nano-banana、gpt-image
PassAudited by ClawScan on May 10, 2026.
Overview
This skill appears to be a straightforward VAPI image-generation tool that uses a VAPI API key, sends prompts or selected images to the configured API, and can optionally save outputs locally.
Install only if you are comfortable sending image prompts, and in edit mode selected images, to the configured VAPI API. Verify your VAPI_API_KEY and VAPI_BASE_URL, and use save options only when you want images written to local storage.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Image generation or editing requests are made under the user's VAPI account and may consume quota or incur charges.
The script sends the configured VAPI API key as a bearer token when calling the image API. This is expected for the stated service, but it gives the skill authenticated API access.
headers={"Authorization": f"Bearer {api_key}", "Content-Type": "application/json"}Use a VAPI key with the minimum needed privileges and verify that VAPI_BASE_URL is the intended provider endpoint.
If the agent uses edit mode, the chosen input image may be uploaded to VAPI for processing.
The script can enter edit mode and upload a user-specified local image path or downloaded image URL to VAPI's /images/edits endpoint. This is aligned with image editing, but users should notice that selected images leave the local machine.
ap.add_argument("--input", default="", help="Input image path or URL for editing (enables edit mode).")Only provide --input for images you intend to share with VAPI, and have the agent ask before uploading local/private images.
Generated images may be stored on disk instead of only returned as URLs.
The skill can write generated image files locally when save-related options are used, and gpt-image models are always saved because the API returns base64 data. This is disclosed and purpose-aligned.
`--save`: save to `~/.openclaw/media/`; `--oss`: save to `~/.openclaw/oss/`; gpt-image models always save to media/
Use the default URL-only mode when you do not want local files, and review any custom output directory before saving.