Evolink Nano Banana 2 1
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: evolink-nano-banana-2-1 Version: 1.0.0 The skill bundle is primarily benign, focusing on AI image generation via the Evolink API. However, it is classified as 'suspicious' due to the `SKILL.md` instructions for setting up the MCP server, which involve executing `npx -y @evolinkai/evolink-media@latest`. While this is a common method for running Node.js CLI tools and is for a stated dependency, `npx -y` allows for the automatic download and execution of arbitrary code from npm, introducing a supply chain vulnerability. If the `@evolinkai/evolink-media` package were compromised, it could lead to arbitrary code execution on the host system, making it a significant risk, even if not directly malicious within this skill bundle's files.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone installing this skill must provide or expose an Evolink API key, which can be used to consume credits or access Evolink-hosted files within that account's permissions.
The skill needs a service API key to authenticate requests to Evolink. This is expected for the integration, but it gives the skill delegated access to the user's Evolink account.
`EVOLINK_API_KEY` authenticates all requests. Injected by OpenClaw automatically. Treat as confidential.
Use a dedicated Evolink API key, monitor usage and billing, and revoke the key if you stop using the skill.
Private prompts or sensitive images submitted for editing/generation will be sent to a third-party service and may be accessible through temporary hosted links.
The skill clearly discloses that user prompts and image inputs are transmitted to Evolink and that generated or uploaded content is available through temporary URLs.
Prompts and images are sent to `api.evolink.ai`. Uploaded files expire in **72h**, result URLs in **24h**.
Do not submit confidential, regulated, or highly personal images unless Evolink's privacy, retention, and access controls meet your needs.
If the npm package changes or is compromised later, a user following the setup command could run different code than what was reviewed here.
The setup documentation recommends running an external npm MCP package with the moving `@latest` tag. This is purpose-aligned setup guidance, not automatic execution, but the exact code version is not pinned in the artifact.
`mcporter call --stdio "npx -y @evolinkai/evolink-media@latest" list_models`
Verify the npm/GitHub package publisher and consider pinning a specific trusted version instead of using `@latest`.
The skill identity metadata is not perfectly consistent, so users may want to confirm they are installing the intended Evolink skill.
The packaged metadata differs from the registry-provided owner and slug shown in the evaluation context. This is a provenance inconsistency, though it does not by itself show unsafe behavior.
"ownerId": "kn74p4xy6sja0199cea53anecs81kqjs", "slug": "evolink-nano-banana-2"
Verify the publisher, homepage, and package identity before providing an API key.