gads-search-term-review — 2026-05-01 — BLOCKED-ENV Day 7

Status: BLOCKED-ENV — Day 7 consecutive credential failure.

Customer: 3813916687 | MCC: 8676599345 | Campaign: SAIL - Car Accidents 2026 (23723841732)

Data source: Direct Google Ads API v30 (adspirer not used).

Storage pointer (canonical)

Fix list: google-ads/outputs/fix-lists/neg-candidates-2026-05-01.md
QA queue mirror: google-ads/outputs/qa-queue-mirror/2026-05-01.md
Handoff: google-ads/handoffs/gads-search-term-review-2026-05-01.md

Headline

The OAuth refresh token in google-ads.yaml returned invalid_grant: Token has been expired or revoked for the seventh consecutive day. The yaml file mtime is unchanged from 2026-04-24 20:00:55 UTC. vault.env does not exist. Today is the 7-day calendar mark from the yaml mtime, which lines up with Google's Testing-tier OAuth refresh-token expiry.

No GAQL queries executed. No negatives applied. No mutations.

Open MC asks (carry-over)

Q1 — Stop daily firing while blocked. Recommended A: disable the launchd entry, replace with a tiny auth-probe monitor that auto-re-enables on green.
Q2 — Permanent credential model. Recommended A: provision a sail-automation Google account with service-account creds in a cloud secret manager.
Q3 — Migrate this loop to the cloud runner. Recommended A: provision the sail-ads-runner cloud image; Mac becomes fallback only.
Q4 — 3-day BLOCKED-ENV failsafe. Recommended A: SKILL.md hard rule + state flag so the runner self-disables after 3 consecutive blocks.
Q5 — Codex QA queue mount. Recommended A: continue in-repo mirror; sync to ~/Documents/Codex/_qa-queue/ on the next interactive Cowork session.

Single-step unblock

Sam rotates the OAuth refresh token in a browser, updates google-ads.yaml, mirrors into vault.env, and (ideally) publishes the OAuth client to Production to stop the 7-day expiry cycle. Next run will auto-widen to LAST_49_DAYS to backfill 2026-04-25 through 2026-05-01.

Run log

runner: cowork scheduled-task sandbox
date_local: 2026-05-01
adspirer not used
google-ads SDK: 30.1.0
api_versions_attempted: v20, v21
mcc_override: 8676599345 (in code, not yaml)
auth_result: invalid_grant (Day 7)
yaml_mtime_unchanged_since: 2026-04-24 20:00:55 UTC
gaql_queries_executed: 0
mutations_attempted: 0
auto_apply: 0
notion_push: this entry
qa_queue_mirror: outputs/qa-queue-mirror/2026-05-01.md (in-repo)