ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

通义万相 2.5D 横幅插画

Generate/edit images with Nano Banana Pro (Gemini 3 Pro Image). Use for image create/modify requests incl. edits. Supports text-to-image + image-to-image; 1K...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 56 · 0 current installs · 0 all-time installs
by@icesumer-lgtm
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
Name/description claim a single image-generation/editing helper for Gemini (Nano Banana Pro), but the bundle includes hundreds of unrelated files (agents, dashboards, backups, credentials). The SKILL.md expects an API key (GEMINI_API_KEY) yet registry metadata lists no required env vars. The usage examples reference an absolute path (~/.codex/skills/nano-banana-pro/scripts/generate_image.py) that does not match the manifest paths (files live in various scripts/ and clawhub skills/ locations). Requiring or shipping unrelated system config and many auxiliary tools is disproportionate to a small image-generation skill.
!
Instruction Scope
SKILL.md instructs running a local Python script with an API key and to run from the user's CWD. It explicitly checks GEMINI_API_KEY, but the registry declares none — a metadata/instruction mismatch. The pre-scan flags indicate prompt-injection patterns present in SKILL.md (ignore-previous-instructions, base64-block, unicode-control-chars), which is unexpected for a simple CLI usage document and could indicate an attempt to manipulate agents that read SKILL.md. The instructions otherwise limit scope to calling Gemini and saving PNGs, but the included repository contains code and files that the instructions do not mention (possible scope creep).
Install Mechanism
No install spec (instruction-only) which normally reduces install-time risk. However, the package contains many code files (scripts/generate_image.py plus hundreds of other files). Because there is no defined install, SKILL.md relies on running a script from a hard-coded absolute path under the user's home; that mismatch increases accidental-execution risk (user may run an unexpected local script). No remote download URLs were found in the provided SKILL.md, which is good, but the presence of a large workspace shipped with the skill is inconsistent with 'instruction-only' and should be clarified.
!
Credentials
SKILL.md expects an API key (GEMINI_API_KEY or --api-key) but the registry lists no required env vars or primary credential — metadata omission. Additionally, the file manifest includes explicit credential-like values (e.g., appSecret, apiKey) in backup files, which are unrelated to the stated image-generation purpose and increase the risk of accidental exposure or misuse. The skill should only ask for the single API key needed for Gemini; extra exposed keys in the bundle are disproportionate and suspicious.
Persistence & Privilege
always is false and there is no install spec requesting permanent presence or elevated privileges. The skill does not request to auto-enable itself or modify other skills. Autonomous invocation remains allowed (platform default) but is not combined with 'always: true' or other high-privilege indicators.
Scan Findings in Context
[ignore-previous-instructions] unexpected: Prompt-injection pattern found inside SKILL.md. Not expected in a CLI usage document — could attempt to influence agents that read this SKILL.md.
[base64-block] unexpected: Base64-like block detected in SKILL.md pre-scan signals. Image-generation usage docs normally do not include encoded/obfuscated blocks; this warrants manual review of SKILL.md and any referenced scripts for hidden payloads.
[unicode-control-chars] unexpected: Unicode control characters detected in SKILL.md pre-scan signals. Such characters can be used to hide or obfuscate instructions; not expected for a normal usage file.
What to consider before installing
Do not install or run this skill yet. Steps to safely proceed if you want this capability: 1) Ask the author for a minimal package: SKILL.md + the single generate_image.py script. The skill bundle should not include unrelated workspace files or backups. 2) Require that the skill metadata explicitly list GEMINI_API_KEY as a required env var (primary credential) and update the install/usage paths to match actual file locations. 3) Manually inspect the generate_image.py script before running: search for network endpoints, hard-coded secrets, base64/obfuscated blobs, file reads/writes beyond working directory, and any code that uploads files to unknown servers. 4) Remove any files exposing secrets (the manifest includes a backup file with many API keys/app secrets). Treat those as compromised and rotate those credentials if they are yours. 5) If you must test, run the script in a disposable/sandboxed environment (isolated VM or container) with a throwaway Gemini key and no access to other credentials or sensitive files. Monitor outbound network traffic during a first run. 6) If SKILL.md still contains prompt-injection artifacts (ignore-previous-instructions, base64 blocks, hidden unicode), do not use it; request a cleaned SKILL.md and a clear explanation of why those patterns are present. Summary: the skill's stated scope is plausible, but metadata mismatches, embedded unrelated files and exposed secrets, and prompt-injection signals make this package unsafe until cleaned and the single image-generation script is independently reviewed.
hooks/gateway-restart-protection/handler.js:57
Shell command execution detected (child_process).
scripts/autonomous-thinking.js:193
Shell command execution detected (child_process).
scripts/triple-line-sync.js:49
Shell command execution detected (child_process).
skills/send-html-to-feishu/scripts/run.js:41
Shell command execution detected (child_process).
skills/skill-vetting/scripts/scan.py:22
Dynamic code execution detected.
skills/send-html-to-feishu/scripts/send-to-feishu.js:11
Environment variable access combined with network send.
!
skills/send-html-to-feishu/scripts/send-to-feishu.js:31
File read combined with network send (possible exfiltration).
!
skills/skill-vetting/references/patterns.md:108
Prompt-injection style instruction pattern detected.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk9736f1dekyehbenc0pgcfgq7d8320ma

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Nano Banana Pro Image Generation & Editing

Generate new images or edit existing ones using Google's Nano Banana Pro API (Gemini 3 Pro Image).

