Back to skill
Skillv1.0.9
ClawScan security
IMA Nano Banana Image Generator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 27, 2026, 7:41 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, runtime instructions, and requested environment access are consistent with an IMA image-generation client that needs a single IMA_API_KEY and writes local prefs/logs; nothing in the package suggests hidden exfiltration or unrelated privileges.
- Guidance
- This package appears coherent for an IMA image-generation client, but review these before installing: 1) Use a scoped/test IMA_API_KEY instead of a full-production key until you verify behavior; the key will be sent to both api.imastudio.com and imapi.liveme.com for local-file uploads. 2) Confirm you are comfortable with the skill writing logs and a preferences file under ~/.openclaw (logs may contain URLs and metadata; authors state the API key is not written to disk). 3) Note the hard-coded APP_ID/APP_KEY in the script (authors claim non-secret shared values); verify that upload-token flow meets your security/privacy needs. 4) The registry metadata you were shown has a minor inconsistency about the 'primary credential'—trust the SKILL.md/packaged clawhub.json for runtime requirements. If you need greater assurance, inspect the full ima_image_create.py functions that perform network calls or run the script in an isolated environment first.
Review Dimensions
- Purpose & Capability
- okName/description (IMA Nano Banana image generation) match the artifacts: SKILL.md, scripts/ima_image_create.py implement text_to_image and image_to_image against api.imastudio.com and imapi.liveme.com and enforce a model allowlist. One minor metadata inconsistency exists: the top-level manifest summary you provided states 'Primary credential: none' while SKILL.md and clawhub.json declare IMA_API_KEY as required/primary; this is likely a packaging/metadata mismatch but does not change runtime behavior.
- Instruction Scope
- okSKILL.md explicitly limits operations to the bundled script and to image tasks; the script follows that flow (product list, create task, poll, optional local-file upload). The script reads local image files only when performing image_to_image (expected). It sends the IMA_API_KEY to the two documented IMA domains for task creation and upload-token requests (documented in SECURITY.md). There are no instructions to read unrelated system files or collect other credentials.
- Install Mechanism
- okNo network download/install hook or arbitrary remote code execution; this is an instruction+script package with requirements.txt (requests). No high-risk install URLs or extract steps are present.
- Credentials
- noteOnly one required environment variable (IMA_API_KEY) is requested which matches the service integration. The script will send that API key to api.imastudio.com for generation and to imapi.liveme.com when uploading local files (this dual-domain use is documented in SECURITY.md). The package contains hard-coded APP_ID/APP_KEY used to sign upload-token calls and the code claims these are non-secret; that is plausible but should be understood by the user.
- Persistence & Privilege
- okThe skill does write to its own pref and log paths (~/.openclaw/memory/ima_prefs.json and ~/.openclaw/logs/ima_skills/) as declared in SKILL.md/clawhub.json and cleans logs after seven days. always:false and no cross-skill or system-wide config modifications are present.