ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

腾讯云混元文生图像生成

v1.0.0

使用腾讯混元生图 3.0(HunyuanImage 3.0)生成图片。当用户需要调用混元/腾讯云生图、hunyuan 生图、huny-img 生图时,使用此 skill。调用 Python 脚本完成文生图(text-to-image)和图生图(image-to-image)任务,接口风格与 wanx-img sk...

0· 86·0 current·0 all-time
byJacky Shen@mebusw

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for mebusw/hunyuan-text-to-image.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "腾讯云混元文生图像生成" (mebusw/hunyuan-text-to-image) from ClawHub.
Skill page: https://clawhub.ai/mebusw/hunyuan-text-to-image
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install hunyuan-text-to-image

ClawHub CLI

Package manager switcher

npx clawhub@latest install hunyuan-text-to-image
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill name, SKILL.md, and the included Python script all consistently implement Tencent 混元生图 (HunyuanImage 3.0) text-to-image and image-to-image flows. However, the registry metadata declared no required environment variables while the SKILL.md and script both require TENCENTCLOUD_SECRET_ID and TENCENTCLOUD_SECRET_KEY. That metadata omission is an inconsistency (likely sloppy packaging) but the credentials themselves are coherent with the skill's purpose.
Instruction Scope
SKILL.md runtime instructions stay within the stated scope: preparing a venv, installing python-dotenv, setting TENCENTCLOUD_* in a .env file, and invoking the provided script. The script builds TC3-HMAC-SHA256 auth headers and POSTs to aiart.tencentcloudapi.com, polls job status, and prints prompt and returned image URLs. It does not read unrelated system files, does not download user-provided reference images (it sends their URLs), and does not forward data to unexpected endpoints.
Install Mechanism
This is an instruction-only skill (no installer). Installation is manual: create a Python venv and pip install python-dotenv. No downloads from untrusted URLs or archive extraction are present. The only dependency is python-dotenv, which is modest and expected for .env handling.
!
Credentials
The script requires Tencent cloud credentials (TENCENTCLOUD_SECRET_ID, TENCENTCLOUD_SECRET_KEY, optional REGION) and SKILL.md tells users to place them in .env — that is proportionate to calling Tencent APIs. The problem: the skill metadata in the registry declared no required env vars/credentials. This mismatch is a packaging/declaration issue that could mislead users or automated policy checks. No other unrelated credentials are requested.
Persistence & Privilege
The skill does not request always:true and is user-invocable only. It does not modify other skills or system-wide configs. It only directs the agent to run the included script when invoked.
What to consider before installing
This skill appears to implement exactly what it claims: it sends your prompts (and any reference-image URLs you supply) to Tencent's AI Art API and returns job status and image URLs. Before installing: - Note the registry metadata omits required environment variables, but the SKILL.md and script do require TENCENTCLOUD_SECRET_ID and TENCENTCLOUD_SECRET_KEY; do not rely on the registry listing alone. - Only provide Tencent credentials if you trust the skill source; these keys grant access to your Tencent account's AI Art API and could be abused if leaked. Prefer creating limited-permission or billing-restricted credentials if possible. - Review the script yourself (it is short and included). It implements TC3 signing and talks to aiart.tencentcloudapi.com — there are no hidden external endpoints. - The script prints prompts and revised prompts; consider that prompts are sent to Tencent (so any sensitive information in prompts will be transmitted). - If you are uncomfortable providing long-lived keys, run the script locally in an isolated environment, or avoid installing the skill. If the metadata inconsistency matters for automation/policy, ask the publisher to correct the registry entry.

Like a lobster shell, security has layers — review code before you run it.

latestvk974ta4cjr49e3q43aevtegfp58464dt
86downloads
0stars
1versions
Updated 3w ago
v1.0.0
MIT-0
Jacky Shen@mebusw
latest
Download

Overview

本 skill 通过调用腾讯云 AI Art API(混元生图 3.0)实现文生图和图生图功能。采用异步任务模式:先提交(SubmitTextToImageJob),再轮询查询(QueryTextToImageJob)直至完成。

Workflow

  1. 判断用户意图:文生图(无参考图)还是图生图(提供参考图 URL)
  2. 解析图像分辨率:支持比例字符串或像素字符串,转换见下表
  3. 若用户提供了参考图 URL/路径,直接将 URL 传入脚本的 --images 参数(无需下载)
  4. 运行脚本生成图片(异步轮询,约 30–90 秒)
  5. 输出:原始 prompt、扩写后 prompt(若开启改写)、分辨率、JobId、图片完整 URL

⚠️ 生成的图片 URL 有效期仅 1 小时,务必在输出中完整展示,提醒用户及时保存。

分辨率对照表

文生图默认 1024:1024;宽高均需在 [512, 2048] 范围内,乘积 ≤ 1024×1024。

比例像素尺寸
1:11024:1024
3:4768:1024
4:31024:768
9:16720:1280
16:91280:720

图生图时若不传分辨率,模型将从 37 种预设尺寸中自动选择。

Available Scripts

  • hunyuan3-text-to-image.py — 文生图(支持可选参考图实现图生图),使用混元生图 3.0

Setting Up

首次使用时,进入目录并安装依赖:

cd ~/.claude/skills/huny-img
python3 -m venv ~/.pyenv/versions/py312-huny-img
source ~/.pyenv/versions/py312-huny-img/bin/activate
pip install python-dotenv
cp .env.example .env
# 编辑 .env,填入 TENCENTCLOUD_SECRET_ID 和 TENCENTCLOUD_SECRET_KEY

后续执行脚本时,优先用:

~/.pyenv/versions/py312-huny-img/bin/python ./scripts/hunyuan3-text-to-image.py ...

若 venv 不存在,可直接用系统 python3(脚本仅依赖标准库 + python-dotenv):

pip install python-dotenv --break-system-packages
python3 ./scripts/hunyuan3-text-to-image.py ...

Usage Examples

文生图(默认 1:1)

~/.pyenv/versions/py312-huny-img/bin/python "./scripts/hunyuan3-text-to-image.py" \
  -p "雨中竹林小路,水墨风格"

指定比例

~/.pyenv/versions/py312-huny-img/bin/python "./scripts/hunyuan3-text-to-image.py" \
  -p "夕阳下的城市天际线,摄影风格" \
  -r 16:9

指定像素尺寸 + 关闭 prompt 改写

~/.pyenv/versions/py312-huny-img/bin/python "./scripts/hunyuan3-text-to-image.py" \
  -p "可爱的柴犬在草地上奔跑" \
  -r 768:1024 \
  --no-revise

图生图(提供参考图 URL)

~/.pyenv/versions/py312-huny-img/bin/python "./scripts/hunyuan3-text-to-image.py" \
  -p "参考图的风格,生成一幅秋日枫林场景" \
  --images "http://example.com/ref1.jpg" "http://example.com/ref2.jpg"

固定随机种子(复现结果)

~/.pyenv/versions/py312-huny-img/bin/python "./scripts/hunyuan3-text-to-image.py" \
  -p "星空下的雪山" \
  --seed 42

Script Arguments

参数简写说明默认值
--prompt-p文本描述提示词示例花店
--resolution-r分辨率(比例或像素,如 16:91024:7681024:1024
--seed随机种子(正整数)随机
--logo添加水印:0=否,1=是0
--no-revise关闭 prompt 改写(开启改写约增加 20s)默认开启
--images参考图 URL 列表(最多 3 张)
--poll-interval轮询间隔秒数5
--timeout最长等待秒数300

Requirements

  • Python 3.8+
  • python-dotenv(其余全为标准库,无需安装 tencentcloud SDK)
  • 腾讯云账号,已开通「腾讯混元生图」服务
  • .env 中配置:
    • TENCENTCLOUD_SECRET_ID
    • TENCENTCLOUD_SECRET_KEY
    • TENCENTCLOUD_REGION(可选,默认 ap-guangzhou

Comments

Loading comments...