ClawHub

Nano Img Cli

Security checks across malware telemetry and agentic risk

Overview

This skill is a transparent helper for a local image-generation CLI, with expected local command, API-key, and configuration effects.

Install this if you intend to use the local nano-img CLI. Verify the nanobana/nano-img binary itself comes from a trusted source, expect Gemini API quota or billing use, and review ~/.nano-img defaults and reference images before sensitive generations or persistent configuration changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill explicitly instructs the agent to inspect and modify persistent configuration and files under ~/.nano-img, including saved model, save directory, and home-directory instruction/style files, but it does not require user confirmation or warn that these changes persist beyond the current task. In an agent setting, this can lead to unintended modification of user state, surprising future behavior, or silent alteration of local workflow preferences.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill is configured with broad activation language and `allow_implicit_invocation: true`, which increases the chance that the agent will invoke this capability when a user mentions image generation or configuration in a general way. Because this skill operates a local CLI and can modify defaults or manage files under `~/.nano-img`, unintended activation could trigger local side effects such as configuration changes, file writes, or command execution without sufficiently explicit user intent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal