Seisoai
ReviewAudited by ClawScan on May 10, 2026.
Overview
Seisoai is a coherent media-generation gateway, but it should be reviewed because its instructions allow paid x402 requests without clear user confirmation or spending limits.
Before installing, decide whether the agent is allowed to spend money through x402. Prefer a scoped API key, require explicit confirmation before paid calls, check prices first, and use the agent-scoped orchestration routes only for clearly requested tasks with an exact agent ID.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent has access to a compatible wallet or payment mechanism, it could incur USDC costs for media generation without a clearly documented confirmation step.
The skill instructs agents to fall back to a paid request mechanism, but the visible instructions make price checking optional and do not require user approval or spending limits before payment.
"Optionally pre-price inputs" ... "Invoke with API key or x402" ... "If you do not have a key, use x402 pay-per-request."
Require an explicit user confirmation before any x402 payment, make price lookup mandatory, and document budget limits or per-request caps.
Using the skill may involve account credentials or wallet/payment authorization for Seisoai requests.
The skill needs provider API-key or payment authority, which is expected for this gateway, but users should notice that the registry metadata does not declare a primary credential.
"Auth: `X-API-Key` or x402 payment (USDC on Base)."
Use a scoped project API key where possible, avoid sharing unrelated credentials, and confirm what wallet or payment authority is available to the agent.
Prompts, media references, or task context may be sent to specific Seisoai agent workflows when the user asks for that behavior.
The skill can invoke or orchestrate provider-side agents, but it also documents controls requiring explicit task need, exact agent binding, current credentials, tool allowlisting, and ambiguity stop conditions.
"Agent-scoped: ... `POST /api/gateway/agent/{agentId}/invoke/{toolId?}` ... `POST /api/gateway/agent/{agentId}/orchestrate`" and "Default posture: deny by default for agent-scoped routes"Only use agent-scoped routes for explicit user requests, verify the exact agent ID, and keep the documented allowlist and no-recursion safeguards in place.