UGC Factory
WarnAudited by ClawScan on May 10, 2026.
Overview
This paid external content API is mostly coherent, but it explicitly supports autonomous public posting and watermark removal without clear approval, account, or safety boundaries.
Use this only if you are comfortable with a paid external service generating and managing social-media content. Require manual approval before any paid generation job, upload, automation rule, or public post, and do not use watermark removal or upload private media unless you have verified the provider and your rights to the content.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent could publish or schedule reputationally harmful, incorrect, spammy, or policy-violating content if the user does not manually review it first.
The skill explicitly encourages an agent to create and schedule public content without a human approval step, which is high-impact social-media automation.
Your agent can go from idea to published content autonomously: generate a script, pick a voice and avatar, pull B-roll from Pexels or Pixabay, produce the video, and schedule it for posting.
Require explicit user approval before creating posts, scheduling posts, or enabling TikTok automation rules; keep generated content in draft form by default.
Users or agents could remove ownership or licensing marks from media, creating legal, platform-policy, or brand-risk exposure.
The API advertises watermark removal, but the artifact does not describe ownership, licensing, or consent checks.
| POST | /api/ugc/media/:id/strip-watermark | $0.05 | AI watermark removal |
Use watermark removal only on media the user owns or is licensed to modify, and add a confirmation step that records the rights basis before use.
Autonomous use could incur repeated small charges, and social-posting endpoints could affect connected accounts if those integrations are enabled.
The paid API model is disclosed, but the artifacts do not describe spending limits or per-call approval behavior for autonomous use.
All endpoints require x402 payment (USDC on Base L2).
Set spending limits and require confirmation before paid calls that create jobs, upload media, or schedule/publish content.
Users have limited ability to verify who operates the service, its policies, or how the paid API behaves beyond the provided instructions.
The skill has no local code, but users are directed to rely on an external gateway without a source repository or homepage for independent verification.
Source: unknown; Homepage: none
Verify the provider, terms, pricing, and data-handling practices before sending content or payment-authorized requests.
Uploaded media, prompts, templates, and analysis data may be stored by the external service and could include private or commercially sensitive material.
The API includes persistent user content stores such as media libraries and prompt presets, but the artifact does not describe retention, deletion, or reuse boundaries.
| GET | /api/ugc/media | $0.001 | List media library | ... | POST | /api/ugc/prompt-presets | $0.01 | Create prompt preset |
Avoid uploading sensitive or confidential media unless the provider's retention and deletion controls are acceptable.