ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Qwen Comic Gen

Generate/edit images with Nano Banana Pro (Gemini 3 Pro Image). Use for image create/modify requests incl. edits. Supports text-to-image + image-to-image; 1K...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 61 · 0 current installs · 0 all-time installs
by@icesumer-lgtm
duplicate of @icesumer-lgtm/embedding-strategies
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill is named/marketed as 'Qwen Comic Gen' / Nano Banana Pro (Gemini 3 Pro Image) but the SKILL.md uses a different internal name (nano-banana-pro) and expects a script at ~/.codex/skills/nano-banana-pro/scripts/generate_image.py. The repository contains many unrelated projects/files (615 files) and many scripts under different paths (e.g., scripts/generate_image.py, clawhub skills/scripts/generate_image.py). A simple image-generation helper would not legitimately include large unrelated workspace files, agent configs, or plaintext secrets found here. The mismatch of names (Qwen vs Nano Banana Pro/Gemini) is also inconsistent.
!
Instruction Scope
The runtime instructions tell the agent/user to execute a local Python script via 'uv run' at a hard-coded absolute path. That will execute arbitrary code from disk; because the bundle contains many scripts, it's unclear which file will be run in a given installation. The SKILL.md requires/reads an API key either from --api-key or GEMINI_API_KEY—which is reasonable for a generator—but the package also contains many other configuration files and credentials unrelated to image generation. The SKILL.md does not explicitly instruct reading other workspace files, but the presence of many scripts and the absolute path instruction increases the risk the script will access other local files (including the plaintext secrets present).
!
Install Mechanism
There is no formal install spec (instruction-only), which normally lowers risk; however the published bundle includes 93 code files and 615 total files from an entire workspace. Packaging a whole workspace without a clear install step or trusted release source is disproportionate to the claimed purpose. It increases the chance that opportunistic or unrelated files (or accidental secret dumps) are present and will be used by the runtime script.
!
Credentials
SKILL.md declares only GEMINI_API_KEY (via env or CLI) which is appropriate. But the package contains multiple configuration files (e.g., 2026-3-10afu的js备份.txt, openclaw configs) with numerous plaintext API keys, app secrets, tokens and other credentials unrelated to Gemini image generation. Those embedded credentials are not justified by the skill description and present a sensitive data exposure risk if the skill or its scripts read or transmit workspace files.
Persistence & Privilege
always:false and no declared persistence. The skill instructs running a script from an absolute path under ~/.codex which implies expectation of a skill-installed location in the user's home. That pattern is not inherently privileged, but because the bundle contains extensive workspace files and secrets, granting the skill runtime execution permission increases blast radius. Autonomous invocation is enabled by default (normal), but combined with the other red flags the ability to run local scripts autonomously is notable.
Scan Findings in Context
[ignore-previous-instructions] unexpected: Prompt-injection pattern detected in SKILL.md area. An image-generation helper should not include injection patterns; this could indicate the skill content or other included SKILL.md files have embedded instructions intended to manipulate evaluation or runtime behavior.
[base64-block] unexpected: A base64-block pattern was detected in the SKILL.md/pre-scan signals. Encoded blocks are not expected in a simple image-generation skill and may hide behavior or payloads — warrants inspection of files for embedded/encoded data.
[unicode-control-chars] unexpected: Unicode control characters were detected in SKILL.md content. These are unusual for a normal runtime instruction and can be used to obfuscate text or injection payloads.
What to consider before installing
What to consider before installing or running this skill: - Don’t run it as-is. The package contains a large unrelated workspace and plaintext credentials (API keys, app secrets, tokens) which are exposed in files included with the skill. An image-generation helper does not need these. - Verify the actual script to be executed. Open the generate_image.py file that will be run (and any helpers it imports) and search for network calls (requests/http client), file I/O beyond image read/write, and any code that reads other config files or home-directory paths. Confirm endpoints and that no unexpected remote endpoints are contacted. - Confirm script path and provenance. SKILL.md references ~/.codex/skills/nano-banana-pro/scripts/generate_image.py but repository paths differ (scripts/generate_image.py, clawhub skills/... ). Ask the publisher which file is authoritative and why the bundle contains unrelated workspace files. - Remove or secure embedded secrets. The bundle includes plaintext secrets (example: 2026-3-10afu的js备份.txt and various config files). These should be removed before installing or the package should be republished without any secret/config dumps. - Run in an isolated sandbox. If you need to test, run the script in a disposable VM/container with no access to your real home or credentials to limit blast radius. - Avoid pasting API keys in chat. Prefer using environment variables set only in a controlled runtime, and never pass sensitive keys in a public or untrusted UI. - Ask the author for a minimal, audited release. A trustworthy skill should contain only the files needed (single controlled script or small package), clear install instructions from a known release host (GitHub release, official registry), and no extraneous secrets or large unrelated workspaces. If you want, I can: - Inspect the specific generate_image.py files in this bundle (show me the file contents) and list every external endpoint and file path they touch. - Search the repo for 'GEMINI', 'apiKey', 'appSecret', 'token', 'http', 'requests', 'urllib' to highlight suspicious code paths.
hooks/gateway-restart-protection/handler.js:57
Shell command execution detected (child_process).
scripts/autonomous-thinking.js:193
Shell command execution detected (child_process).
scripts/triple-line-sync.js:49
Shell command execution detected (child_process).
skills/send-html-to-feishu/scripts/run.js:41
Shell command execution detected (child_process).
skills/skill-vetting/scripts/scan.py:22
Dynamic code execution detected.
skills/send-html-to-feishu/scripts/send-to-feishu.js:11
Environment variable access combined with network send.
!
skills/send-html-to-feishu/scripts/send-to-feishu.js:31
File read combined with network send (possible exfiltration).
!
skills/skill-vetting/references/patterns.md:108
Prompt-injection style instruction pattern detected.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97cknq4tnqwrm61vhz9fqygnn832pmn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Nano Banana Pro Image Generation & Editing

Generate new images or edit existing ones using Google's Nano Banana Pro API (Gemini 3 Pro Image).

