Skillv1.0.0

ClawScan security

Pixshop MCP — 28+ AI Creative Tools · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 8, 2026, 8:01 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill is an instruction-only integration for Pixshop and mostly coherent, but it omits how authentication/credentials are handled and declares tooling (Bash) it doesn't use — these mismatches merit caution before installing.
Guidance: This is an instruction-only integration that points your client at https://pixshop.app/api/mcp so the client can call Pixshop's image/video tools. Before installing: (1) Confirm how your client will authenticate to Pixshop (API key, OAuth, browser session); the skill does not declare or explain credentials. (2) Review Pixshop's privacy/terms — the service will receive any images you upload (face-swap, virtual try-on, ID-photo etc.), which may be sensitive. (3) Verify the endpoint URL is correct and from the official domain (pixshop.app). (4) Ask the skill author why 'Bash' is listed as an allowed tool even though no shell commands are provided. If you need the integration to run without sending images to an external service, do not install. If these questions are answered satisfactorily, the skill appears coherent with its stated purpose; otherwise proceed cautiously.

Review Dimensions

Purpose & Capability: noteThe name/description claim a Pixshop MCP integration providing 28+ image/video tools, and the SKILL.md describes those tools and parameters. That aligns with the stated purpose. However, the doc repeatedly notes a Pixshop account and credits are required yet the skill declares no credentials or auth mechanism — it's unclear how the client will authenticate to pixshop.app.
Instruction Scope: noteThe runtime instructions are limited: add an MCP server entry pointing to https://pixshop.app/api/mcp and restart the client. They do not instruct reading unrelated files or environment variables. Two items to note: (1) SKILL.md lists allowed-tools: Bash and Read, but contains no Bash commands or shell setup — a small inconsistency. (2) The instructions do not describe how user content (images, face-swap inputs) will be uploaded/handled or retained by the external service, which is important for privacy.
Install Mechanism: okThere is no install spec and no code files — the skill is instruction-only. This is lower risk because nothing is downloaded or written to disk by the skill itself.
Credentials: concernThe skill declares no required environment variables or primary credentials even though it requires a Pixshop account to operate. The absence of any declared credential handling (API key, token, cookie/session handling) is an incoherence: either authentication is expected to be handled outside the skill (client/browser session) or the README omitted necessary details. This should be clarified before trusting the integration.
Persistence & Privilege: okThe skill is not always-enabled, is user-invocable, and does not request system-wide persistence or modify other skills' configs. No elevated or permanent privileges are requested.