ClawHub
Back to skill
v0.1.2

Auto Midjourney

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 7:54 AM.

Analysis

This Midjourney automation skill is mostly purpose-aligned, but it deserves review because it uses a full authenticated browser session/cookie, can submit batch jobs, and includes raw dynamic code execution in a helper script.

GuidanceReview this skill carefully before installing. It is not clearly malicious, but it needs powerful access to your logged-in Midjourney session and includes local helper code with dynamic eval. If you use it, keep cookies out of shared files, set strict submit limits, avoid unattended batches, and inspect the Playwright bridge code before running live jobs.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Unexpected Code Execution
SeverityHighConfidenceMediumStatusConcern
scripts/mj_playwright_bridge.mjs
return eval(source);

The helper script contains raw dynamic JavaScript execution. In a browser-session automation tool, this can become a broad escape hatch if the evaluated source is not tightly controlled.

User impactRunning the helper could execute JavaScript beyond the specific Midjourney workflow, potentially affecting the local browser automation process or authenticated session.
RecommendationReview or replace the eval path with fixed, named operations before running; avoid passing untrusted text into any bridge/evaluation command.
Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusConcern
SKILL.md
`MJ_MAX_SUBMITS_PER_HOUR` | No | Local hourly cap. Set `0` to disable, which is now the default ... `MJ_MAX_SUBMITS_PER_DAY` | No | Local daily cap. Set `0` to disable, which is now the default

The skill can submit Midjourney jobs, including batch workflows, while hourly and daily caps are disabled by default despite the stated conservative-use posture.

User impactA user could unintentionally submit many image jobs and consume Midjourney usage/credits if batch commands are run without explicit limits.
RecommendationSet explicit hourly/daily caps in `.env`, require confirmation before batch runs, and keep batch size and retry behavior small.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityHighConfidenceHighStatusConcern
SKILL.md
`MJ_COOKIE` | Yes | Full authenticated Cookie header copied from browser

The skill requires the user's full authenticated Midjourney cookie, which grants session-level account access for submitting jobs and reading user state.

User impactIf misused or exposed, the cookie could allow actions through the user's Midjourney account and may consume paid generation resources.
RecommendationInstall only if you are comfortable granting session-level Midjourney access; keep `.env` private, rotate the cookie if exposed, and prefer the narrowest session/configuration possible.