ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Embedding Strategies

Generate/edit images with Nano Banana Pro (Gemini 3 Pro Image). Use for image create/modify requests incl. edits. Supports text-to-image + image-to-image; 1K...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 57 · 0 current installs · 0 all-time installs
by@icesumer-lgtm
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
SKILL.md describes an image-generation/editing helper that uses an API key (GEMINI_API_KEY or --api-key). However the registry metadata declares no required env vars/credentials. The repository contains the expected generate_image.py, but it also bundles a large unrelated workspace (hundreds of files) including multiple service credentials and platform config files — far beyond what an image helper legitimately needs.
!
Instruction Scope
The runtime instructions are narrowly scoped to invoking the generate_image.py script and passing an API key or using GEMINI_API_KEY. However the package contains many other documents (AGENTS.md, MEMORY.md, config dumps) that instruct agents to read broad workspace context and files. That expands the effective scope if the skill or agent uses other files in the bundle. Also pre-scan flagged prompt-injection patterns in SKILL.md content, which could attempt to manipulate an agent's behavior.
Install Mechanism
There is no formal install spec (instruction-only), which minimizes automatic installation risk. But the artifact nonetheless includes 93 code files and a 615-file manifest (full workspace). That indicates a packaged workspace rather than a minimal skill; running the provided script will execute code from that package — inspect code before executing.
!
Credentials
SKILL.md explicitly relies on GEMINI_API_KEY (or --api-key) but the skill metadata lists no required env vars. More seriously, several files in the bundle (e.g., the 2026-3-10afu's js backup and other config files) contain many API keys, app secrets, tokens and gateway auth values unrelated to image generation. Packaging unrelated secrets with a skill is a high-risk mismatch.
Persistence & Privilege
The skill is not flagged as always:true and uses normal autonomous invocation defaults. That is expected. However the included workspace files contain agent policies (AGENTS.md) that encourage reading many local files (e.g., 'read MEMORY.md', 'read SOUL.md') which, combined with autonomous invocation, increases potential blast radius if the agent follows those broader instructions. No explicit attempt to modify other skills or system-wide settings was observed in the provided SKILL.md.
Scan Findings in Context
[ignore-previous-instructions] unexpected: Prompt-injection pattern detected in SKILL.md pre-scan. An image generation helper should not need to include instructions that attempt to override or ignore prior model instructions; flag for manual review.
[base64-block] unexpected: Base64-block pattern detected by pre-scan. The manifest contains many files; any embedded/obfuscated blobs should be inspected for hidden payloads or secrets before executing code.
[unicode-control-chars] unexpected: Unicode control character patterns detected in SKILL.md pre-scan. These can be used to obfuscate instructions or hide payloads; check files for invisible characters or malicious obfuscation.
What to consider before installing
Plain-language checklist before installing or running this skill: - Do not run the skill's script blindly. Inspect scripts/generate_image.py for outgoing network calls, hardcoded endpoints, or embedded credentials before executing. - The SKILL.md expects GEMINI_API_KEY (or --api-key) but the skill metadata lists no required env vars — this is inconsistent. Provide a dedicated, minimal API key (preferably short-lived) if you proceed. - The package includes many unrelated files and several config dumps that embed API keys, app secrets, and tokens (e.g., feishu app secrets, gateway tokens). Treat this as sensitive: do not share or allow the skill to access those files. Remove or sanitize unrelated files before use. - The repository appears to be a full workspace snapshot rather than a standalone skill. Ask the author for a minimal package that contains only the image script and documentation, or extract only the generate_image.py and its minimal dependencies. - Because pre-scan found prompt-injection and obfuscation patterns, search the package for base64 blobs, unicode control characters, or instructions that try to override agent policies. If found, do not enable autonomous execution until resolved. - If you must test, run in an isolated environment (sandbox / container / VM) with no access to your real credentials or sensitive local files, and monitor network traffic. If you want, I can: - Inspect the generate_image.py source for network endpoints and suspicious code (if you provide its contents), - Scan the repo for hardcoded secrets and list the files that contain them, - Produce a minimal safe package (extract necessary files) or a checklist to sanitize this skill before installation.
hooks/gateway-restart-protection/handler.js:57
Shell command execution detected (child_process).
scripts/autonomous-thinking.js:193
Shell command execution detected (child_process).
scripts/triple-line-sync.js:49
Shell command execution detected (child_process).
skills/send-html-to-feishu/scripts/run.js:41
Shell command execution detected (child_process).
skills/skill-vetting/scripts/scan.py:22
Dynamic code execution detected.
skills/send-html-to-feishu/scripts/send-to-feishu.js:11
Environment variable access combined with network send.
!
skills/send-html-to-feishu/scripts/send-to-feishu.js:31
File read combined with network send (possible exfiltration).
!
skills/skill-vetting/references/patterns.md:108
Prompt-injection style instruction pattern detected.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk976hjv9h94ppf51w7s5z0vbbx8337sp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Nano Banana Pro Image Generation & Editing

Generate new images or edit existing ones using Google's Nano Banana Pro API (Gemini 3 Pro Image).

