Picsee Short Link
ReviewAudited by ClawScan on May 1, 2026.
Overview
The skill is coherent for PicSee URL shortening and link management, with disclosed but important access to a PicSee token, link-edit/delete actions, and external QR/chart services.
This skill looks consistent with its stated purpose. Before installing, decide whether you are comfortable giving an agent PicSee account access, and review any edit/delete actions or QR/chart sharing requests before they run.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If you authenticate, the agent can use your PicSee account token to create, view, edit, and delete PicSee links.
The skill can use a stored PicSee API token for authenticated account operations, including link management.
| **Authenticated** | `api.pics.ee` | Create + analytics + list + search + edit + delete | ... Auto-detected: if encrypted token exists at `~/.openclaw/.picsee_token`, authenticated mode is used.
Authenticate only if you want the agent to manage your PicSee account, and remove the stored token if you no longer need authenticated features.
A mistaken or overly broad agent action could change or delete a PicSee link, affecting public short links or campaigns.
The CLI exposes authenticated mutation operations for editing and deleting PicSee links, which is consistent with the stated link-management purpose.
await api.editLink(token, originalEncodeId, params); ... await api.deleteLink(token, encodeId, "delete");
Confirm the exact link ID and desired change before allowing edit, delete, or recover commands.
Short links and charted click data may be visible to external QR/chart providers when those features are used.
QR generation sends the short URL to api.qrserver.com, and chart generation embeds analytics-derived chart data in a QuickChart URL.
const qrCodeUrl = `https://api.qrserver.com/v1/create-qr-code/?size=${size}x${size}&data=${encodeURIComponent(shortUrl)}`; ... const chartUrl = `https://quickchart.io/chart?w=600&h=300&c=${encodeURIComponent(JSON.stringify(chartConfig))}`;Avoid QR/chart generation for links or analytics you do not want shared with those external services.