Auto Free Banana
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
This skill is purpose-aligned for Google Flow image generation, but it deserves review because it extracts and stores Google session tokens and starts a remote-debuggable Chrome session.
Install only if you are comfortable letting the skill automate a Chrome session logged into Google Flow. Prefer a dedicated Google account or Chrome profile, review the saved cookies/token file location, close the debug Chrome window after use, and avoid using untrusted proxy/debug/profile environment settings.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill can reuse your Google Flow login, and anyone or anything that can read the cookie file may be able to reuse that session material.
The skill writes Google Flow OAuth access tokens and cookies to a local JSON file. This is related to the stated Flow integration, but it is high-impact account/session material and the registry metadata declares no primary credential.
accessToken: string; cookies: CookieMap; ... await writeFile(p, JSON.stringify(payload, null, 2), 'utf8');
Use a dedicated Google/browser profile, protect or delete the saved cookie file when done, and expect the skill to clearly declare credential use, storage location, retention, and logout/revocation guidance.
A local process may be able to connect to the remote-debugging browser while it remains open, potentially controlling the browser profile used for Google Flow.
The skill launches Chrome with a remote debugging port and detaches the process. That is useful for UI automation, but it can leave a privileged browser session and CDP endpoint running beyond the immediate task.
`--remote-debugging-port=${get_cdp_port()}`, `--user-data-dir=${userDataDir}`, ... const child = spawn(cmdExe, args, { detached: true, stdio: 'ignore' }); child.unref();Run this only in an isolated browser profile, close the debug Chrome session after use, avoid sharing the debug port, and prefer an implementation that cleans up or clearly tells the user what remains running.
If an unsafe value is supplied through the relevant environment variable, the path conversion command could behave unexpectedly.
The shell command is for WSL path conversion, which fits the browser-automation setup, but it interpolates an environment-derived path into a shell string.
return execSync(`wslpath -u "${rawWindowsPath}"`, { encoding: 'utf-8', timeout: 5000 }).trim() || null;Avoid untrusted values in WSL path environment variables; the skill author should use argument-based process execution instead of shell string interpolation.
The first run may download and execute a runtime package from the package ecosystem.
If Bun is not installed, the documented fallback runs Bun through npx at execution time, which relies on npm package resolution rather than a pinned local runtime.
`${BUN_X}` = `bun` if installed, else `npx -y bun`Install Bun from a trusted source ahead of time or use a pinned runtime path instead of relying on `npx -y bun`.