Google Ads Scripts plus an AI agent is the cheapest account-QA automation an agency can ship in 2026: a scheduled JavaScript layer that already lives inside every Google Ads account, wired to an LLM through UrlFetchApp for the judgment calls a regex can't make. There's no infrastructure to stand up, no API developer token application, and Google ships official templates for much of the deterministic ground.
The stakes are agency-ops stakes, not moonshot stakes. A broken final URL burns spend silently. A disapproved ad stops serving without anyone noticing until the client does. A campaign that fronts 60% of its monthly budget by mid-month forces an awkward conversation. Each of these is detectable by a script that runs every hour — and the interesting 2026 development is that the same script can now hand ambiguous cases to a language model mid-run and act on the classification that comes back.
This playbook covers the Scripts runtime and its real limits, a four-check QA coverage map showing what Google templates natively versus where the AI layer adds value, the UrlFetchApp integration pattern (Google refreshed that exact doc on July 15, 2026 — the day before this post), illustrative budget-pacing thresholds, and the multi-factor authentication change that quietly rewired credential setup for new deployments in April.
- 01Scripts are a free, scheduled QA runtime.Google Ads Scripts run JavaScript in a browser-based IDE and execute on a schedule without an active user session — capped at 30 minutes per run, 250 authorized scripts per account, and 50,000 iterator results by default.
- 02Four checks cover most agency-ops risk.Broken final URLs, ad disapprovals, budget-pacing drift, and pre-emptive policy-risk triage. Google's official solution templates — Link Checker, Account Anomaly Detector, Flexible Budgets — cover much of the deterministic ground.
- 03UrlFetchApp is the AI bridge.Scripts call third-party APIs — including LLM endpoints — via UrlFetchApp, with API-key, HTTP Basic, and OAuth 1.0/2.0 auth documented. Google refreshed that integration doc on July 15, 2026.
- 04Pacing thresholds are conventions, not spec.The widely repeated 10%-over / 20%-under / 60%-by-the-20th alert thresholds are practitioner heuristics, not a Google standard. Treat them as starting points to tune per account, never as canon.
- 05MFA changed credential setup in April 2026.Mandatory multi-factor authentication began rolling out April 21, 2026 for new Google Ads API and Scripts OAuth refresh tokens. Existing tokens kept working, and service accounts — the right pattern for unattended automation — were unaffected.
01 — The RuntimeA scheduled JavaScript layer with hard limits.
Google Ads Scripts sit in an underrated middle tier of the automation ladder — above rules and recommendations, below full Google Ads API automation. They run inside the Google Ads UI, need no developer token, and crucially can execute on a schedule without an active user session. That last property is what makes an unattended QA agent possible at all.
"Google Ads scripts provide a way to programmatically manage and query your Google Ads data using JavaScript in a browser-based IDE."— Google Ads Scripts product overview, updated June 2026
The limits matter more than the pitch, because they shape what a QA agent can realistically do per run. Per Google's Scripts limits documentation, every number below is a hard ceiling you design around, not a soft quota you negotiate.
Per script run
Every single-account script run is capped at 30 minutes. Manager-account (MCC) scripts can extend to 60 minutes using executeInParallel with a callback — the pattern that matters for multi-account QA.
Iterator results by default
Selectors return at most 50,000 results by default, and selector.withIds() accepts at most 10,000 IDs per call. Large accounts need progress tracking across multiple runs — the official Link Checker template models this.
Authorized scripts per account
An account holds at most 250 authorized scripts, and logging output truncates at 100 KB per run. Bulk uploads triggered from Scripts cap at 50 MB and 1,000,000 rows with a 2-hour job timeout.
Read those limits together and the design constraint is clear: a Scripts-based QA agent is a sampler and escalator, not a full-account crawler. It checks what changed, batches what it can inside 30 minutes, persists progress between runs, and escalates judgment calls — to a human, or increasingly to an LLM call that fits inside the same run window.
02 — Coverage MapFour checks, and where the AI layer genuinely earns its keep.
Most agency-ops risk in a Google Ads account concentrates in four failure modes: final URLs that break, ads that get disapproved, budgets that pace off-plan, and policy-risky copy that ships before anyone flags it. Google's own documentation describes its solution templates in isolation, and competitor writeups list scripts one-by-one — so we mapped the whole stack in one table. The deterministic columns are sourced from Google's solution docs and widely used practitioner patterns; the AI-layer column is our analysis of where an LLM adds value a threshold can't.
| QA check | Official template | Deterministic mechanism | Where the AI layer adds value | Suggested cadence |
|---|---|---|---|---|
| Covered natively by Google solution templates | ||||
| Broken final URLs | Link Checker (v4.1) | HTTP response-code checks on ad, keyword, and sitelink final URLs; tracks progress across runs for large accounts; custom failure-string or JavaScript validation hooks | Catch pages that return 200 but fail in practice — empty templates, out-of-stock pages, off-brand redirects — via LLM classification of fetched page text | Daily |
| Budget pacing drift | Flexible Budgets + Account Anomaly Detector | Anomaly Detector compares impressions, clicks, conversions, and cost against the same day/hour across 26 prior weeks by default; Flexible Budgets re-writes daily budgets on an even or weighted distribution | Narrate why spend drifted and rank which campaigns need a human today, instead of firing raw threshold alerts | Hourly (detector) · daily near midnight (budgets) |
| Community patterns and the genuine agent-layer gap | ||||
| Ad disapprovals | None — established community pattern | GAQL query on approval_status = 'DISAPPROVED' across enabled campaigns and ad groups; writes campaign, ad group, ad ID, and policy topic to a sheet plus email alert | Triage severity by policy topic and draft compliant rewrite suggestions for human review | Hourly or daily |
| Policy-risk flags (pre-emptive) | None | No deterministic mechanism exists — you only learn about policy problems after the disapproval lands | The genuine gap: LLM classifies ad copy and landing-page text for likely policy triggers before an ad ships or a disapproval hits | On every ad-copy change · weekly sweep |
The pattern the table exposes is the thesis of this post: Google already automates the checks a machine can decide deterministically. A URL either returns a bad status code or it doesn't; spend either deviates from a 26-week baseline or it doesn't. The AI layer earns its keep exactly where the decision requires reading — judging whether a page that loads is actually a good landing page, whether ad copy is likely to trip a policy topic, and which of this morning's twelve alerts deserves the account manager's first hour.
03 — Official TemplatesStart from Google's solutions gallery, not a blank editor.
Google's Scripts solutions gallery is the closest thing to an official starter kit for account QA: it currently lists Account summary, Account anomaly detector, Ad performance, Common negative list, Flexible budgets, and Link checker among its first-party templates. Three of them map directly onto the QA stack above, and all three were last updated June 24, 2026 — these are maintained docs, not abandonware. (The Scripts platform itself keeps moving too: the April 22 Merchant API migration inside Google Ads Scripts is the most recent example of Google changing what scripts can touch.)
Link Checker
Checks final URLs for bad HTTP response codes, tracks progress across multiple runs for accounts too large to scan in one pass, and supports custom failure-string or JavaScript-based validation. Email alerting has three triggers: after each run, after a full account scan, or unconditionally.
Account Anomaly Detector
Flags an account behaving too differently from what's historically observed, comparing the current period against the same day and hour across a configurable number of prior weeks — 26 by default. Sends at most one alert email per day and accounts for up to 3 hours of reporting lag.
Flexible Budgets
Dynamically re-writes a campaign's daily budget using an even-distribution or back-loaded weighted formula, driven by a CONFIG object with total budget, campaign name, and start/end dates. Intended to run once daily near midnight local time.
The strategic read: clone these templates first, then spend your build budget on the gaps. An agency that hand-rolls its own URL checker is re-implementing multi-run progress tracking Google already wrote and maintains. The differentiated work is the classification and triage layer on top — which is exactly the part the templates don't cover and the next section wires in.
04 — The AI LayerUrlFetchApp: one HTTP call from script to LLM.
The bridge between a Google Ads script and a language model is unglamorous: UrlFetchApp, the built-in HTTP client Scripts inherit from Apps Script. Google's Third-Party APIs documentation — updated July 15, 2026, the day before this post published — covers GET and POST requests with API-key, HTTP Basic, OAuth 1.0, and OAuth 2.0 authentication, including client-credentials, refresh-token, and auth-code grants. Any LLM endpoint that speaks JSON over HTTPS is reachable with the same mechanism.
The core pattern, framed generically (community gists document OpenAI-specific versions, but treat those as illustrative snippets rather than reference implementations):
// Illustrative UrlFetchApp pattern — adapt to your LLM provider.
const response = UrlFetchApp.fetch(API_URL, {
method: "post",
contentType: "application/json",
headers: { Authorization: "Bearer " + API_KEY },
payload: JSON.stringify({
model: MODEL_ID,
messages: [
{
role: "user",
content: "Classify this ad copy for policy risk: " + adCopy,
},
],
}),
muteHttpExceptions: true,
});
const result = JSON.parse(response.getContentText());Three operational realities keep this honest. First, quotas stack: UrlFetchApp calls inside Scripts are subject to Apps Script's own service quotas, which Google's docs explicitly tell advertisers to check before building an integration. Second, latency eats the run cap — every LLM round-trip comes out of the same 30-minute window, so classify in batches (one call scoring twenty ads beats twenty calls) and reserve the LLM for items your deterministic filters already flagged as ambiguous. Third, keep the agent read-only at first: write findings to a sheet and an email, and only graduate to mutations (pausing an ad, adjusting a budget) after weeks of watching the classifications hold up.
No verified source quantifies a dollar or hours-saved figure for this pattern, so we won't invent one. The qualitative case is strong enough: checks that previously ran when someone remembered now run hourly, and the judgment step that made them human-dependent becomes a model call. It's the same shift we build toward in our paid media engagements — automation handling the floor so senior judgment handles the edge cases.
05 — Pacing HeuristicsBudget-pacing thresholds are conventions, not spec.
Here's where most writeups oversell. Community pacing scripts commonly alert when a campaign is projected to overspend its monthly budget by more than 10%, to underspend by more than 20%, or when it has burned more than 60% of the month's budget before the 20th. Those numbers are repeated across practitioner posts often enough to feel official. They aren't — no Google specification defines them. Treat the chart below as a set of illustrative starting points an agency tunes per account, not a standard.
Common pacing-alert heuristics · tune per account
Source: aggregated practitioner conventions — illustrative starting thresholds, not a Google specificationThe right thresholds depend on the account's shape. A lead-generation account with weekday-weighted conversion patterns should expect to front-load spend; a 60%-by-the-20th alert would fire constantly and train the team to ignore it. An ecommerce account pacing into a month-end promotion inverts the logic entirely — that's what the Flexible Budgets template's weighted, back-loaded distribution exists for. This is also the check where the LLM layer is least necessary: pacing arithmetic is deterministic, and the agent's job is only to narrate the why and rank the response — the math itself needs no model.
Our projection: as more agencies wire LLM calls into pacing scripts, the differentiator won't be the thresholds — it will be alert quality. A model that reads the anomaly, the change history, and the campaign's promo calendar, then writes two sentences a client-facing account manager can forward, turns an alert stream into a briefing. Alert fatigue, not detection, is the failure mode these systems die of.
06 — CredentialsThe MFA change that rewired setup in April.
The setup detail agencies building these agents in 2026 must plan around: Google began rolling out mandatory multi-factor authentication for new Google Ads API, Scripts, and Google Ads Editor OAuth 2.0 refresh tokens starting April 21, 2026, with full enforcement over the following weeks — announced on the Google Ads Developer Blog on April 17 and corroborated by trade press the same day.
"Google will begin rolling out mandatory MFA for the Google Ads API starting April 21, with full enforcement expected over the following weeks."— Anu Adegbola, Paid Media Editor, Search Engine Land, April 17, 2026
Two clauses keep this from being a fire drill. Existing OAuth refresh tokens continued working without interruption — nothing already deployed broke on April 21. And service-account-based workflows, which Google recommends for unattended automation, were unaffected. The practical guidance falls out directly: anything that runs on a schedule with no human present belongs on a service account, and any new user-credential OAuth flow now assumes an MFA-capable identity — plan for that in client onboarding rather than discovering it mid-deployment.
One adjacent scope note, hedged deliberately: trade-press and vendor writeups report that new BigQuery Data Transfer Service configurations for Google Ads also fall under the MFA-backed individual-user requirement as of early May 2026 — relevant if you pipe Scripts output into BigQuery for QA dashboards — but that specific timing rests on secondary sources, so confirm it against Google's own documentation before planning around it. The MFA move also lands in a broader context of Google tightening account access; our Google Ads account security and hijacking-prevention audit covers the fuller checklist.
07 — Agency OpsScaling from one account to an MCC — and knowing when to leave Scripts.
A single-account QA agent is an afternoon project. An agency running the same stack across a manager account is an architecture decision, and the Scripts limits from Section 01 become the design constraints: MCC scripts get 60 minutes only via executeInParallel with a callback, each account holds at most 250 authorized scripts, and every LLM call spends shared run time. The decision matrix:
Official templates, lightly customized
Clone Link Checker, Anomaly Detector, and Flexible Budgets per account. Add the community GAQL disapproval alert. No AI layer yet — get the deterministic floor reliable first.
Scripts + LLM triage layer
One MCC-level script fans out via executeInParallel, batches ambiguous findings, and makes consolidated LLM calls for policy-risk and landing-page classification. Findings land in one sheet per client plus a daily digest.
API + Cloud reference architecture
When 30-minute windows and iterator caps pinch, the pattern Google's own (older, 2024-era) Ads Policy Monitor models — daily GAQL snapshots into BigQuery via Cloud Functions on a scheduler, dashboarded in Looker Studio — is the shape to graduate toward.
A managed paid-media agent
QA is one subsystem of a full management agent — bidding, budgets, creative rotation, reporting. That build is a different scope with different guardrails, covered in our dedicated playbook.
Two references anchor the graduation path. Google's open-source Ads Policy Monitor (google-marketing-solutions on GitHub, Apache-2.0) pulls a daily GAQL snapshot of ad and asset policy approval status into BigQuery with a Looker Studio template — but its last release, v2.0.2, dates to July 2024, so treat it as an architecture reference rather than an actively maintained 2026 tool. And the Ads API itself is on a brisk cadence — v24 shipped April 22, 2026, with v24.1 and v24.2 following in May and June — which is a real maintenance cost Scripts users don't pay. We cover that trade-off in the v23 management and April 2026 core-update playbook, and the full autonomous-management build in our paid-media PPC management agent guide.
08 — ConclusionAutomate the floor, reserve judgment for the edge.
Templates first, LLM second, mutations last.
The playbook compresses to three moves. Clone Google's official templates — Link Checker, Account Anomaly Detector, Flexible Budgets — and add the community GAQL disapproval alert; that's the deterministic floor, maintained by someone else. Then wire in the LLM via UrlFetchApp only where reading is required: pre-emptive policy-risk triage, landing-page quality beyond status codes, and alert summarization. Keep it read-only until the classifications have earned trust.
Respect what's convention versus what's spec. The 30-minute run cap, the 250-script limit, and the April 21 MFA rollout are hard facts you design around. The 10/20/60 pacing thresholds are community heuristics you tune. Confusing the two categories is how teams end up either over-engineering against imaginary rules or treating folklore as compliance.
The larger arc: account QA is quietly becoming the first place agencies deploy a real agent, because the blast radius is small and the value is immediate. A scheduled script that reads, flags, and explains is a low-stakes rehearsal for the paid-media agents that will eventually act. The agencies that build the rehearsal now will trust their agents first.