📦 CLI Anything GIMP — GIMP命令行工具

v1.0.0

GIMP命令行工具，通过命令行方式操作GIMP图像处理软件，支持批量处理图片。

0· 252·0 当前·0 累计

by @sly27 (Sly27)

图像处理命令行工具自动化开发工具

下载技能包

最后更新

2026/4/21

安全扫描

VirusTotal

无害

查看报告

OpenClaw

可疑

medium confidence

The skill's instructions match a GIMP CLI wrapper, but it asks the agent to install/run local Python code from an unverified ~/.openclaw workspace (pip install -e .) while providing no install source or package provenance—this could cause execution of arbitrary code.

评估建议

This skill appears to be a CLI wrapper for GIMP, but its SKILL.md tells you to pip-install code from a local workspace path (~/.openclaw/workspace/CLI-Anything/...). Before installing or running: (1) verify the contents and origin of ~/.openclaw/workspace/CLI-Anything/gimp/agent-harness — don't run pip install -e . on unknown code, (2) prefer a published package (PyPI or an official GitHub release) or request the author to provide a safe install spec, (3) run installs in an isolated environment ...

详细分析 ▾

ℹ 用途与能力

Name/description claim a CLI wrapper for GIMP and the SKILL.md documents commands that match that purpose. However the skill does not declare the required binary 'cli-anything-gimp' or an install source; instead it assumes a local repo at ~/.openclaw/workspace/CLI-Anything/gimp/agent-harness. That implicit dependency is unexpected for an instruction-only skill.

⚠ 指令范围

The instructions tell the agent to activate a virtualenv and run pip install (including pip install -e . in a local path). That can execute arbitrary local code and modifies the runtime environment. The SKILL.md also hardcodes paths under ~/.openclaw, assuming files exist there, which grants the skill broad discretion to run code from the user's workspace.

⚠ 安装机制

There is no formal install spec in the registry. Instead, the runtime instructions instruct direct pip installs (click, numpy, Pillow, prompt-toolkit) and a local editable install (pip install -e .) from a repo path. Installing/editing local packages via pip can run arbitrary setup/build scripts; without a trustworthy source (PyPI/GitHub release) this is risky.

✓ 凭证需求

The skill does not request environment variables, credentials, or config paths beyond using a path under the agent workspace (~/.openclaw). No secrets or unrelated service tokens are requested.

✓ 持久化与权限

always is false and there are no indications the skill attempts to persistently modify other skills or system-wide agent settings. It does instruct creating/using a venv under ~/.openclaw, which is limited to the agent workspace.

安全有层次，运行前请审查代码。

运行时依赖

无特殊依赖

版本

latestv1.0.02026/3/15

Initial release of the cli-anything-gimp skill. - Enables image editing tasks (create projects, add layers, apply filters, export) using GIMP via CLI. - Provides commands for project management, layer and canvas operations, drawing, and batch processing. - Supports both JSON and human-readable output formats. - Includes setup, troubleshooting tips, and example workflows for common use cases.

● 无害

安装命令

点击复制

官方npx clawhub@latest install cli-anything-gimp

镜像加速npx clawhub@latest install cli-anything-gimp --registry https://cn.longxiaskill.com

数据来源：ClawHub ↗ · 中文优化：龙虾技能库