Usage

Run the script using absolute path (do NOT cd to skill directory first):

Generate new image:

uv run ~/.codex/skills/nano-banana-pro/scripts/generate_image.py --prompt "your image description" --filename "output-name.png" [--resolution 1K|2K|4K] [--api-key KEY]

Edit existing image:

uv run ~/.codex/skills/nano-banana-pro/scripts/generate_image.py --prompt "editing instructions" --filename "output-name.png" --input-image "path/to/input.png" [--resolution 1K|2K|4K] [--api-key KEY]

Important: Always run from the user's current working directory so images are saved where the user is working, not in the skill directory.

Default Workflow (draft → iterate → final)

Goal: fast iteration without burning time on 4K until the prompt is correct.

  • Draft (1K): quick feedback loop
    • uv run ~/.codex/skills/nano-banana-pro/scripts/generate_image.py --prompt "<draft prompt>" --filename "yyyy-mm-dd-hh-mm-ss-draft.png" --resolution 1K
  • Iterate: adjust prompt in small diffs; keep filename new per run
    • If editing: keep the same --input-image for every iteration until you’re happy.
  • Final (4K): only when prompt is locked
    • uv run ~/.codex/skills/nano-banana-pro/scripts/generate_image.py --prompt "<final prompt>" --filename "yyyy-mm-dd-hh-mm-ss-final.png" --resolution 4K

Resolution Options

The Gemini 3 Pro Image API supports three resolutions (uppercase K required):

  • 1K (default) - ~1024px resolution
  • 2K - ~2048px resolution
  • 4K - ~4096px resolution

Map user requests to API parameters:

  • No mention of resolution → 1K
  • "low resolution", "1080", "1080p", "1K" → 1K
  • "2K", "2048", "normal", "medium resolution" → 2K
  • "high resolution", "high-res", "hi-res", "4K", "ultra" → 4K

API Key

The script checks for API key in this order:

  1. --api-key argument (use if user provided key in chat)
  2. GEMINI_API_KEY environment variable

If neither is available, the script exits with an error message.

Preflight + Common Failures (fast fixes)

  • Preflight:

    • command -v uv (must exist)
    • test -n \"$GEMINI_API_KEY\" (or pass --api-key)
    • If editing: test -f \"path/to/input.png\"

  • Common failures:

    • Error: No API key provided. → set GEMINI_API_KEY or pass --api-key
    • Error loading input image: → wrong path / unreadable file; verify --input-image points to a real image
    • “quota/permission/403” style API errors → wrong key, no access, or quota exceeded; try a different key/account

Filename Generation

Generate filenames with the pattern: yyyy-mm-dd-hh-mm-ss-name.png

Format: {timestamp}-{descriptive-name}.png

  • Timestamp: Current date/time in format yyyy-mm-dd-hh-mm-ss (24-hour format)
  • Name: Descriptive lowercase text with hyphens
  • Keep the descriptive part concise (1-5 words typically)
  • Use context from user's prompt or conversation
  • If unclear, use random identifier (e.g., x9k2, a7b3)

Examples:

  • Prompt "A serene Japanese garden" → 2025-11-23-14-23-05-japanese-garden.png
  • Prompt "sunset over mountains" → 2025-11-23-15-30-12-sunset-mountains.png
  • Prompt "create an image of a robot" → 2025-11-23-16-45-33-robot.png
  • Unclear context → 2025-11-23-17-12-48-x9k2.png

Image Editing

When the user wants to modify an existing image:

  1. Check if they provide an image path or reference an image in the current directory
  2. Use --input-image parameter with the path to the image
  3. The prompt should contain editing instructions (e.g., "make the sky more dramatic", "remove the person", "change to cartoon style")
  4. Common editing tasks: add/remove elements, change style, adjust colors, blur background, etc.

Prompt Handling

For generation: Pass user's image description as-is to --prompt. Only rework if clearly insufficient.

For editing: Pass editing instructions in --prompt (e.g., "add a rainbow in the sky", "make it look like a watercolor painting")

Preserve user's creative intent in both cases.

Prompt Templates (high hit-rate)

Use templates when the user is vague or when edits must be precise.

  • Generation template:

    • “Create an image of: <subject>. Style: <style>. Composition: <camera/shot>. Lighting: <lighting>. Background: <background>. Color palette: <palette>. Avoid: <list>.”

  • Editing template (preserve everything else):

    • “Change ONLY: <single change>. Keep identical: subject, composition/crop, pose, lighting, color palette, background, text, and overall style. Do not add new objects. If text exists, keep it unchanged.”

Output

  • Saves PNG to current directory (or specified path if filename includes directory)
  • Script outputs the full path to the generated image
  • Do not read the image back - just inform the user of the saved path

Examples

Generate new image:

uv run ~/.codex/skills/nano-banana-pro/scripts/generate_image.py --prompt "A serene Japanese garden with cherry blossoms" --filename "2025-11-23-14-23-05-japanese-garden.png" --resolution 4K

Edit existing image:

uv run ~/.codex/skills/nano-banana-pro/scripts/generate_image.py --prompt "make the sky more dramatic with storm clouds" --filename "2025-11-23-14-25-30-dramatic-sky.png" --input-image "original-photo.jpg" --resolution 2K

Files

615 total
Select a file
Select a file to preview.

Comments

Loading comments…