Claude Ads v2 goes public. This is a documentation and metadata patch on top of v2.0.0, adapting the release surface for the public repository. No code-contract, scoring, catalog, or behavior changes.
Changed
- User-facing repository links (README install paths,
SUPPORT.md,SECURITY.md,CODE_OF_CONDUCT.md,CONTRIBUTING.md, issue templates,CITATION.cff, plugin and marketplace manifests) now point to this public repository, so installation, issues, discussions, and private vulnerability reporting work without AI-Marketing-Hub org access. - Installer default clone source (
install.sh,install.ps1) retargeted to this repository. - PDF report footer and page-fetch User-Agent contact URL now reference this repository.
- README documents the dual-distribution model and the native Claude Code plugin flow.
AI Marketing Hub Pro members: the community mirror at AI-Marketing-Hub/claude-ads carries the same release plus early access to what ships next.
Install
Claude Code plugin flow:
/plugin marketplace add AgriciDaniel/claude-ads
/plugin install claude-ads@ai-marketing-hub-claude-ads
Or from a local clone:
git clone https://github.com/AgriciDaniel/claude-ads.git
cd claude-ads
bash install.sh --source=localSee the v2.0.0 release notes for the full v2 story: twelve platform contracts, source-grounded audits, deterministic scoring, versioned JSON reports, and capability-gated account changes that stay read-only by default.
Verification
scripts/release.py auditgreen on all tracked files (path portability, sensitive-content, manifest-consistency checks).- Full pytest suite green locally on the release commit (Python 3.11, hash-locked dependencies,
pip checkclean). - Full git history for the published range scanned for secrets, personal emails, and local paths: clean.
- Reproducible release artifacts attached below (deterministic zip, release manifest, CycloneDX SBOM, SHA256SUMS). Verify integrity with:
python scripts/release.py verify --output-dir <download-dir> --expected-commit <release-commit-sha>Known issue
pip-audit reports five pillow 12.2.0 advisories (PYSEC-2026-2253 through PYSEC-2026-2257; all fixed upstream in pillow 12.3.0) against the hash-locked runtime dependency set. Pillow is used by the optional creative/reporting paths. The upgrade lands in a follow-up patch because this project's dependency evidence chain (16-target wheel hashes, license provenance, bundled notices, SBOM trust anchors) must be regenerated and independently reviewed for any dependency change. The CI pip-audit step will flag exactly these advisories until then; that gate is working as designed and is intentionally not suppressed.