Back to skill

Security audit

Gemini Image Generation

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it claims: generate or edit images through Gemini, with expected privacy considerations from using an external image service.

Install this only if you are comfortable sending image prompts and any selected source images to the configured Gemini or custom endpoint. Avoid confidential, regulated, or private images unless that provider use is approved, and choose explicit workspace output paths to avoid unwanted file overwrites.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Rogue AgentSelf-Modification, Session Persistence
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The README describes the skill in very broad terms ('create, transform, render, or save one or more images') without clear activation boundaries, which can cause an agent to invoke it on common image-related requests too aggressively. In an agent workflow, overly broad routing increases the chance of unintended external API use, unexpected file creation, and accidental transmission of user content to a third-party service.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README instructs users to install and configure the skill but does not clearly warn that it depends on external Gemini services and requires API credentials, despite mentioning environment variables later in an example. This can lead to users enabling the skill without understanding that prompts or images may be sent to a third party, creating consent, privacy, and configuration-risk issues in agent environments.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill sends user prompts and potentially user-supplied source images to an external Gemini API, but the skill documentation does not clearly warn users about that data transfer. This can lead to unintended disclosure of sensitive images or prompt contents, especially in workflows where users may assume processing is local.

Session Persistence

Medium
Category
Rogue Agent
Content
# Image Generation

Use this skill when you need to create one or more image files from a text prompt, or edit one or more existing images with Gemini.

## Requirements
Confidence
71% confidence
Finding
create one or more image files from a text prompt, or edit one or more existing images with Gemini. ## Requirements - `~/.openclaw/openclaw.json` must include `$.skills.entries["gemini-image-genera

Unpinned Dependencies

Low
Category
Supply Chain
Content
"private": true,
  "type": "module",
  "dependencies": {
    "@google/genai": "^1.44.0"
  }
}
Confidence
94% confidence
Finding
"@google/genai": "^1.44.0"

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.