ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Gemini Nano Images

v1.0.0

Generate ultra-realistic images and Instagram content using Gemini 2.0 Flash Experimental. Use when creating photorealistic images, social media content, or...

0· 345·0 current·0 all-time
byNEO@vitja1988
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The code and SKILL.md implement image and Instagram-post generation using Gemini, which matches the skill name and description. However the registry metadata declares no required environment variables or primary credential while the runtime instructions and scripts clearly require GEMINI_API_KEY—this metadata mismatch is unexplained.
!
Instruction Scope
Most runtime instructions are scoped to image and caption generation and saving files. However the SKILL.md includes a 'Stock-Only Mode' section that instructs the user/agent to cd into ~/.openclaw/workspace/skills/ig-automation and run smart_poster_v4.py to change posting modes—this references and modifies another skill's files and runtime behavior outside this skill's domain, which is scope creep and a potential risk if executed by an agent.
Install Mechanism
There is no formal install spec (instruction-only plus included scripts). The SKILL.md recommends pip install google-genai which is a reasonable dependency for Gemini access. Lack of an install manifest means the package won't be centrally vetted/installed by the platform—verify the pip package source and audit the scripts before running.
!
Credentials
The skill requires a Gemini API key (GEMINI_API_KEY) according to SKILL.md and both scripts, which is proportionate for an image-generation skill. The problem is the registry metadata claims no required env vars or primary credential—this inconsistency could hide required secrets or lead to unexpected behavior. No other credentials are requested.
!
Persistence & Privilege
The skill is not marked always:true and is user-invocable, which is appropriate. However the instructions for interacting with ~/.openclaw/workspace/skills/ig-automation and running smart_poster_v4.py to change posting modes imply the skill may direct or advise modifying other skills' configuration or behavior—this cross-skill modification is a privilege escalation risk if an agent performs it automatically.
What to consider before installing
This skill's code and docs implement Gemini-based image + caption generation and require a GEMINI_API_KEY and the google-genai package—verify those before use. Red flags: the registry metadata lists no required env var but the scripts need GEMINI_API_KEY; model names differ between docs and code (gemini-2.0-flash-exp vs gemini-2.5-flash-image); and the SKILL.md tells you to cd into and run scripts from another skill (ig-automation) to set 'stock_only' mode, which would modify other skill behavior. Actions to take before installing: (1) Confirm the GEMINI_API_KEY source and only provide it to trusted skills; (2) Inspect/run the included Python scripts in a sandbox to verify they do only the expected API calls and file writes; (3) Do not run the Stock-Only Mode commands (or run them only after reviewing the external ig-automation code) unless you trust that other skill; (4) Ask the publisher to fix the metadata (declare GEMINI_API_KEY) and to clarify the model names and cross-skill instructions. If you cannot validate these points, treat the skill as untrusted and avoid installing or granting it automated execution rights.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cz9q9407nca9ph3km03jtwh8255rx
345downloads
0stars
1versions
Updated 5h ago
v1.0.0
MIT-0
NEO@vitja1988
latest
Download

Gemini Nano Images

Generate ultra-realistic, photorealistic images using Google's Gemini 2.0 Flash Experimental model with native image generation capabilities.

Quick Start

1. Set API Key

export GEMINI_API_KEY="your-api-key-here"

Get your API key at: https://aistudio.google.com/app/apikey

2. Generate Single Image

python3 scripts/generate_image.py "A cozy family breakfast scene with warm morning light"

3. Generate Full Instagram Post

python3 scripts/generate_instagram_post.py "Morning routine with kids" --mood cozy

Scripts

generate_image.py

Creates ultra-realistic images from text prompts.

Usage:

python3 scripts/generate_image.py "PROMPT" [options]

Options:

  • -o, --output DIR - Output directory (default: current)
  • -k, --api-key KEY - Gemini API key
  • --style {realistic,artistic,minimal} - Style preset

Example:

python3 scripts/generate_image.py "Father reading bedtime story to child" -o ~/images

generate_instagram_post.py

Creates complete Instagram posts: image + caption.

Usage:

python3 scripts/generate_instagram_post.py "TOPIC" [options]

Options:

  • -m, --mood MOOD - Post mood: inspiring, cozy, energetic, calm, family, productive
  • -o, --output DIR - Output directory (default: ~/.openclaw/workspace/assets)
  • -k, --api-key KEY - Gemini API key

Example:

python3 scripts/generate_instagram_post.py "Organized family calendar" --mood productive

Mood Presets

MoodDescription
inspiringUplifting, motivational, golden hour
cozyWarm, comfortable, soft lighting
energeticVibrant, dynamic, bright colors
calmPeaceful, serene, soft pastels
familyLoving family moments, candid
productiveOrganized, clean, modern aesthetic

Output

  • Images: Saved as PNG with timestamp prefix
  • Captions: Saved as .txt file alongside image
  • Location: Default is ~/.openclaw/workspace/assets

Integration with Instagram Workflow

Generated content can be directly used with the Social Media Suite:

  1. Generate content:

    python3 scripts/generate_instagram_post.py "Weekend family adventure"

  2. Results saved to assets folder, ready for posting

  3. Use with instagram-poster or instagrapi workflow

Stock-Only Mode (Community Building Phase)

Für 1-2 Wochen nur Stockfotos posten (keine KI-Generierung):

# Stock-Only Mode für 14 Tage aktivieren
cd ~/.openclaw/workspace/skills/ig-automation
python3 smart_poster_v4.py --set-mode stock_only --stock-days 14

# Stockfotos in Ordner legen
mkdir -p assets/stock
cp ~/deine-stockfotos/*.jpg assets/stock/

# Jetzt werden nur Stockfotos gepostet (zufällige Auswahl, keine Doppelungen)
python3 smart_poster_v4.py

# Nach 14 Tagen automatischer Wechsel zu "auto" (KI + Stock)

Modes:

  • auto - Bevorzugt KI, Fallback zu Stock
  • stock_only - Nur Stockfotos aus assets/stock/
  • ai_only - Nur KI-generierte Bilder

Wichtig: Bei Stockfotos kein Wasserzeichen (Logo) - sieht authentischer aus!

Requirements

pip install google-genai

Model Details

  • Model: Gemini 2.0 Flash Experimental
  • Capability: Native image generation
  • Resolution: Up to 1024x1024
  • Style: Photorealistic by default

See references/gemini_api.md for API details.

Comments

Loading comments...