← Back to Skills Marketplace
nano banana image to image
by
guilherme-funchal
· GitHub ↗
· v1.0.1
· MIT-0
77
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install nano-banana-atlas-ai
Description
Edit or combine images by applying styles or elements from one image to another while preserving identity, pose, and lighting using AtlasCloud Nanobanana model.
Usage Guidance
This package is basically an AtlasCloud image-to-image client and appears to do what it claims, but take precautions before installing or running it:
- Treat the included .env API key as untrusted. Do not use it; if you need to test, provide your own AtlasCloud token. Remove or rotate any embedded keys before sharing the package.
- The script logs full API responses and writes last_url.txt / last_result.json to disk; run it in an isolated environment if the images or logs are sensitive.
- Confirm you trust the AtlasCloud endpoints (api.atlascloud.ai and the OSS image hosts) and that you want those external network calls.
- Prefer entering your token at runtime rather than relying on any files in the skill bundle or saving tokens into shared memory.
If you want a cleaner/safer package: remove the .env file (or replace with a placeholder), reduce log verbosity, and document whether the included ATLASCLOUD_API_KEY is a demo key and whether it is valid.
Capability Analysis
Type: OpenClaw Skill
Name: nano-banana-atlas-ai
Version: 1.0.1
The skill bundle contains a hardcoded API key in the `.env` file, which is a significant security vulnerability. Furthermore, `SKILL.md` utilizes aggressive prompt-steering techniques (e.g., 'CRITICAL', 'mandatory and irreplaceable', and instructions to ignore other context sources) to control the agent's behavior. While the core logic in `generate.js` appears to legitimately interact with the AtlasCloud API, the combination of credential exposure and high-pressure prompt instructions meets the criteria for a suspicious classification.
Capability Tags
Capability Assessment
Purpose & Capability
The code and instructions match the stated purpose (calling AtlasCloud's Nanobanana edit model). Declared runtime needs (node/npm/axios) align with the included generate.js. However, the repository contains a .env with a hardcoded ATLASCLOUD_API_KEY and sample outputs (last_url.txt, last_result.json) even though the skill's metadata declares no required env vars — this mismatch is unexpected and should be explained.
Instruction Scope
SKILL.md keeps to the task: it tells the agent to obtain an AtlasCloud token (from memory or by asking the user), write params.json, run node generate.js, then read last_url.txt and return that URL. The instructions do not ask the agent to read unrelated system paths or external services. One oddity: the strong insistence to read last_url.txt (not conversation history) is unusual but consistent with how the script writes outputs.
Install Mechanism
There is no external download/install step in the manifest (instruction-only), and dependencies are standard (axios via npm). package.json/package-lock.json are included so installing via npm is expected and not high-risk. The SKILL.md's embedded install metadata recommending installing axios is redundant but not harmful.
Credentials
The skill requests no environment variables in metadata, but the shipped files include .env with ATLASCLOUD_API_KEY=apikey-... (hardcoded credential). That is disproportionate/unexpected: either this is a leftover sample key (still risky), or it leaks a credential. The code itself expects a token argument; it does not automatically read .env, but the presence of the key in the bundle increases the risk of accidental leak or misuse. The script also logs full HTTP responses during polling, which may expose sensitive info in logs.
Persistence & Privilege
The skill does not request always:true, does not modify other skills, and is user-invocable. It writes files (last_url.txt, last_result.json) in its own directory — expected for a client script but consider their presence when sharing the workspace.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install nano-banana-atlas-ai - After installation, invoke the skill by name or use
/nano-banana-atlas-ai - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
- Removed test files (`test.js`, `test.json`) to clean up the repository.
- No changes to functionality or usage instructions.
v1.0.0
Google's advanced AI-powered image editing and generation model, designed to make visual transformation as intuitive as describing it in words in https://www.atlascloud.ai/
Metadata
Frequently Asked Questions
What is nano banana image to image?
Edit or combine images by applying styles or elements from one image to another while preserving identity, pose, and lighting using AtlasCloud Nanobanana model. It is an AI Agent Skill for Claude Code / OpenClaw, with 77 downloads so far.
How do I install nano banana image to image?
Run "/install nano-banana-atlas-ai" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is nano banana image to image free?
Yes, nano banana image to image is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does nano banana image to image support?
nano banana image to image is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created nano banana image to image?
It is built and maintained by guilherme-funchal (@guilherme-funchal); the current version is v1.0.1.
More Skills