately; SpendSignoff requires the Approve & push live → Confirm control inside the SpendSignoff app, not the ad platform UI.
  • Error recovery — if a computer-use agent misreads a pixel and edits the wrong campaign, the only record is the ad platform change history. SpendSignoff rollback reverts in one click from the audit log.

Computer-use bypasses the approval gate

If you give an AI client computer_use access to a Google Ads session, it can spend money without your approval. SpendSignoff does not protect you from that — it is a separate tool with a separate scope. Keep the two strictly separated if you run both.

Using both on the same AI client

Claude Desktop and Claude Code can load both the SpendSignoff MCP server and the computer-use capability at the same time. There is no conflict at the protocol level. The risk is prompt confusion: if your instruction is ambiguous, the AI may choose one tool over the other.

The safe pattern is explicit: tell the AI to use SpendSignoff for all ad account work and never use computer_use on any ad platform UI. Better still, disable computer-use for the Claude Desktop profile you use for ad management.

Why SpendSignoff does not build on computer-use

The ad platform APIs expose structured, versioned endpoints with field-level precision. A computer-use path is fragile — UI redesigns break it, platform A/B tests break it, and the change record is a screenshot. APIs age better and fail predictably.

More importantly, an API write can be vetted before it executes. A computer-use click cannot.

Next

Safety

Draft-before-live, the approval gate, and rollback.

    Computer-use agents and SpendSignoff — SpendSignoff Docs