There is a version of AI agent adoption in PPC that makes sense to me: automating reporting workflows, surfacing anomalies faster than a human review cycle, and generating first drafts of keyword lists for a practitioner to double-check.
These are legitimate uses because they remove friction from repeatable tasks without removing the human from the decisions that actually matter.
That is not what’s being sold right now.
What’s being sold right now is the idea that an AI agent can run your Google Ads account. System prompts, multi-agent workflows, the whole stack, all of which come with a nice tidy price tag of $1,000+ per month and the belief that you can hand over the keys, sit back & relax. The content selling this is everywhere, and most of it conveniently skips the part where someone explains what happens when things go wrong.
What Benjamin Wenner’s PPC agent research actually found
Two pieces in Search Engine Land caught my attention, both written by Benjamin Wenner. In his June 2025 piece on building AI agents in PPC, he’s explicit that even well-built agent systems require “regular reviews, strategic guidance, and override mechanisms” for sustainable performance.
His October 2025 follow-up looked at where this is headed by 2030. He lays out the accountability questions the industry has yet to answer: who is responsible for errors, what happens when agents make decisions you disagree with, and how do you verify an agent’s claims about its performance?
He frames these as challenges that “will shape how the technology develops,” not obstacles that have been solved. The gap between that framing and what’s actually being packaged and sold right now is significant – it needs more attention.
Why account size and data density matter for AI Agents
What makes Benjamin’s perspective worth paying attention to is that he’s not speculating. He presented the results of actual agent testing at ADworld Experience in Bologna last year, and the findings are more nuanced than the content flooding my feed would suggest. His data points to two conditions that determine whether an agent can do reliable work: account size and data density.
The sweet spot he identified was accounts in the $5,000-$35,000/month range; outside that window, either the data is too thin, or the complexity is too high for the agent to function well. Within that range, data density within the account structure was the deciding factor. Fragmented, granular accounts produced unreliable results regardless of spend level.
The bot attack example that explains the core risk
The failure that stuck with me most from his testing: a bot attack and traffic spike got interpreted as a positive signal, and budgets were increased. The system read what it saw, drew a conclusion, and acted. That’s the problem in one sentence.
So when someone is charging $1,000+ a month to hand an agent the keys to a client’s account, they’re not just skipping past the open questions; they’re billing for a solution to a problem that, by the industry’s own admission, hasn’t been solved yet.
“Claudit®” and the danger of context-free AI audits
That problem has a name now, courtesy of Kirk Williams. He coined “Claudit®” to describe what happens when someone runs a one-shot AI audit without the account context needed to interpret the results. His point, which aligns with mine, is that aggregated best practices applied without history produce confident recommendations that may be completely wrong for that specific account.
The campaign is structured the way it is for a reason, and the agent doesn’t know the reason. Even without the context, it optimizes anyway, and the output looks authoritative because the output always looks authoritative.
The real risk: Quiet, hard-to-trace failures
This is what concerns me most. It’s not that the agent will fail, because it will. It’s that it will fail in ways that are hard to trace, and by the time the numbers tell the story, the decisions that caused it are buried in a workflow nobody fully reviewed.
The Referral Rock case study: When automation breaks slowly
This isn’t hypothetical either. A friend of mine, Josh, founder of Referral Rock, reached out to me recently after his campaign had stopped spending entirely. Competition in his space had intensified significantly over the preceding year; CPC had risen nearly 52% year over year, and CPA had more than doubled. In late October 2024, he made a call that seemed logical: switch strategies and set a tCPA anchored to his costs from the prior year. The problem is that the target was already 36% below the actual market CPA at the time.
Why AI agents struggle with market context
The system had no viable path from day one, and nothing flagged it. Impressions declined steadily, conversions dropped 93.94% year over year, and by November 2025 the campaign had effectively stopped serving entirely. It took 13 months of frustration and having me take a look at the account in April 2026 to surface what had actually happened.
Josh is sharp and was doing his best. Now imagine that same scenario with inputs set by an agent that had no visibility into how competition had shifted, no knowledge of what CPAs had looked like the year before, and no one reviewing the logic before it went live.
Which now brings me to the part nobody seems to want to talk about: the terms-of-service problem.
Why unauthorized PPC automation can put accounts at risk
Meta has already moved to restrict unauthorized automated tools interacting with its ad platforms, and the pattern of account-level risk from third-party automation isn’t new. Google’s terms have long prohibited automated tools that interact with the platform in ways that aren’t explicitly authorized.
An AI agent making decisions and pushing changes through unofficial integrations is not a grey area like most are making it seem. It’s the kind of thing that gets accounts flagged, limited, or suspended, and when that happens, nobody charging for the agent is standing behind the account loss.
The accountability gap in AI-Driven campaign management
The accountability gap is the thing I can’t get past. When a human analyst makes a bad call, there is a conversation to be had. The context exists, the reasoning can be reconstructed, and the error can inform a better decision next time.
But when an automated system executes a change that tanks performance or triggers a policy flag, and nobody on the team can explain why the system did what it did, you’ve lost something that matters more than the wasted budget, and that’s the ability to learn from it.
The hidden danger of “Reasonable-Looking” AI decisions
This is what I keep coming back to when I see the AI agent content flooding my feed. The risk isn’t that the agent will do something obviously wrong. The risk is that it will do something that looks completely right, a sensible strategy, a reasonable target, a clean change history, and the account will quietly deteriorate for months before anyone connects the dots.
Business owners are running businesses; they’re not in the account every week, interrogating the logic behind every setting. That’s the whole reason they hired someone in the first place!
If AI is Ppushing the buttons, what is the human role?
If the bot is pushing the final button, what exactly are you paying a human for? And if the answer is “nothing,” then why not just enable Auto-Applied Recommendations and call it a day? At least Google built those with terms-of-service compliance baked in.
Automation requires human oversight, not blind trust
I have said it before, I will say it again: Automation expands, so control needs to stay intentional. The system will follow its instructions; the hard part is making sure the instructions were right to begin with, and that requires a human who actually understands what they’re asking the system to do.
