Gemini Image Simple
PassAudited by ClawScan on May 1, 2026.
Overview
The skill’s code matches its stated purpose: it uses a Gemini API key to generate or edit images and saves the result locally.
Before installing, make sure you are comfortable sending image prompts and any selected input images to Google’s Gemini API, and use a safe output path for generated files.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using this skill can consume quota or incur usage under the Gemini API key supplied by the user.
The script uses a Gemini API key from the environment to call Google’s image generation endpoint. This credential use is disclosed and directly aligned with the skill’s purpose.
key = os.environ.get("GEMINI_API_KEY") ... url = f"https://generativelanguage.googleapis.com/v1beta/models/nano-banana-pro-preview:generateContent?key={api_key}"Use a Gemini API key intended for this purpose, monitor usage, and avoid sharing the key in logs or prompts.
If directed to an existing or sensitive path, the script could overwrite a file with image output.
The script writes the generated image to a caller-provided local path and may create missing parent directories. This is expected for an image generator but is still local file mutation.
parser.add_argument("output", help="Output file path (e.g., output.png)") ... output_dir.mkdir(parents=True, exist_ok=True) ... with open(output_path, "wb") as f:Provide an output path in a safe project or downloads directory and avoid pointing it at important existing files.