ClawHub
Back to skill
v0.1.0

Nano Banana Pro

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 4:56 AM.

Analysis

The skill appears to do what it says: it generates or edits images through Google's Gemini API, with expected cautions around API-key use, cloud processing of prompts/images, and runtime Python dependencies.

GuidanceInstall if you are comfortable configuring a Gemini API key, sending selected prompts/images to Google, and allowing uv to use the listed Python dependencies. Use a limited API key if possible, avoid sensitive images unless appropriate for Google's service, and choose output filenames/locations deliberately.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
scripts/generate_image.py
dependencies = [ "google-genai>=1.0.0", "pillow>=10.0.0", ]

The bundled script relies on third-party Python packages with lower-bound version constraints. This is normal for a Gemini image client, but users with strict supply-chain requirements should notice it.

User impactRunning the skill with uv may install or use external package code from the Python ecosystem.
RecommendationUse a trusted package source and isolated environment; pin or review dependency versions if you need stricter supply-chain control.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
scripts/generate_image.py
parser.add_argument("--api-key", "-k", help="Gemini API key (overrides GEMINI_API_KEY env var)") ... client = genai.Client(api_key=api_key)

The script accepts and uses a Gemini API key. This is expected for the stated Google image-generation purpose, but it delegates access to the user's Gemini account/quota.

User impactUsing this skill can consume the configured Gemini API quota or billing allowance.
RecommendationUse a dedicated or limited Gemini API key where possible, and prefer environment/config storage over passing keys directly on the command line.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityMediumConfidenceHighStatusNote
scripts/generate_image.py
contents = [*input_images, args.prompt] ... response = client.models.generate_content(model="gemini-3-pro-image-preview", contents=contents, ...)

For edits/compositions, the prompt and opened input images are passed to the Gemini provider API. This is core to the skill's purpose, but it is a sensitive data boundary.

User impactPrompts and any selected input images leave the local environment and are processed by Google's service.
RecommendationOnly provide prompts and images that you are comfortable sending to Google, and review the provider's data-use and retention terms for sensitive or regulated content.