by 安全扫描
OpenClaw
可疑
high confidenceThe skill claims to be a simple image-generation helper but the bundle contains many unrelated files (including configuration files with embedded API keys/secrets) and the SKILL.md / metadata are inconsistent about required credentials — review and reduce the package before use.
评估建议
Plain-language checklist before installing or running this skill:
- Do not run the skill's script blindly. Inspect scripts/generate_image.py for outgoing network calls, hardcoded endpoints, or embedded credentials before executing.
- The SKILL.md expects GEMINI_API_KEY (or --api-key) but the skill metadata lists no required env vars — this is inconsistent. Provide a dedicated, minimal API key (preferably short-lived) if you proceed.
- The package includes many unrelated files and several config...详细分析 ▾
⚠ 用途与能力
SKILL.md describes an image-generation/editing helper that uses an API key (GEMINI_API_KEY or --api-key). However the registry metadata declares no required env vars/credentials. The repository contains the expected generate_image.py, but it also bundles a large unrelated workspace (hundreds of files) including multiple service credentials and platform config files — far beyond what an image helper legitimately needs.
⚠ 指令范围
The runtime instructions are narrowly scoped to invoking the generate_image.py script and passing an API key or using GEMINI_API_KEY. However the package contains many other documents (AGENTS.md, MEMORY.md, config dumps) that instruct agents to read broad workspace context and files. That expands the effective scope if the skill or agent uses other files in the bundle. Also pre-scan flagged prompt-injection patterns in SKILL.md content, which could attempt to manipulate an agent's behavior.
ℹ 安装机制
There is no formal install spec (instruction-only), which minimizes automatic installation risk. But the artifact nonetheless includes 93 code files and a 615-file manifest (full workspace). That indicates a packaged workspace rather than a minimal skill; running the provided script will execute code from that package — inspect code before executing.
⚠ 凭证需求
SKILL.md explicitly relies on GEMINI_API_KEY (or --api-key) but the skill metadata lists no required env vars. More seriously, several files in the bundle (e.g., the 2026-3-10afu's js backup and other config files) contain many API keys, app secrets, tokens and gateway auth values unrelated to image generation. Packaging unrelated secrets with a skill is a high-risk mismatch.
ℹ 持久化与权限
The skill is not flagged as always:true and uses normal autonomous invocation defaults. That is expected. However the included workspace files contain agent policies (AGENTS.md) that encourage reading many local files (e.g., 'read MEMORY.md', 'read SOUL.md') which, combined with autonomous invocation, increases potential blast radius if the agent follows those broader instructions. No explicit attempt to modify other skills or system-wide settings was observed in the provided SKILL.md.
⚠ hooks/gateway-restart-protection/handler.js:57
Shell command execution detected (child_process).
⚠ scripts/autonomous-thinking.js:193
Shell command execution detected (child_process).
⚠ scripts/triple-line-sync.js:49
Shell command execution detected (child_process).
⚠ skills/send-html-to-feishu/scripts/run.js:41
Shell command execution detected (child_process).
⚠ skills/skill-vetting/scripts/scan.py:22
Dynamic code execution detected.
⚠ skills/send-html-to-feishu/scripts/send-to-feishu.js:11
Environment variable access combined with network send.
⚠ skills/send-html-to-feishu/scripts/send-to-feishu.js:31
File read combined with network send (possible exfiltration).
⚠ skills/skill-vetting/references/patterns.md:108
Prompt-injection style instruction pattern detected.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/3/17
- Initial release of nano-banana-pro image generation and editing skill using Gemini 3 Pro Image API. - Supports both text-to-image and image-to-image workflows at 1K, 2K, and 4K resolutions. - Detailed usage instructions for generating or editing images via command line, including API key handling. - Includes best practices for iterative workflow: quick 1K drafts, precise prompt edits, and final 4K outputs. - Automatic, context-aware filename generation with timestamp and description. - Covers preflight checks, common errors, prompt handling, editing guidance, and precise prompt templates.
● 可疑
安装命令 点击复制
官方npx clawhub@latest install embedding-strategies
镜像加速npx clawhub@latest install embedding-strategies --registry https://cn.clawhub-mirror.com
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制