Gemini TG Image Gen
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill mostly matches its image-to-Telegram purpose, but it should be reviewed because it can fetch unvalidated model-returned URLs and its Telegram send pattern may upload stale local images.
Review before installing. If you use it, provide a scoped OpenRouter key, verify the Telegram target, avoid sensitive prompts, and consider modifying the workflow to validate downloaded image URLs, send only the exact returned file paths, and clean up temporary files.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Telegram could receive stale or unintended images from previous runs if they match the wildcard.
The send step uses a wildcard in a shared temp directory rather than the exact current-run path printed by the script.
message action=send channel=telegram media="/root/.openclaw/workspace/tmp/openrouter_image_*.png" caption="Generated: <prompt>"
Send only the exact path or paths returned by the script for the current request, preferably from a per-run directory, and delete generated files after sending.
A crafted or unexpected model response could make the agent fetch arbitrary URLs from its environment and then place the downloaded content into the Telegram workflow.
The script accepts HTTP(S) URLs from the model/provider response and downloads them without an allowlist, private-network blocking, content-type checks, or size limits.
if token.startswith("http://") or token.startswith("https://"):
urls.append(token)
...
r = requests.get(url, timeout=60)Only accept expected image outputs, validate MIME type and size, reject localhost/private-network destinations, and prefer provider-supplied data:image URLs or allowlisted image hosts.
Using the skill may consume OpenRouter credits or quota, and prompts are sent under the configured account.
The skill needs an OpenRouter credential to call the image model; this is purpose-aligned but gives the skill access to the user's OpenRouter account/quota.
Read API key from env: `OPENROUTER_API_KEY`.
Use a revocable, least-privilege OpenRouter key where possible, monitor usage, and declare the required environment variable in metadata.
Prompts, captions, and generated images may be visible to the provider and Telegram recipients.
The workflow intentionally sends prompt-derived content to OpenRouter and then sends the generated image, with the prompt as caption, to Telegram.
Use OpenRouter model `google/gemini-2.5-flash-image`. ... Send the image to Telegram using the `message` tool
Avoid sensitive prompts or private data, and verify the Telegram destination before using the skill.