Usage

Run the script using absolute path (do NOT cd to skill directory first):

Generate new image:

uv run ~/.codex/skills/nano-banana-pro/scripts/generate_image.py --prompt "your image description" --filename "output-name.png" [--resolution 1K|2K|4K] [--api-key KEY]

Edit existing image:

uv run ~/.codex/skills/nano-banana-pro/scripts/generate_image.py --prompt "editing instructions" --filename "output-name.png" --input-image "path/to/input.png" [--resolution 1K|2K|4K] [--api-key KEY]

Important: Always run from the user's current working directory so images are saved where the user is working, not in the skill directory.

Default Workflow (draft → iterate → final)

Goal: fast iteration without burning time on 4K until the prompt is correct.

  • Draft (1K): quick feedback loop
    • uv run ~/.codex/skills/nano-banana-pro/scripts/generate_image.py --prompt "<draft prompt>" --filename "yyyy-mm-dd-hh-mm-ss-draft.png" --resolution 1K
  • Iterate: adjust prompt in small diffs; keep filename new per run
    • If editing: keep the same --input-image for every iteration until you’re happy.
  • Final (4K): only when prompt is locked
    • uv run ~/.codex/skills/nano-banana-pro/scripts/generate_image.py --prompt "<final prompt>" --filename "yyyy-mm-dd-hh-mm-ss-final.png" --resolution 4K

Resolution Options

The Gemini 3 Pro Image API supports three resolutions (uppercase K required):

  • 1K (default) - ~1024px resolution
  • 2K - ~2048px resolution
  • 4K - ~4096px resolution

Map user requests to API parameters:

  • No mention of resolution → 1K
  • "low resolution", "1080", "1080p", "1K" → 1K
  • "2K", "2048", "normal", "medium resolution" → 2K
  • "high resolution", "high-res", "hi-res", "4K", "ultra" → 4K

API Key

The script checks for API key in this order:

  1. --api-key argument (use if user provided key in chat)
  2. GEMINI_API_KEY environment variable

If neither is available, the script exits with an error message.

Preflight + Common Failures (fast fixes)

  • Preflight:

    • command -v uv (must exist)
    • test -n \"$GEMINI_API_KEY\" (or pass --api-key)
    • If editing: test -f \"path/to/input.png\"

  • Common failures:

    • Error: No API key provided. → set GEMINI_API_KEY or pass --api-key
    • Error loading input image: → wrong path / unreadable file; verify --input-image points to a real image
    • “quota/permission/403” style API errors → wrong key, no access, or quota exceeded; try a different key/account

Filename Generation

Generate filenames with the pattern: yyyy-mm-dd-hh-mm-ss-name.png

Format: {timestamp}-{descriptive-name}.png

  • Timestamp: Current date/time in format yyyy-mm-dd-hh-mm-ss (24-hour format)
  • Name: Descriptive lowercase text with hyphens
  • Keep the descriptive part concise (1-5 words typically)
  • Use context from user's prompt or conversation
  • If unclear, use random identifier (e.g., x9k2, a7b3)

Examples:

  • Prompt "A serene Japanese garden" → 2025-11-23-14-23-05-japanese-garden.png
  • Prompt "sunset over mountains" → 2025-11-23-15-30-12-sunset-mountains.png
  • Prompt "create an image of a robot" → 2025-11-23-16-45-33-robot.png
  • Unclear context → 2025-11-23-17-12-48-x9k2.png

Image Editing

When the user wants to modify an existing image:

  1. Check if they provide an image path or reference an image in the current directory
  2. Use --input-image parameter with the path to the image
  3. The prompt should contain editing instructions (e.g., "make the sky more dramatic", "remove the person", "change to cartoon style")
  4. Common editing tasks: add/remove elements, change style, adjust colors, blur background, etc.

Prompt Handling

For generation: Pass user's image description as-is to --prompt. Only rework if clearly insufficient.

For editing: Pass editing instructions in --prompt (e.g., "add a rainbow in the sky", "make it look like a watercolor painting")

Preserve user's creative intent in both cases.

Prompt Templates (high hit-rate)

Use templates when the user is vague or when edits must be precise.

  • Generation template:

    • “Create an image of: <subject>. Style: <style>. Composition: <camera/shot>. Lighting: <lighting>. Background: <background>. Color palette: <palette>. Avoid: <list>.”

  • Editing template (preserve everything else):

    • “Change ONLY: <single change>. Keep identical: subject, composition/crop, pose, lighting, color palette, background, text, and overall style. Do not add new objects. If text exists, keep it unchanged.”

Output

  • Saves PNG to current directory (or specified path if filename includes directory)
  • Script outputs the full path to the generated image
  • Do not read the image back - just inform the user of the saved path

Examples

Generate new image:

uv run ~/.codex/skills/nano-banana-pro/scripts/generate_image.py --prompt "A serene Japanese garden with cherry blossoms" --filename "2025-11-23-14-23-05-japanese-garden.png" --resolution 4K

Edit existing image:

uv run ~/.codex/skills/nano-banana-pro/scripts/generate_image.py --prompt "make the sky more dramatic with storm clouds" --filename "2025-11-23-14-25-30-dramatic-sky.png" --input-image "original-photo.jpg" --resolution 2K

Files

615 total
Select a file
Select a file to preview.

Comments

Loading comments…