Filtrix Image Gen
PassAudited by ClawScan on May 1, 2026.
Overview
The skill is coherent for Filtrix image generation/editing, but users should notice that it uses an API key, sends prompts/images to a remote MCP service, and may consume account credits.
This skill appears purpose-aligned for generating and editing images. Before installing, make sure you intend to use Filtrix, provide only a Filtrix-specific API key, confirm that uploaded images are not sensitive, and monitor any account credit usage.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A Filtrix API key, or a generic MCP_API_KEY if present, could be used to access the account and spend credits.
The script reads an API key from the environment and uses it as the bearer credential for Filtrix; this is expected for the service, but the generic MCP_API_KEY fallback is broader than the setup text.
mcp_api_key = os.environ.get("FILTRIX_MCP_API_KEY") or os.environ.get("MCP_API_KEY")Set FILTRIX_MCP_API_KEY explicitly for this skill, avoid relying on a generic MCP_API_KEY, and verify the registry metadata/skill configuration before use.
Private image contents and edit prompts may leave the local machine and be processed by Filtrix.
For edits from a local file, the script base64-encodes the image and sends it through the remote MCP tool call.
tool_args["image_base64"] = image_base64
...
tool_payload = client.call_tool("edit_image_text", tool_args)Only use the edit workflow for images you are comfortable uploading to the Filtrix MCP service, and verify the endpoint before sending sensitive content.
Image generation or editing requests may spend credits on the connected Filtrix account.
The documented tool outputs and idempotency rules show that generation/edit calls can consume account credits, with a mechanism to reduce duplicate billing on retries.
- `credits_used` number ... - Reusing the same `idempotency_key` for the same user and same feature prevents duplicate billing.
Review prompts before running large batches, keep idempotency keys for retries, and monitor account credits.