ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Image Forge

v1.1.0

画图技能路由中枢(统一入口)。三维路由体系(用途 × 风格 × 主体),双后端调度。 - Signature 风格:10 种有独立 YAML 的视觉方案(构成主义/克莱因/Risograph/故障艺术等) - Rendering 风格:15 种通用渲染技法 modifier(写真/动漫/3D/水彩/赛博朋克等),...

0· 79·0 current·0 all-time
by陈源泉@chenyqthu

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for chenyqthu/image-forge.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Image Forge" (chenyqthu/image-forge) from ClawHub.
Skill page: https://clawhub.ai/chenyqthu/image-forge
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install image-forge

ClawHub CLI

Package manager switcher

npx clawhub@latest install image-forge
Security Scan
Capability signals
CryptoCan make purchasesRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The declared purpose (image-generation routing, style/use-case libraries, dual backends) matches the included files (styles YAML, references, backend config, and generation scripts). However the SKILL.md / README require external image backends (CRS/Gemini/OpenAI) while the registry metadata declares no required env vars or credentials — a direct mismatch. The presence of scripts to call CRS/Gemini and large prompt/reference libraries is consistent with the stated purpose, but the lack of declared required credentials in metadata is incoherent.
!
Instruction Scope
SKILL.md explicitly orders agents to treat this skill as the sole image-generation entry and contains a '【铁律】绝对禁止使用 image_generate 工具… 所有画图请求必须走本 skill' directive — this is scope-creep because it tries to override platform-provided image tools. The run instructions and inline Python call external endpoints and read environment variables (e.g., CRS_API_KEY, GEMINI_API_KEY) even though the skill registry lists none. The instructions also reference fetching external prompt repos and collecting reference images from web sources. That broad authority and the prohibition of the built-in image tool are unexpected and elevate risk.
Install Mechanism
There is no install spec (instruction-only install), which is lower-risk, but the bundle includes executable scripts (generate_image.py, gpt_image2.py, reverse_style.py). Because these scripts are included but there is no formal install step, they will be available to run by the agent. That is not inherently malicious but means code will be executed from the skill package on demand — inspect the scripts before use.
!
Credentials
The skill's files and README require/expect several secrets (CRS_API_KEY, GEMINI_API_KEY, NANO_BANANA_API_KEY or OPENAI_API_KEY) to call third‑party/back-end image services, which is proportionate to an image-generation skill. However the skill registry declares zero required env vars / no primary credential — this mismatch is problematic. Additionally, the skill allows configuration of arbitrary backends in backends.yaml (endpoints + auth headers), which could send image inputs and user-supplied content (and keys) to arbitrary endpoints if misconfigured.
!
Persistence & Privilege
The skill does not request always:true (so not force-included), which is good. However, it explicitly instructs the agent to refuse the platform image_generate tool and route all image requests through itself. That attempt to monopolize image generation increases blast radius if the skill is malicious or misconfigured. Combined with undeclared env var usage and configurable arbitrary backends, this is a meaningful privilege escalation relative to a normal skill.
Scan Findings in Context
[unicode-control-chars] unexpected: Unicode control characters were detected in SKILL.md. These characters are often used in prompt-injection attempts to obfuscate or manipulate downstream parsing/evaluations and are not expected for a simple documentation/instruction file. This increases suspicion that the SKILL.md may have been crafted to influence agent/evaluator behavior.
What to consider before installing
Key things to check before installing or enabling this skill: - Credentials and metadata mismatch: The skill's code and README expect API keys (CRS_API_KEY, GEMINI_API_KEY / NANO_BANANA_API_KEY or OPENAI_API_KEY) but the registry lists none. Do not provide real, high-privilege API keys until you review the code. Use a scoped/test key or sandboxed account. - Inspect included scripts locally: open scripts/generate_image.py, scripts/gpt_image2.py, and scripts/reverse_style.py and search for any hard-coded endpoints, unusual external hosts, or code that would exfiltrate environment variables or files. Confirm network destinations are ones you trust. - The skill attempts to enforce itself as the sole image-generation path (it instructs agents to never use the platform image_generate tool). Consider whether you want a skill that overrides built-in tooling. This can prevent safer or audited toolchains from being used. - Prompt-injection signal: SKILL.md contains unicode control chars that may be used to hide or obfuscate content. Treat the SKILL.md as potentially adversarial — examine it with an editor that reveals control characters. - Backends are configurable: backends.yaml allows adding arbitrary endpoints with auth headers. If you or other admins add a backend, ensure endpoint ownership and that credentials are not sent to untrusted third parties. - Test in a sandbox: run the skill and its scripts in an isolated environment (network-restricted container or VM) first. Use limited-scope API keys and monitor outbound requests. - If you rely on platform image tools for auditability and safety, do not install or enable the skill's 'monopoly' behavior. Instead either adapt the skill to use the platform image_generate tool or remove the instructions that force all image requests through this skill. If you want, I can: (1) list the exact env vars and code lines that reference them, (2) extract and summarize any network endpoints found in the scripts, or (3) highlight the exact SKILL.md locations containing unicode-control characters for manual review.
!
references/app-web-design.json:1
Install source points to URL shortener or raw IP.
!
references/product-marketing.json:1
Install source points to URL shortener or raw IP.
!
references/social-media-post.json:1
Install source points to URL shortener or raw IP.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f0bpmz68hsmyatx99686wed85hw0j
79downloads
0stars
2versions
Updated 3d ago
v1.1.0
MIT-0
陈源泉@chenyqthu
latest
Download

Image Forge — 统一画图路由

目录结构

{baseDir}/
├── SKILL.md                     # 本文件(唯一用户入口)
├── backends.yaml                # 后端注册表 + 优先级 + 调度策略
├── styles/
│   ├── index.yaml               # 风格库(双层:10 Signature + 15 Rendering)
│   └── *.yaml                   # 10 个 Signature Style 独立文件
├── use-cases/
│   └── index.yaml               # 11 个用途 + 推荐风格 + 默认后端
├── references/                  # 用途提示词 JSON(11 个场景)
└── scripts/
    ├── reverse_style.py         # Gemini Vision 15 维风格反推
    └── generate_image.py        # Gemini/Nano Banana 2 生图

三维框架

用途(Use Case)× 风格(Style)× 主体(Subject)
      ↓                ↓               ↓
  结构指令          视觉语言         用户描述
 (布局/元素)  (色彩/技法/质感)   (画什么)

三者独立路由组合注入 prompt。用途和风格可以各自单独触发,也可以同时命中。

风格库:双层结构(读取 styles/index.yaml

Tier 1: Signature Styles(有独立 YAML,10 种)

高度具体的视觉方案,命中后加载对应 YAML 文件,默认走 nano-banana-2

触发词示例风格 id擅长用途
俄国构成主义、苏联海报、几何宣传constructivism海报、社媒
故障艺术、错位矩形、glitchglitch-window-v1头像、社媒
窗口重叠、数字拼贴glitch-window-v2头像、社媒
混合媒介、线稿摄影mixed-media头像、海报
黑蓝红、三色极简剪影tri-color海报、封面
半调雕刻、铜版画、etchingengraving-halftone海报、头像
risograph、半调杂志、印刷风risograph-magazine海报、社媒
波普水墨、pop art、ink splashpop-ink-splash头像、社媒
克莱因蓝、克莱因秩序、极简仰拍klein-blue-order头像、社媒
高对比度工业、电光蓝故障high-contrast-industrial海报、产品、封面

Tier 2: Rendering Styles(inline modifier,15 种)

通用渲染技法类别,命中后取 modifier 字段直接注入 prompt。按 preferred_backend 调度。

触发词示例风格 id推荐后端
摄影、写真、真实照片photographyGPT Image 2
电影感、胶片、cinematiccinematic-film-stillGPT Image 2
3D渲染、三维、CGI3d-renderGPT Image 2
等距视角、isometric、2.5DisometricGPT Image 2
复古、retro、vintageretro-vintageGPT Image 2
赛博朋克、霓虹、cyberpunkcyberpunk-sci-fiGPT Image 2
极简、minimalism、简约minimalismGPT Image 2
动漫、二次元、animeanime-mangaGemini
插画、手绘插画illustrationGemini
素描、线稿、sketchsketch-line-artGemini
Q版、chibi、可爱chibi-q-styleGemini
像素艺术、pixel art、8-bitpixel-artGemini
油画、古典油画oil-paintingGemini
水彩、aquarellewatercolorGemini
水墨、国画、中国画ink-chinese-styleGemini

用途库(读取 use-cases/index.yaml

11 类场景,每类携带推荐风格和默认后端:

触发词use-case id默认后端推荐 Rendering 风格
海报、传单、posterposter-flyerGPT Image 2cinematic, retro, cyberpunk
头像、肖像、avatarprofile-avatarGeminianime, illustration, photography
产品图、营销图product-marketingGPT Image 2photography, 3d-render, minimalism
电商、主图、白底ecommerce-main-imageGPT Image 2photography, 3d-render
视频封面、YouTubeyoutube-thumbnailGPT Image 2cinematic, photography
小红书、社交配图social-media-postGPT Image 2illustration, photography, watercolor
UI、App、网页app-web-designGPT Image 23d-render, isometric, minimalism
漫画、分镜comic-storyboardGeminianime-manga, illustration, sketch
游戏素材、角色game-assetGemini3d-render, pixel-art, illustration
信息图、教育图infographic-edu-visualGPT Image 2illustration, isometric, minimalism

路由决策树(6 条路径)

用户输入
│
├── 有参考图 + "用这个风格"/"反推"
│   → [Path R] 风格反推:reverse_style.py → 提取风格 → 生成
│
├── 有参考图 + "修改"/"编辑"
│   → [Path E] 参考图编辑
│       1张图 → gpt-image-2 edit endpoint
│       2+张图 → nano-banana-2 多参考图
│
├── 命中 Signature Style aliases(构成主义/glitch/risograph…)
│   → [Path S] 加载 YAML → prompt recipe → nano-banana-2
│
├── 命中 Rendering Style aliases(动漫/写真/3D/水彩…)
│   → [Path R2] 取 modifier → 注入 prompt → 按 preferred_backend 调度
│
├── 命中用途关键词(海报/头像/电商…)
│   → [Path U] 加载 use-cases/index.yaml → 检索 references JSON
│       → 若无指定风格,展示推荐风格(可跳过直接生成)
│       → 按 use-case.default_backend
│
└── 直接描述主体,无信号
    → [Path D] 优化/翻译英文 → gpt-image-2(默认最高 priority)

后端调度决策(读取 backends.yaml

1. 用户显式覆盖(最高优先级)
   "用 GPT 画"/"4K高清"/"写实" → gpt-image-2
   "用 Gemini 画"/"动漫"        → nano-banana-2

2. Style preferred_backend
   Signature 风格命中 → nano-banana-2(全部 10 种)
   Rendering 风格命中 → 按各风格的 preferred_backend(见上表)

3. Use-case default_backend
   无风格指定时,按用途默认后端

4. 全局默认
   gpt-image-2(priority 最高)

GPT Image 2 强项:写实摄影、产品展示、文字渲染、4K 高清、海报、UI
Gemini 强项:动漫/插画/中国风/水彩/素描、多参考图合成、Signature 风格迁移

[Generation] — 后端执行

GPT Image 2(CRS 路由)

推荐使用 wrapper 脚本(支持 generate + edit,多图 edit,自动处理 base64):

# 文生图
uv run {baseDir}/scripts/gpt_image2.py generate \
  --prompt "<prompt>" \
  --output /path/out.png \
  --size 1536x1024 \
  --quality high

# 改图(单张参考图)
uv run {baseDir}/scripts/gpt_image2.py edit \
  --prompt "<edit instruction>" \
  -i /path/ref.png \
  --output /path/out.png \
  --size 1024x1536

# 改图(多张参考图,最多 4 张)
uv run {baseDir}/scripts/gpt_image2.py edit \
  --prompt "<instruction>" \
  -i ref1.png -i ref2.png \
  --output /path/out.png

注意:edit 接口不支持 input_fidelity 参数(已验证 2026-04-25)。

Python API(内联使用)

import os, requests, base64, time

CRS_BASE = os.environ.get('CRS_BASE_URL', 'http://127.0.0.1:8765')
CRS_KEY  = os.environ['CRS_API_KEY']

def gpt_image2_generate(prompt, size='1536x1024', quality='high',
                         output_format='png', filename=None):
    resp = requests.post(
        f'{CRS_BASE}/openai/v1/images/generations',
        headers={'Authorization': f'Bearer {CRS_KEY}'},
        json={'model': 'gpt-image-2', 'prompt': prompt, 'size': size,
              'quality': quality, 'output_format': output_format,
              'response_format': 'b64_json'},
        timeout=180,
    )
    data = resp.json()['data'][0]
    out = filename or f'/tmp/image-forge-{int(time.time())}.{output_format}'
    with open(out, 'wb') as f:
        f.write(base64.b64decode(data['b64_json']))
    return out, data.get('revised_prompt', '')

def gpt_image2_edit(prompt, image_path, size='1536x1024', quality='high',
                    output_format='png', filename=None):
    with open(image_path, 'rb') as f:
        b64_img = base64.b64encode(f.read()).decode()
    resp = requests.post(
        f'{CRS_BASE}/openai/v1/images/edits',
        headers={'Authorization': f'Bearer {CRS_KEY}'},
        json={'model': 'gpt-image-2', 'prompt': prompt,
              'images': [{'image_url': f'data:image/png;base64,{b64_img}'}],
              'size': size, 'quality': quality,
              'output_format': output_format, 'response_format': 'b64_json'},
        timeout=180,
    )
    data = resp.json()['data'][0]
    out = filename or f'/tmp/image-forge-edit-{int(time.time())}.{output_format}'
    with open(out, 'wb') as f:
        f.write(base64.b64decode(data['b64_json']))
    return out, data.get('revised_prompt', '')

GPT Image 2 尺寸1024x1024 / 1536x1024 / 1024x1536 / 2048x2048 / 3840x2160 (4K横) / 2160x3840 (4K竖)

Gemini / Nano Banana 2

# 文生图
uv run {baseDir}/scripts/generate_image.py \
  --prompt "<optimized_english_prompt>" \
  --filename "~/.openclaw/workspace/tmp/image-forge/$(date +%Y-%m-%d-%H-%M-%S)-<slug>.png" \
  --aspect-ratio "<1:1|3:4|4:3|9:16|16:9>"

# 改图 / 多参考图合成(已实测 2026-04-25)
# Gemini 会在参考图基础上按 prompt 修改,多图合成/风格迁移尤其适合
uv run {baseDir}/scripts/generate_image.py \
  --prompt "<e.g.: keep character, change background to warm sunset>" \
  --filename "~/.openclaw/workspace/tmp/image-forge/$(date +%Y-%m-%d-%H-%M-%S)-<slug>.png" \
  -i "/path/to/ref1.jpg" -i "/path/to/ref2.jpg" \
  --aspect-ratio "3:4"

Gemini edit vs GPT Image 2 edit

  • Gemini:多图合成、风格迁移更自由,但对原图布局保留能力较弱
  • GPT Image 2:保留原图布局/文字/边框精确修改时更强,推荐用于卡牌、产品展示图的约束性编辑

Prompt 组合逻辑

Final Prompt =
  [Rendering Style modifier(如有)]
+ [Signature Style prompt(如有,替换主体后)]
+ [Use-case 结构指令(如有,从 references JSON 取)]
+ [用户主体描述(中→英翻译优化)]
+ [技术参数(lighting / composition / quality)]
  • 中文输入全部翻译为英文后发给两个后端
  • Signature Style prompt 已含完整视觉语言,Rendering modifier 作补充层
  • 两者同时命中时:Signature 优先(更具体),Rendering 作辅助修饰

输出交付

  • 保存目录:~/.openclaw/workspace/tmp/image-forge/
  • 文件名:YYYY-MM-DD-HH-MM-SS-<slug>.png
  • 回复:说明所选路径 + 后端 + 关键 prompt 要点,不读取二进制

渠道交付规则

渠道交付方式
飞书message tool + filePath(发送原生飞书图片消息)
Discord / 其他渠道MEDIA: /absolute/path (自动 inline)

飞书交付示例:

message action=send filePath=/abs/path/to/image.png

【注意】一次生成多张图时,分次发送每张图片。

典型示例

# [Path D] 默认 GPT Image 2
"画一只在宇宙中游泳的猫"
→ gpt-image-2,size=1536x1024

# [Path S] Signature 风格 + Gemini
"帮我画一张俄国构成主义风格的 AI 机器人海报"
→ constructivism.yaml → nano-banana-2,aspect=3:4

# [Path R2] Rendering 风格 → 自动按强项调度
"帮我画一张动漫风格的城市夜景"
→ anime-manga modifier → nano-banana-2
"帮我画一张赛博朋克风城市"
→ cyberpunk-sci-fi modifier → gpt-image-2

# [Path U] 用途路由 + 推荐风格
"帮我做一张 YouTube 视频封面,科技感"
→ youtube-thumbnail.json → 推荐 cinematic/photography → gpt-image-2

# [Path U + R2] 用途 + 风格同时命中
"帮我做一张水彩风格的社交配图,主题是咖啡和阅读"
→ social-media-post + watercolor → nano-banana-2,aspect=1:1

# [Path E] 参考图编辑
1张图 + "改成极简风格" → gpt-image-2 edit endpoint
2张图 + "合成一张"    → nano-banana-2 (-i ref1 -i ref2)

# [Path R] 风格反推
1张图 + "用这个风格给我画一只猫" → reverse_style.py → gpt-image-2

# 显式后端覆盖
"用 Gemini 画一张产品图" → nano-banana-2(覆盖用途默认)
"4K高清画一张产品海报"  → gpt-image-2,size=3840x2160

Comments

Loading comments...