article-images-gen
文案插图专家,为文章生成手绘风格插图。风格:手绘、简约、整洁、留白、构图平衡、色调统一。Use when user asks to generate illustrations for articles, "为文章配图", "生成插图", or needs hand-drawn style images for...
MIT-0 · Free to use, modify, and redistribute. No attribution required.
⭐ 0 · 22 · 0 current installs · 0 all-time installs
byAlex Redisread@redisread
MIT-0
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's name, SKILL.md, and code all align: they analyze an article, produce prompts, call an image-generation API (DashScope / Qwen-Image), save images, and update the article. Using a single provider (DashScope) is coherent with the described capability.
Instruction Scope
Runtime instructions and the included code read and write local project files (article markdown, output image dirs), create backups, generate prompt files, and attempt to read a user config at ~/.baoyu-skills/article-images-gen/EXTEND.md. SKILL.md and registry metadata do not declare these file-access behaviors explicitly. The code also expects interactive confirmation steps (AskUserQuestion) and will modify the article in-place (creating a timestamped backup). These file I/O and modification behaviors are within the declared purpose but should be clearly documented in the metadata.
Install Mechanism
There is no install spec (instruction-only), but the package includes executable scripts with shebangs referencing 'bun' (#!/usr/bin/env bun). The registry metadata declares no required binaries; however the scripts require a JS runtime (bun) to execute. The package performs no external downloads at install time (good), but the undeclared runtime dependency (bun) is an inconsistency that could cause surprise at execution.
Credentials
The code requires an API key (process.env.DASHSCOPE_API_KEY) and allows overriding the base URL via DASHSCOPE_BASE_URL. The registry metadata declared 'Required env vars: none'—this is incorrect. Requesting a DashScope API key is proportionate to the stated purpose, but the omission from metadata is a notable incoherence. No other unrelated credentials are requested.
Persistence & Privilege
The skill does not demand always:true and cannot force-install itself. It reads a user-level config file (~/.baoyu-skills/...) if present and writes files into the article directory (and backups). Those behaviors are reasonable for its purpose but constitute write access to user files and should be highlighted to users before install/use.
What to consider before installing
What to know before installing/using this skill:
- The code will call an external image-generation service (DashScope / Qwen-Image) and requires an API key via the DASHSCOPE_API_KEY environment variable. The registry metadata incorrectly lists no required env vars — do not run it without providing the proper API key and understanding the provider.
- The scripts are intended to run under 'bun' (#!/usr/bin/env bun). The package metadata does not declare this runtime dependency. Ensure you have a compatible runtime (or inspect/adjust the scripts) before running.
- The tool reads and writes files: it will read the article markdown, create prompt files and images, insert image references into your article, and create a backup copy (article.md.bak-<timestamp>). It will also look for a config at ~/.baoyu-skills/article-images-gen/EXTEND.md. If you care about file safety, run it on copies or inspect behavior in a sandbox first.
- Network calls go to the DashScope endpoint by default (https://dashscope.aliyuncs.com) and the code allows changing the base URL via DASHSCOPE_BASE_URL. Verify the endpoint and your API key before using; do not supply unrelated secrets.
- These inconsistencies (undeclared DASHSCOPE_API_KEY requirement, undeclared bun runtime, and home-config access) make the package metadata misleading. If the author updates metadata to declare the API key and runtime, and documents file access clearly, the package would look coherent and expected for its purpose.
- If you want to proceed: inspect the code yourself (or run in an isolated environment), set up and restrict the API key you provide, and back up your articles before letting the skill modify them.scripts/image-generator.ts:31
Environment variable access combined with network send.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
Current versionv1.0.1
Download ziplatest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
SKILL.md
Article Images Generator (文案插图专家)
专业的文章配图生成工具,专注于生成高质量的手绘风格插图。
核心特点
- 风格定位: 手绘风格 (hand-drawn style)
- 视觉特点: 简约、整洁、留白、构图平衡、色调统一
- 单一提供商: 阿里百炼 DashScope Qwen-Image
- 智能分析: 自动分析文案内容,生成适配的插图
- API 重试机制: 遇到速率限制自动重试,最多 3 次,指数退避
- 中文文件名支持: 自动将中文标题转换为拼音 slug
快速开始
# 基础用法
/article-images-gen path/to/article.md
# 指定密度
/article-images-gen path/to/article.md --density balanced
# 直接内容输入
/article-images-gen
[粘贴内容]
工作流程
Step 1: 分析文案
分析文案内容,识别:
- 核心论点和概念
- 适合插图的位置
- 推荐的插图密度
Step 2: 确认设置
使用 AskUserQuestion 确认:
- 密度: minimal (1-2 张), balanced (3-4 张), per-section (推荐), rich (5+ 张)
Step 3: 生成大纲
保存 outline.md:
---
style: hand-drawn
density: balanced
image_count: 4
---
## Illustration 1
**Position**: [章节/段落]
**Purpose**: [为什么需要插图]
**Visual Content**: [要展示的内容]
**Filename**: 01-hand-drawn-concept-name.png
Step 4: 生成提示词
为每个插图创建提示词文件 prompts/NN-hand-drawn-{slug}.md:
---
illustration_id: 01
style: hand-drawn
---
# 手绘风格插图
## 主题
[具体内容描述]
## 画面构成
- **前景**: [主要元素]
- **背景**: [背景元素]
## 风格要求
- 手绘风格
- 简约
- 整洁、留白
- 构图平衡
- 色调统一
- 不要文字
## 技术规格
- 比例:16:9
Step 5: 生成图片
调用阿里百炼 API 生成图片,保存到指定目录。
Step 6: 更新文章
在文章对应位置插入图片引用:
输出目录
| 配置 | 路径 |
|---|---|
| 默认 | {article-dir}/imgs/ |
| 同目录 | {article-dir}/ |
| illustrations 子目录 | {article-dir}/illustrations/ |
配置 (EXTEND.md)
---
version: 1
default_output_dir: imgs-subdir
language: zh
watermark:
enabled: false
content: ""
position: bottom-right
---
使用场景
- 技术文章配图
- 教程步骤说明
- 知识卡片
- 信息图表
- 营销文案插图
限制
- 仅支持手绘风格
- 仅使用阿里百炼 Qwen-Image
- 不支持参考图片
Files
5 totalSelect a file
Select a file to preview.
Comments
Loading comments…