ClawHub

WaveSpeedAI Nano Banana Pro Image Generation/Editing

Security checks across malware telemetry and agentic risk

Overview

This is a documented third-party image generation/editing skill, with ordinary privacy cautions around sending selected images and prompts to WaveSpeed AI.

Install only if you are comfortable sending selected prompts, image URLs, and uploaded image files to WaveSpeed AI for processing. Avoid confidential, regulated, or sensitive images unless you have reviewed WaveSpeed’s data handling terms, and use trusted or validated image URLs rather than arbitrary user-supplied links.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The documentation states that untrusted or user-provided image URLs should never be loaded without validation, but earlier examples explicitly demonstrate passing an arbitrary external URL directly to the edit API. That contradiction can normalize unsafe integration patterns, enabling SSRF-style fetches, internal resource access, or ingestion of attacker-controlled content if downstream URL retrieval is performed server-side by the platform or wrapper.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill instructs users to upload local images and submit prompts to a third-party API without clearly disclosing that image data and prompt contents leave the local environment and are sent to WaveSpeed AI. This can lead to accidental exfiltration of sensitive images, embedded metadata, or confidential prompt content, especially in agent contexts where users may assume local-only processing.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal