Skillv1.0.10

ClawScan security

gemini-image-generation · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 19, 2026, 9:28 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requested files, binaries, and environment variables match its stated purpose (using the Google GenAI/Gemini SDK to generate or edit images); nothing in the code or instructions indicates covert or disproportionate access.
Guidance: This skill appears coherent and implements image generation/editing via Google GenAI. Before installing: 1) Only enable it if you trust the skill source and are comfortable sending prompts and any source images to Gemini (the skill base64-encodes and uploads input images to the API). 2) Keep GEMINI_API_KEY secret (store it in your OpenClaw skill config as instructed). 3) If you use GEMINI_BASE_URL, ensure it points to a trusted endpoint (a custom base URL could redirect requests to a non-Google host). 4) Run 'npm install' in the skill directory to install @google/genai, and review that dependency if you have concerns. 5) Be mindful of privacy: do not send PII or sensitive images unless you accept they will be processed by the configured GenAI endpoint.

Review Dimensions

Purpose & Capability: okName/description, required binaries (node, npm), and required env vars (GEMINI_API_KEY, GEMINI_MODEL_ID) align with the declared purpose of calling Google GenAI (Gemini) to generate/edit images. The package.json depends on @google/genai which is appropriate for this functionality.
Instruction Scope: okSKILL.md and the scripts only instruct reading workspace image files, reading GEMINI_* environment variables, invoking the GoogleGenAI client, and saving returned images to workspace. There are no instructions to read unrelated system files, other credentials, or to send data to unexpected endpoints. The skill will of course transmit prompts and any provided source images to the Gemini API (expected for image editing).
Install Mechanism: noteNo formal install spec is included (instruction-only install), but package.json and SKILL.md instruct the user to run 'npm install' in the skill root. This is expected for a Node-based skill; there is no third-party binary download or untrusted URL referenced.
Credentials: okRequested env vars are limited and appropriate: GEMINI_API_KEY (primary) and GEMINI_MODEL_ID are required; GEMINI_BASE_URL is optional for custom endpoints. No unrelated credentials or broad system config paths are requested.
Persistence & Privilege: okThe skill does not request always:true, does not modify other skills, and requires explicit enabling in ~/.openclaw/openclaw.json. Autonomous invocation is allowed (platform default) but not combined with elevated persistence or unrelated credential access.