Back to skill
Skillv1.0.0
ClawScan security
AI Bikini Photo Editor-AI Editor for Swimwear & Bikini Photos – CLI-powered · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewApr 10, 2026, 10:35 AM
- Verdict
- Review
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's declared requirements (weshop CLI + WESHOP_API_KEY) match its stated purpose, but lack of a verifiable source/homepage, inconsistent domain references, and the default prompt encouraging nudity/non-consensual editing raise safety and provenance concerns.
- Guidance
- Before installing: verify the WeShop service and the weshop-cli package (check the npm page and GitHub repo and confirm the domains match and are legitimate). Do not share your API key except via the environment variable and avoid pasting it into prompts. Be aware this skill's default prompt encourages removing clothing from real people — only use it with explicit, documented consent and in jurisdictions where such image editing is lawful. If you need higher assurance, request the skill author to provide a homepage/source repo, or review the weshop-cli source code yourself in a sandboxed environment. Consider restricting the API key's scope and rotating it if you test the skill.
Review Dimensions
- Purpose & Capability
- noteThe skill name and description align with the declared dependency on the WeShop CLI and the single WESHOP_API_KEY environment variable — those are proportionate to an image-editing API. However the SKILL.md references multiple domains (www.weshop.ai, openapi.weshop.ai, open.weshop.ai) and the registry metadata has no homepage or verifiable publisher; this reduces confidence in provenance.
- Instruction Scope
- concernRuntime instructions are limited to using the weshop CLI and reading WESHOP_API_KEY, which is expected. But the default prompt explicitly instructs removing clothing from a person’s photo ('naturally undress'), which enables creation of sexualized images of real people. The skill gives no guidance to ensure consent or legality and could be used for non-consensual or abusive deepfakes.
- Install Mechanism
- noteThis is an instruction-only skill with no install spec or code files, lowering filesystem risk. The README instructs installing an npm package (weshop-cli) manually — that's normal, but the skill provides no verification of the CLI's authenticity or its npm/GitHub metadata.
- Credentials
- okOnly a single API credential (WESHOP_API_KEY) is required and declared as the primary credential; this is proportionate to calling a third-party image-editing service. The SKILL.md warns not to pass the key on the CLI and to only send it to openapi.weshop.ai, but those claims cannot be independently verified from the skill itself.
- Persistence & Privilege
- okThe skill is not set to always:true and does not request persistent system privileges or other skills' credentials. It is user-invocable and can be invoked autonomously as normal for skills, which is not itself a red flag here.