Agent Selfie
PassAudited by ClawScan on May 10, 2026.
Overview
Agent Selfie coherently generates Gemini-based avatar images, with disclosed API-key use and optional scheduling/profile-update guidance that users should treat as opt-in.
Install only if you are comfortable sending avatar prompts and personality descriptions to Gemini. Use a dedicated Gemini API key, review any cron setup before enabling it, and require confirmation before the agent changes public profile pictures or writes persistent memory.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Generating images may use your Gemini account quota or incur provider-side usage according to your Google account settings.
The skill requires a Gemini API key. This is disclosed and purpose-aligned, but it gives the script access to the user's Gemini account quota/billing context.
requires:\n bins:\n - python3\n env:\n - GEMINI_API_KEY\n primaryEnv: GEMINI_API_KEY
Use a dedicated API key where possible, monitor Gemini usage, and revoke the key if you stop using the skill.
If combined with other account-management skills, an agent could change a public profile image unless you require confirmation.
The heartbeat guidance extends from generating images to changing public-facing avatars on other platforms. This is related to the skill's purpose, but the artifacts do not implement those updates or require those credentials.
- Update Discord/Twitter/AgentGram avatar if quality is strong.
Treat avatar updates as manual or approval-gated actions, especially for public or business accounts.
Saved avatar preferences or paths may be reused in later tasks and could become stale or inappropriate if not reviewed.
The guide recommends storing generated asset paths and tags in memory. This is purpose-aligned, but it creates persistent context that could influence later identity/profile decisions.
- Log the new asset path in memory for future references.\n...\n- Save favorites to memory with mood and theme tags.
Keep memory entries limited to non-sensitive asset paths/tags and periodically remove entries you no longer want the agent to use.
A cron setup could generate files and use Gemini quota every day until removed.
The documentation includes a cron example for recurring generation. It is clearly presented as user setup, but it would create ongoing background activity if installed.
# Run a daily selfie at 09:00\n0 9 * * * GEMINI_API_KEY=your_key_here /usr/bin/python3 /path/to/agent-selfie/scripts/selfie.py --mood professional --format avatar --out-dir /path/to/selfies
Only add the cron job if you want recurring generation, keep the count low, and document how to disable it.