Poe Image Provider
PassAudited by ClawScan on May 12, 2026.
Overview
This looks like a normal Poe image-generation plugin that transparently uses your Poe API key and sends requested prompts or reference images to Poe.
Install if you want Poe-backed image generation and trust this publisher. Use a revocable Poe API key, avoid sensitive prompts or images, and only set Poe as the default image provider if you want agents to use it routinely.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your Poe account/API key may be used for image-generation requests and any associated usage or billing.
The plugin requires a Poe API key and marks it sensitive; this is expected for a Poe provider but gives the plugin authority to make Poe API requests.
"primaryEnv": "POE_API_KEY" ... "poeApiKey": { "label": "Poe API key", "help": "Poe API key used for image generation requests.", "sensitive": true }Use a revocable Poe API key with the least privilege Poe supports, and monitor Poe usage if the agent may generate images often.
Prompts and selected reference images leave your local environment and are processed by Poe.
The artifacts clearly disclose the external data flow: prompts and user-provided reference images are sent to Poe for processing.
When generating images, this plugin sends your prompt and any reference images you provide to the Poe API. Reference images are included as `data:` URIs in the request.
Avoid sending private or sensitive images/prompts unless you are comfortable with Poe processing them.