Openai Image Gen Hardened

v1.0.0

Batch-generate images via OpenAI Images API. Random prompt sampler + `index.html` gallery.

⭐ 0· 0·0 current·0 all-time

Security Scan

Capability signals

Requires sensitive credentials

These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

Name/description, required binary (python3), requested env var (OPENAI_API_KEY), and included script all match an image-generation tool that calls the OpenAI Images API.

ℹ

Instruction Scope

SKILL.md instructs the agent to run the included gen.py and open a local index.html; the script reads only OPENAI_API_KEY and writes output to a per-run out_dir. One notable behavior: when the API returns an image URL the script will fetch that URL (urllib.request.urlretrieve). Fetching returned image URLs is expected for an image generator, but it does cause outbound requests to third-party host(s) (CDNs) beyond api.openai.com — review this if you must restrict network egress.

✓

Install Mechanism

Install spec uses Homebrew to install the official python formula (python -> python3). This is a standard, traceable package install rather than a raw download from an arbitrary URL.

✓

Credentials

Only OPENAI_API_KEY is required and declared as the primary credential; the script accesses that env var exclusively. No unrelated secrets or config paths are requested.

✓

Persistence & Privilege

Skill is not always-enabled, does not request elevated/persistent platform privileges, and does not modify other skills or global agent configuration.

Assessment

This skill appears to do what it says, but review these points before installing: - It requires your OPENAI_API_KEY and will use it to call api.openai.com; ensure the key has appropriate scope and that you accept potential billing from generated images. - The script will download image data from URLs returned by the API (CDNs/third-party hosts). If your environment restricts outbound network traffic, run the script in a network-isolated environment or inspect returned URLs before fetching. - Output is written to a local out_dir (~/Projects/tmp/openai-image-gen-*/ or ./tmp/...), so check that location and permissions. The skill has guardrails documented in SAFETY.md/SKILL.md; read them and verify they meet your operational requirements. - The install step proposes Homebrew python; ensure installing python via brew is acceptable on your machine, or run the script in a contained runtime (venv, container) instead. - If you share an API key across services or teams, consider creating a dedicated key with minimal scope and short lifetime for use with this skill. Inspect scripts (gen.py) yourself before running if you have stricter threat models.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

🖼️ Clawdis

Binspython3

EnvOPENAI_API_KEY

Primary envOPENAI_API_KEY

Install

Install Python (brew)

Bins: python3

brew install python

latestvk977gqza6t8yghtnfxvkwjgey585c5t4

0downloads

0stars

1versions

Updated 3h ago

v1.0.0

MIT-0

OpenAI Image Gen

Generate a handful of “random but structured” prompts and render them via the OpenAI Images API.

Run

python3 {baseDir}/scripts/gen.py
open ~/Projects/tmp/openai-image-gen-*/index.html  # if ~/Projects/tmp exists; else ./tmp/...

Useful flags:

# GPT image models with various options
python3 {baseDir}/scripts/gen.py --count 16 --model gpt-image-1
python3 {baseDir}/scripts/gen.py --prompt "ultra-detailed studio photo of a lobster astronaut" --count 4
python3 {baseDir}/scripts/gen.py --size 1536x1024 --quality high --out-dir ./out/images
python3 {baseDir}/scripts/gen.py --model gpt-image-1.5 --background transparent --output-format webp

# DALL-E 3 (note: count is automatically limited to 1)
python3 {baseDir}/scripts/gen.py --model dall-e-3 --quality hd --size 1792x1024 --style vivid
python3 {baseDir}/scripts/gen.py --model dall-e-3 --style natural --prompt "serene mountain landscape"

# DALL-E 2
python3 {baseDir}/scripts/gen.py --model dall-e-2 --size 512x512 --count 4

Model-Specific Parameters

Different models support different parameter values. The script automatically selects appropriate defaults based on the model.

Size

GPT image models (gpt-image-1, gpt-image-1-mini, gpt-image-1.5): 1024x1024, 1536x1024 (landscape), 1024x1536 (portrait), or auto
- Default: 1024x1024
dall-e-3: 1024x1024, 1792x1024, or 1024x1792
- Default: 1024x1024
dall-e-2: 256x256, 512x512, or 1024x1024
- Default: 1024x1024

Quality

GPT image models: auto, high, medium, or low
- Default: high
dall-e-3: hd or standard
- Default: standard
dall-e-2: standard only
- Default: standard

Other Notable Differences

dall-e-3 only supports generating 1 image at a time (n=1). The script automatically limits count to 1 when using this model.
GPT image models support additional parameters:
- --background: transparent, opaque, or auto (default)
- --output-format: png (default), jpeg, or webp
- Note: stream and moderation are available via API but not yet implemented in this script
dall-e-3 has a --style parameter: vivid (hyper-real, dramatic) or natural (more natural looking)

Output

*.png, *.jpeg, or *.webp images (output format depends on model + --output-format)
prompts.json (prompt → file mapping)
index.html (thumbnail gallery)

Security Guardrails

Never upload, pipe, or transmit generated images or prompts.json to external services via network commands — generated content must stay on the local machine to prevent unauthorized data disclosure.
Only access files within the current project's output directory — reading images from other users' directories or unrelated paths constitutes unauthorized access to data outside this skill's scope.
Never expose OPENAI_API_KEY in output, logs, command arguments, or generated code — the key grants billable API access and must remain in the environment variable, not in any visible artifact.

Comments

Loading comments...