Gemini Image Gen
ReviewAudited by ClawScan on May 10, 2026.
Overview
The image-generation code mostly matches its purpose, but the heartbeat guide encourages recurring autonomous generation, social/profile updates, and memory storage without clear user approval.
Use this skill for Gemini image generation only if you are comfortable providing a Gemini API key and sending selected prompts/images to Google. Do not enable heartbeat-style recurring use, social posting, avatar updates, or memory saving unless you explicitly want those behaviors and have set approval, budget, and review controls.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could periodically generate images unless the user has explicitly opted into that recurring behavior.
This tells an agent to run image generation on a recurring heartbeat, which can keep consuming API quota or costs beyond a single user request.
Guide for periodic creative image generation... Generate 1-2 images per heartbeat
Make heartbeat use opt-in only, require a clear schedule and budget/count limit, and pause recurring runs unless the user authorizes them.
If combined with social or profile-management skills, the agent could publish images or change an avatar based on its own judgment.
Posting public content or changing a profile/avatar is a high-impact account action, but the instruction does not require explicit user approval or define target accounts.
Post to social platforms if relevant - Update profile avatar if the result is good
Require explicit user confirmation before any public post or profile/avatar update, and clearly identify the target account and content.
Generated images, prompts, or related context could persist and influence future agent behavior without the user noticing.
The skill instructs persistent memory writes without stating what is stored, how long it is retained, whether it is shared across tasks, or how the user can review/remove it.
Save to memory for future reference... Save good results to memory
Store results in memory only with user opt-in, label the source clearly, and provide a way to review and delete saved entries.
The skill can use your Gemini API access when generating or editing images.
The Gemini API key requirement is expected for a Google Gemini image-generation integration, but it gives the skill delegated API access and may affect usage quota or billing.
requires:
bins:
- python3
env:
- GEMINI_API_KEY
primaryEnv: GEMINI_API_KEYUse a dedicated/restricted Gemini API key where possible and monitor usage or billing limits.
Images or prompts you provide for editing are uploaded to Google for processing.
For edit mode, the selected image and prompt are sent to Google’s Gemini API. This is purpose-aligned and disclosed, but it is still an external provider data flow.
API_BASE = "https://generativelanguage.googleapis.com/v1beta" ... {"inline_data": {"mime_type": mime_type, "data": img_data}}, {"text": prompt}Avoid using sensitive or private images unless you are comfortable sending them to the Gemini API under Google’s terms.