ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Filtrix Image Gen

v1.0.2

Generate and edit images through Filtrix Remote MCP. Use when users ask to create images or refine existing ones. Supports gpt-image-1, nano-banana, and nano...

0· 456·3 current·3 all-time
by@lumenclaw-cloud
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill name/description match the included scripts and MCP usage: both generate and edit images via a Filtrix MCP endpoint. However the registry metadata lists no required environment variables or primary credential, while SKILL.md and the scripts clearly require an API key (FILTRIX_MCP_API_KEY). This mismatch is inconsistent and should be corrected.
Instruction Scope
SKILL.md and the scripts limit behavior to calling the Filtrix MCP endpoint and downloading returned images or user-provided image URLs. The scripts read local image files when provided, base64-encode them, send them to the MCP endpoint, and write result images to /tmp (or a user-specified path). The scripts also accept an undocumented fallback env var (MCP_API_KEY). No instructions attempt to read unrelated system files or other credentials, but the acceptance of arbitrary input image URLs means user-provided URLs (and image contents) will be retrieved and transmitted to the remote MCP service—consider privacy implications.
Install Mechanism
No install spec; code is included as plain Python scripts. This is the lower-risk model (nothing is automatically fetched or executed at install time), but you still run the bundled scripts locally which will make outbound network calls.
!
Credentials
The runtime requires a Filtrix API key (FILTRIX_MCP_API_KEY) but the registry metadata omitted this. The scripts also accept MCP_API_KEY as an undocumented alias. Requesting a single service API key is proportionate for this functionality, but the metadata mismatch and undocumented fallback increase the risk of accidental credential exposure or misconfiguration.
Persistence & Privilege
The skill is not always-enabled, does not request unusual system privileges, and does not modify other skills or global agent settings. It runs only when invoked and writes output files to user-specified paths (default /tmp).
What to consider before installing
Before installing or using this skill: (1) don't set or expose your Filtrix API key globally until you trust the source—the SKILL.md requires FILTRIX_MCP_API_KEY but the registry metadata omits it; verify which env var your deployment will inject. (2) Note the scripts also accept an undocumented MCP_API_KEY fallback—ask the author to document/fix this. (3) Running the scripts will send images (including anything you pass via --image-path or --image-url) to https://mcp.filtrix.ai/mcp and will download returned signed URLs; avoid sending sensitive images unless you trust Filtrix. (4) The package contains plain Python scripts (no install fetches), so inspect them or run them in a sandboxed environment and monitor network/credential usage. (5) Ask the publisher to correct the registry metadata to declare the required env var (FILTRIX_MCP_API_KEY) and clarify the MCP_API_KEY fallback before trusting the skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk977qzzkxet9ac8npqjznvgtdh82pmhy

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments