ClawHub

Nano Banana

Security checks across malware telemetry and agentic risk

Overview

This is a coherent PoYo image-generation helper that sends user-provided prompts or image URLs to PoYo's external API using a user-supplied API key.

Install this only if you intend to use PoYo's external API. Keep POYO_API_KEY private, prefer setting it as an environment variable rather than passing it on the command line, review payloads before submission, and avoid sending secrets, confidential prompts, private image URLs, or callback URLs you do not control.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (8)

Lp3

Medium
Category
MCP Least Privilege
Confidence
85% confidence
Finding
The skill advertises and instructs shell-based execution via curl and helper scripts, but does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: an agent or reviewer may underestimate that the skill can invoke shell commands and transmit data externally.

Vague Triggers

Medium
Confidence
79% confidence
Finding
The invocation description is broad enough to match generic image-generation or editing requests, which can cause the skill to trigger in situations where the user did not intend to use an external third-party API. Over-broad routing increases the chance of unnecessary data disclosure and unintended external actions.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill lacks a clear user-facing warning that prompts, reference image URLs, and possibly callback-related metadata will be transmitted to an external API. Without explicit disclosure, users may unknowingly send sensitive prompts or private image links to a third party.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The reference explicitly instructs users to send prompts, optional reference image URLs, and an optional callback URL to a third-party service, but it does not warn that this may disclose sensitive user content or internal endpoints to an external provider. In a skill context, users may assume local processing unless disclosure is made clearly, so this creates a real privacy and data-handling risk even if it is normal API behavior.

External Transmission

Medium
Category
Data Exfiltration
Content
---
name: poyo-nano-banana
description: Use PoYo AI Nano Banana for general image generation and image editing across many aspect ratios through the `https://api.poyo.ai/api/generate/submit` endpoint. Use when a user wants prompt-based images, reference-image edits, wide or tall canvases, or PoYo payloads for `nano-banana` and `nano-banana-edit`.
metadata: {"openclaw": {"homepage": "https://docs.poyo.ai/api-manual/image-series/nano-banana", "requires": {"bins": ["curl"], "env": ["POYO_API_KEY"]}, "primaryEnv": "POYO_API_KEY"}}
---
Confidence
88% confidence
Finding
https://api.poyo.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
## Quick workflow

1. Choose the right model id for the requested output.
2. Build the request body for `POST https://api.poyo.ai/api/generate/submit`.
3. Send Bearer-authenticated JSON with `Authorization: Bearer <POYO_API_KEY>`.
4. Save the returned `task_id`.
5. Poll unified task status or wait for `callback_url` notifications.
Confidence
90% confidence
Finding
https://api.poyo.ai/

External Transmission

Medium
Category
Data Exfiltration
Content
## Submission example

```bash
curl -sS https://api.poyo.ai/api/generate/submit   -H 'Authorization: Bearer YOUR_API_KEY'   -H 'Content-Type: application/json'   -d '{
  "model": "nano-banana",
  "callback_url": "https://your-domain.com/callback",
  "input": {
Confidence
80% confidence
Finding
curl -sS https://api.poyo.ai/api/generate/submit -H 'Authorization: Bearer YOUR_API_KEY' -H 'Content-Type: application/json' -d

External Transmission

Medium
Category
Data Exfiltration
Content
## Submission example

```bash
curl -sS https://api.poyo.ai/api/generate/submit   -H 'Authorization: Bearer YOUR_API_KEY'   -H 'Content-Type: application/json'   -d '{
  "model": "nano-banana",
  "callback_url": "https://your-domain.com/callback",
  "input": {
Confidence
80% confidence
Finding
https://api.poyo.ai/

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal