ClawHub

Nano Banana Veo

Security checks across malware telemetry and agentic risk

Overview

This skill broadly matches its image/video generation purpose, but it handles a Gemini API key in an under-scoped way that users should review before installing.

Install only if you are comfortable providing a Gemini API key and sending prompts/images to Google Gemini/Veo. Review or patch the script to validate the video download host before forwarding the API key, and prefer running it with a limited-scope key in an isolated environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Tainted flow: 'video_uri' from requests.get (line 132, network input) → requests.get (network output)

Medium
Category
Data Flow
Content
video_uri = outputs[0].get('video', {}).get('uri')
                    if video_uri:
                        print(f"Downloading video from: {video_uri[:60]}...")
                        video_response = requests.get(video_uri, headers={"x-goog-api-key": api_key}, timeout=60)
                        with open(output_path, 'wb') as f:
                            f.write(video_response.content)
                        print(f"✅ Video saved to: {output_path}")
Confidence
92% confidence
Finding
video_response = requests.get(video_uri, headers={"x-goog-api-key": api_key}, timeout=60)

Tainted flow: 'api_key' from os.environ.get (line 16, credential/environment) → requests.get (network output)

Critical
Category
Data Flow
Content
video_uri = outputs[0].get('video', {}).get('uri')
                    if video_uri:
                        print(f"Downloading video from: {video_uri[:60]}...")
                        video_response = requests.get(video_uri, headers={"x-goog-api-key": api_key}, timeout=60)
                        with open(output_path, 'wb') as f:
                            f.write(video_response.content)
                        print(f"✅ Video saved to: {output_path}")
Confidence
95% confidence
Finding
video_response = requests.get(video_uri, headers={"x-goog-api-key": api_key}, timeout=60)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill explicitly requires an API key and invokes a Python script that depends on external libraries used for remote API access, yet the skill does not declare permissions for environment-variable access or outbound network use. This creates a transparency and governance gap: users or platforms may authorize or run the skill without understanding that it can read secrets and transmit data externally.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill says it uses Gemini/Veo and requires a GEMINI_API_KEY, but it does not clearly warn that user prompts and potentially generated or source visual assets will be sent to Google's external services for processing. This can lead to unintended disclosure of sensitive creative content, proprietary marketing materials, or personal data included in prompts or images.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal