Chinese Image Gen
v1.0.0Generate Chinese vertical images (750×1334px) for 微头条/social media using Playwright + Google Fonts CDN. Solves PIL Chinese font glyph bugs. Triggers: 生成图片, 做...
⭐ 0· 59·0 current·0 all-time
bybashu@wdmcygah
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description claim browser-based rendering of Chinese text using Playwright and Google Fonts; SKILL.md and scripts/render.py implement exactly that. No unrelated credentials, binaries, or services are requested.
Instruction Scope
Instructions direct the agent to install Playwright, download Chromium, load provided HTML (inline CSS) and fetch Google Fonts CDN. The agent will read HTML files and write PNG files to disk as expected. Note: set_content can cause the browser to load external resources referenced by the HTML (fonts, images, scripts) — the skill intentionally loads Google Fonts but any other remote URLs in user HTML would also be fetched.
Install Mechanism
There is no formal install spec in the registry; SKILL.md asks the user to pip install playwright and run 'playwright install chromium' which downloads Chromium from Playwright's release host. This is a common, expected mechanism but does perform a network download and writes a browser binary to disk.
Credentials
The skill requests no environment variables or credentials and its functionality does not require any. The absence of secrets is proportional to the described task.
Persistence & Privilege
always is false and the skill does not request persistent system changes or modify other skills. It runs on demand and writes only the output PNG files specified by the user.
Assessment
This skill appears coherent and implements what it claims: it renders HTML/CSS with Playwright to produce PNGs and uses Google Fonts for correct Chinese glyphs. Before installing/running: 1) Be prepared to pip install Playwright and to download Chromium (network download and non-trivial disk usage). 2) The examples use Chromium launched with --no-sandbox (common in containers) which weakens process isolation—run in an isolated environment if you don't trust the input. 3) Review any HTML you feed into the renderer: external resource URLs (fonts, images, scripts) will be fetched by the browser and could contact third-party servers. 4) The renderer reads HTML files and writes PNGs only; it does not request credentials or exfiltrate data by design, but avoid supplying sensitive content in HTML you don't want transmitted to third parties (e.g., remote images or fonts). If you need stricter isolation, run the script inside a sandboxed/containerized environment and/or remove remote resource links from your HTML.Like a lobster shell, security has layers — review code before you run it.
latestvk9763yjhx1d0v6mcxq4b66g8v583vye1
License
MIT-0
Free to use, modify, and redistribute. No attribution required.