Usage

Run the script using absolute path (do NOT cd to skill directory first):

Generate new image:

uv run ~/.codex/skills/nano-banana-pro/scripts/generate_image.py --prompt "your image description" --filename "output-name.png" [--resolution 1K|2K|4K] [--api-key KEY]

Edit existing image:

uv run ~/.codex/skills/nano-banana-pro/scripts/generate_image.py --prompt "editing instructions" --filename "output-name.png" --input-image "path/to/input.png" [--resolution 1K|2K|4K] [--api-key KEY]

Important: Always run from the user's current working directory so images are saved where the user is working, not in the skill directory.

Default Workflow (draft → iterate → final)

Goal: fast iteration without burning time on 4K until the prompt is correct.

  • Draft (1K): quick feedback loop
    • uv run ~/.codex/skills/nano-banana-pro/scripts/generate_image.py --prompt "<draft prompt>" --filename "yyyy-mm-dd-hh-mm-ss-draft.png" --resolution 1K
  • Iterate: adjust prompt in small diffs; keep filename new per run
    • If editing: keep the same --input-image for every iteration until you’re happy.
  • Final (4K): only when prompt is locked
    • uv run ~/.codex/skills/nano-banana-pro/scripts/generate_image.py --prompt "<final prompt>" --filename "yyyy-mm-dd-hh-mm-ss-final.png" --resolution 4K

Resolution Options

The Gemini 3 Pro Image API supports three resolutions (uppercase K required):

  • 1K (default) - ~1024px resolution
  • 2K - ~2048px resolution
  • 4K - ~4096px resolution

Map user requests to API parameters:

  • No mention of resolution → 1K
  • "low resolution", "1080", "1080p", "1K" → 1K
  • "2K", "2048", "normal", "medium resolution" → 2K
  • "high resolution", "high-res", "hi-res", "4K", "ultra" → 4K

API Key

The script checks for API key in this order:

  1. --api-key argument (use if user provided key in chat)
  2. GEMINI_API_KEY environment variable

If neither is available, the script exits with an error message.

Preflight + Common Failures (fast fixes)

  • Preflight:

    • command -v uv (must exist)
    • test -n \"$GEMINI_API_KEY\" (or pass --api-key)
    • If editing: test -f \"path/to/input.png\"

  • Common failures:

    • Error: No API key provided. → set GEMINI_API_KEY or pass --api-key
    • Error loading input image: → wrong path / unreadable file; verify --input-image points to a real image
    • “quota/permission/403” style API errors → wrong key, no access, or quota exceeded; try a different key/account

Filename Generation

Generate filenames with the pattern: yyyy-mm-dd-hh-mm-ss-name.png

Format: {timestamp}-{descriptive-name}.png

  • Timestamp: Current date/time in format yyyy-mm-dd-hh-mm-ss (24-hour format)
  • Name: Descriptive lowercase text with hyphens
  • Keep the descriptive part concise (1-5 words typically)
  • Use context from user's prompt or conversation
  • If unclear, use random identifier (e.g., x9k2, a7b3)

Examples:

  • Prompt "A serene Japanese garden" → 2025-11-23-14-23-05-japanese-garden.png
  • Prompt "sunset over mountains" → 2025-11-23-15-30-12-sunset-mountains.png
  • Prompt "create an image of a robot" → 2025-11-23-16-45-33-robot.png
  • Unclear context → 2025-11-23-17-12-48-x9k2.png

Image Editing

When the user wants to modify an existing image:

  1. Check if they provide an image path or reference an image in the current directory
  2. Use --input-image parameter with the path to the image
  3. The prompt should contain editing instructions (e.g., "make the sky more dramatic", "remove the person", "change to cartoon style")
  4. Common editing tasks: add/remove elements, change style, adjust colors, blur background, etc.

Prompt Handling

For generation: Pass user's image description as-is to --prompt. Only rework if clearly insufficient.

For editing: Pass editing instructions in --prompt (e.g., "add a rainbow in the sky", "make it look like a watercolor painting")

Preserve user's creative intent in both cases.

Prompt Templates (high hit-rate)

Use templates when the user is vague or when edits must be precise.

  • Generation template:

    • “Create an image of: <subject>. Style: <style>. Composition: <camera/shot>. Lighting: <lighting>. Background: <background>. Color palette: <palette>. Avoid: <list>.”

  • Editing template (preserve everything else):

    • “Change ONLY: <single change>. Keep identical: subject, composition/crop, pose, lighting, color palette, background, text, and overall style. Do not add new objects. If text exists, keep it unchanged.”

Output

  • Saves PNG to current directory (or specified path if filename includes directory)
  • Script outputs the full path to the generated image
  • Do not read the image back - just inform the user of the saved path

Examples

Generate new image:

uv run ~/.codex/skills/nano-banana-pro/scripts/generate_image.py --prompt "A serene Japanese garden with cherry blossoms" --filename "2025-11-23-14-23-05-japanese-garden.png" --resolution 4K

Edit existing image:

uv run ~/.codex/skills/nano-banana-pro/scripts/generate_image.py --prompt "make the sky more dramatic with storm clouds" --filename "2025-11-23-14-25-30-dramatic-sky.png" --input-image "original-photo.jpg" --resolution 2K

Files

615 total
Select a file
Select a file to preview.

Comments

Loading comments…