Fähigkeiten gif-sticker-maker
📦
gif-sticker-maker
Mittleres Risiko ⚙️
Externe Befehle📁
Dateisystemzugriff🌐
Netzwerkzugriff🔑
Umgebungsvariablen
从照片创建动态GIF贴纸
将任何照片转换为四张具有独特Funko Pop 3D手办风格的动态贴纸。此技能处理从图像生成到动画再到最终GIF输出的完整工作流程,只需提供源照片和MiniMax API密钥即可。
Unterstützt: Claude Codex Code(CC)
1
Die Skill-ZIP herunterladen
2
In Claude hochladen
Gehe zu Einstellungen → Fähigkeiten → Skills → Skill hochladen
3
Einschalten und loslegen
Teste es
Verwendung von "gif-sticker-maker". 一张笑脸人物的肖像照片
Erwartetes Ergebnis:
- 生成4张GIF贴纸(sticker_hi.gif、sticker_laugh.gif、sticker_cry.gif、sticker_love.gif)
- 每张贴纸都显示人物以Funko Pop风格3D手办呈现,面部特征相匹配
- 字幕显示在每个手办下方,使用匹配的语言
- 所有输出均采用柔和的摄影棚灯光和白色背景
Verwendung von "gif-sticker-maker". 一张狗坐在草地上的照片
Erwartetes Ergebnis:
- 4张动态GIF贴纸,狗以可爱的3D手办风格呈现
- 每张贴纸显示不同的动画动作(挥手、大笑、哭泣、心形手势)
- 具有Octane品质灯光效果的风格化渲染
- GIF文件已准备好在消息应用中分享
Sicherheitsaudit
Mittleres Risikov1 • 4/16/2026
This skill converts photos into animated GIF stickers using the MiniMax AI API. Static analysis flagged 84 patterns, but most are false positives: argparse.ArgumentParser was misidentified as weak cryptography, and markdown bash code blocks were misidentified as Ruby backtick execution. Confirmed risks include legitimate subprocess calls to ffmpeg for video-to-GIF conversion, HTTP requests to documented MiniMax API endpoints, environment variable access for API keys, and local file read/write operations for image processing. All identified patterns are consistent with the skill documented purpose and pose no malicious intent.
8
Gescannte Dateien
683
Analysierte Zeilen
10
befunde
1
Gesamtzahl Audits
Probleme mit hohem Risiko (1)
External command execution via ffmpeg subprocess
The script scripts/convert_mp4_to_gif.py uses subprocess.run to invoke ffmpeg for MP4 to GIF conversion. Arguments are constructed from CLI input parameters (input file paths). While arguments are not shell-interpolated and use list form (preventing shell injection), user-controlled file paths are passed directly to the external process. This is a legitimate workflow requirement for the skill but represents an external command execution risk.
Probleme mit mittlerem Risiko (3)
File read operations with user-provided paths
Scripts minimax_image.py and minimax_video.py read local image files via open() using paths derived from CLI arguments. The _encode_image function reads arbitrary files and encodes them as base64 data URIs for API submission. While legitimate for the skill purpose, this allows reading any file accessible to the process if a malicious actor controls CLI arguments.
File write operations to user-specified paths
Scripts write output files to paths specified via CLI arguments. The os.makedirs call with exist_ok=True creates directory structures as needed. While standard for a generation tool, this allows writing to any path the process has permission to access.
API key loaded from environment variable at module level
Both minimax_image.py and minimax_video.py read MINIMAX_API_KEY from environment at import time (module-level assignment). This means any script that imports these modules gains access to the API key value. The key is then included in HTTP Authorization headers for API requests.
Probleme mit niedrigem Risiko (2)
HTTP requests to external API endpoints
Scripts make HTTP requests to MiniMax API endpoints (api.minimaxi.com and api.minimax.io). Base URLs are configurable via MINIMAX_API_BASE environment variable. All requests include timeouts and use HTTPS. This is expected behavior for an API client skill.
Hardcoded API endpoint URLs in comments
Default API base URLs are documented in comments at scripts/minimax_image.py and scripts/minimax_video.py. These are informational only and do not represent a security risk since the actual URL must be set via environment variable.
Risikofaktoren
⚙️ Externe Befehle (1)
📁 Dateisystemzugriff (6)
🌐 Netzwerkzugriff (6)
🔑 Umgebungsvariablen (4)
Erkannte Muster
Subprocess execution with user-controlled input paths
Auditiert von: claude
Qualitätsbewertung
77
Architektur
100
Wartbarkeit
87
Inhalt
21
Community
36
Sicherheit
91
Spezifikationskonformität
Was du bauen kannst
社交媒体贴纸包
从个人照片或品牌吉祥物创建自定义动态贴纸包,用于消息平台和社交媒体资料。
品牌头像动画
将公司标志或品牌角色转换为统一的动态表情贴纸集,用于营销活动和内部沟通。
个性化礼物和表情包
将家庭照片或宠物照片变成有趣的动态贴纸,可在群聊中分享或打印成创意纪念品。
Probiere diese Prompts
基本照片转贴纸
Convert my photo into 4 animated GIF stickers in Funko Pop style. Use default captions and actions.
自定义字幕贴纸
Create 4 animated stickers from this photo with custom captions: 'Hello', 'Haha', 'Oops', 'Love it'. Use Funko Pop 3D style with white background.
宠物贴纸动画
Turn this photo of my cat into 4 animated GIF stickers in Funko Pop style. The captions should be in Japanese. Preserve the cat distinctive markings in the generated images.
品牌标志动画
Convert this company logo into 4 animated sticker expressions in 3D figurine style. Use English captions. Each sticker should show a different emotion: greeting, laughter, sadness, and affection. Output all as GIF files.
Bewährte Verfahren
- 使用清晰、光线充足且主体居中的照片,以获得最佳相似度保留效果
- 在运行技能前将MINIMAX_API_BASE设置为正确的区域端点(中国的api.minimaxi.com,海外的api.minimax.io)
- 检查生成的GIF文件大小,如果输出对您的用例来说太大,请调整ffmpeg的宽度和fps参数
Vermeiden
- 不要在提示中分享您的MiniMax API密钥或将其提交到版本控制;始终使用环境变量
- 不要对非人物主体(动物、物体)使用主体参考,因为API不会保留相似度
- 不要在字幕和用户界面语言之间混用语言;保持所有输出使用一种一致的语言
Häufig gestellte Fragen
什么照片格式作为输入效果最好?
清晰的JPEG或PNG照片效果最佳。主体应光线充足且清晰可见。对于人物主体,正面照片在生成的贴纸中能获得最准确的相似度。
使用此技能是否需要MiniMax账户?
是的。您需要一个具有有效API密钥的MiniMax账户。在运行技能前设置MINIMAX_API_KEY和MINIMAX_API_BASE环境变量。
此技能可以为物体或标志添加动画吗?
是的,但无法保留相似度。主体参考标志仅适用于人物主体。对于物体和标志,技能依赖提示中的文本描述来生成手办风格。
为什么需要ffmpeg?
ffmpeg用于最后一步,将MiniMax生成的MP4视频文件转换为动态GIF格式。它执行两遍调色板生成以获得更好的视觉质量。
完整工作流程需要多长时间?
工作流程涉及四张图像生成调用、四次视频生成调用(异步轮询)以及四次GIF转换。视频生成通常耗时最长,每段视频往往需要几分钟。
我可以自定义贴纸动作和动画吗?
是的。您可以提供自定义字幕,技能将构建匹配的动画提示。默认动作是挥手、大笑、哭泣和心形手势,但您可以在字幕收集步骤中指定替代方案。