ClawHub

Geometry

v1.0.0

Generate AI images from text prompts. Pay per request with USDC on Solana via x402. No API keys, no accounts.

0· 574·1 current·1 all-time
byGeomerty@geometrydotsh
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (AI image generation, pay-per-request via USDC on Solana/x402) align with the endpoints, pricing, and examples in SKILL.md. No extraneous credentials, binaries, or system paths are requested.
Instruction Scope
SKILL.md directs the agent to call api.geometry.sh and a payment facilitator (facilitator.payai.network) and includes JS/cURL examples. The examples show creating a signer from keypair bytes (private key material) and registering an x402 client; the instructions do not explicitly tell the agent to read arbitrary local files or environment variables, but they do assume the caller will provide keypair bytes or a wallet to sign payments.
Install Mechanism
This is an instruction-only skill with no install spec (low disk/system risk). The docs/examples reference npm packages (@x402/*, @solana/kit) but do not attempt to install them automatically; that's expected for developer examples but means an agent that tried to run the JS sample would need those packages available.
Credentials
No environment variables or secrets are declared or required by the skill. However, the payment flow requires signing with a Solana keypair (example uses keypairBytes). Users must not paste private keys into the agent; the skill itself does not request unrelated credentials.
Persistence & Privilege
always is false and the skill does not request persistent system-level presence or modify other skills/config. Autonomous invocation is allowed (default) but not excessive here given the skill's purpose.
Assessment
This skill appears to be what it says: a paid image-generation API that charges USDC on Solana via x402. Before installing or using it: verify the geometry.sh domain and the payTo address if you care about funds routing; do not paste or upload private key material into the agent—use a wallet or a signing flow that keeps keys local (or use a hardware wallet/approved signer). Expect network calls to api.geometry.sh and facilitator.payai.network and small per-image charges; confirm pricing and refund/abuse policies. If you plan to let the agent act autonomously, be comfortable with it initiating payment flows on your behalf (the skill itself doesn't store or request unrelated credentials). If you need higher assurance, ask the skill author for more details or prefer a documented wallet-based signer integration rather than handing keypair bytes to the agent.

Like a lobster shell, security has layers — review code before you run it.

latestvk975nn9hwzsvm3jz6b656y755d81h2g6

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments