ClawHub

AI Hairstyle Changer Online – Try Hairstyles & Hair Colors Instantly – API-powered

v1.0.0

AI hairstyle changer — change a person's hairstyle from a photo or text description

0· 42·0 current·0 all-time
by@sparkleming
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill name/description (AI hairstyle changer) matches what the SKILL.md describes (calls to openapi.weshop.ai agent endpoints and an image upload endpoint). The only required credential is WESHOP_API_KEY, which is appropriate for a hosted API integration.
Instruction Scope
Runtime instructions are narrowly scoped: they document endpoints, run/poll semantics, and advise checking the declared WESHOP_API_KEY env var before asking the user. The doc warns not to send the API key to other domains. The only potentially sensitive action is uploading user images (via /openapi/agent/assets/images), which is expected for this purpose.
Install Mechanism
No install spec and no code files — instruction-only skill. Nothing will be downloaded or written to disk by an installer, which minimizes install-time risk.
Credentials
The skill requests a single API key (WESHOP_API_KEY) and documents its intended use and domain. This is proportionate; there are no unrelated or excessive environment variables or credentials requested.
Persistence & Privilege
The skill is not declared 'always: true' and does not request system-wide persistence or modification of other skills. Autonomous invocation is allowed (platform default) but not combined with other concerning privileges.
Assessment
This skill appears coherent: it will use your WESHOP_API_KEY to call openapi.weshop.ai and may upload images you provide. Before installing, only provide an API key scoped for this service (create/restrict a key if possible), avoid uploading photos you do not own or that include other people's faces without consent, and verify that any API key you enter is sent only to https://openapi.weshop.ai as documented. If you suspect the key was exposed, rotate/revoke it. If you want extra caution, test with a limited-purpose or expendable API key first.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bpb2a2cs1eam3zwrjw61aex84sndh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvWESHOP_API_KEY
Primary envWESHOP_API_KEY

Comments