ClawHub
Back to skill

Security audit

Work Productivity Nano Banana Workflow Helper 002325

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-style workflow helper with no executable code, but its trigger words are broader than necessary and may activate unexpectedly.

Installing this skill should be low risk from a security standpoint, but users should be aware it may be selected for unrelated requests because its triggers are generic. Prefer explicit invocation by the full skill name, and consider narrowing or disabling implicit invocation if accurate routing matters.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (9)

Vague Triggers

High
Confidence
95% confidence
Finding
The trigger examples are generic and include common terms like 'help me', 'practical workflow', 'generate', 'edit', and 'bug fix', which can cause the skill to activate for ordinary unrelated requests. In an agent environment, this kind of overbroad routing can misapply the skill, override more appropriate tooling, and increase the chance of unsafe or unintended behavior through prompt/skill collision.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger phrases are extremely generic, using terms like 'nano', 'pro', 'generate', 'edit', and broad natural-language prompts that could match many unrelated user requests. This can cause accidental invocation of the skill in inappropriate contexts, leading to workflow hijacking, confusing outputs, or unintended processing of user tasks that were not meant for this skill.

Vague Triggers

High
Confidence
96% confidence
Finding
The trigger keyword list is excessively broad, including generic terms such as "nano," "banana," "pro," "generate," and "edit" that commonly appear in unrelated requests. This can cause the skill to activate outside its intended scope, leading to prompt hijacking of normal user interactions, misrouting, or inappropriate application of the skill in contexts where it does not belong.

Vague Triggers

High
Confidence
95% confidence
Finding
The manifest description defines activation using broad, ambiguous conditions like requests involving "work-productivity," "nano," "banana," or "pro," which are not sufficiently specific to the skill's purpose. In an agent environment, this increases unintended invocation risk, allowing the skill to intercept unrelated tasks and influence agent behavior beyond the intended job-to-be-done.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The example trigger phrases are written in generic, reusable language such as "Help me" and "I need a practical workflow," which can normalize overbroad matching behavior and encourage accidental activation patterns. While less dangerous than the manifest and keyword list, these examples still reinforce an overly permissive routing model that can cause confusion or unintended skill selection.

Vague Triggers

High
Confidence
96% confidence
Finding
The trigger list includes extremely broad everyday terms such as "nano", "banana", "pro", "generate", "edit", and "images", which can cause the skill to activate for many unrelated requests. Over-broad activation increases the chance that the agent routes users into this skill unexpectedly, causing misexecution, irrelevant guidance, or interference with safer/more appropriate skills.

Vague Triggers

High
Confidence
93% confidence
Finding
The skill description says it should be used when users mention very broad terms or need generic artifacts like workflows, checklists, analysis, or implementation support, without clear boundaries. This makes the activation surface overly large and can lead to accidental invocation on unrelated productivity, image, or bug-fix requests, reducing routing integrity and increasing the chance of unsafe or low-quality handling.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The default prompt contains broad natural-language trigger terms such as 'help me' and generic workflow-related phrasing that can overlap with ordinary user requests. Because implicit invocation is enabled, this increases the chance the skill is auto-selected in unintended contexts, causing prompt injection into unrelated conversations or unexpected execution of the skill's behavior.

Vague Triggers

High
Confidence
95% confidence
Finding
The trigger section uses extremely broad terms such as "help me," "I need a practical workflow," and generic keywords like "nano," "banana," and "pro," which can match many unrelated user requests and cause unintended skill invocation. In an agent ecosystem, overbroad routing can misapply this skill to unrelated tasks, increasing the chance of incorrect automation, user confusion, and accidental exposure of skill behaviors in contexts where they were not requested.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal