ClawHub

Nano Banana Image Creator

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Gemini image generation/editing helper, but users should avoid sensitive images and prefer environment variables for API keys.

Install only if you are comfortable sending prompts and selected input images to Google's Gemini API. Use GEMINI_API_KEY instead of pasting an API key into chat or command arguments, and avoid using confidential images or output filenames that could overwrite important files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill clearly depends on environment access via GEMINI_API_KEY, but the metadata does not declare permissions or otherwise warn that it reads secrets from the environment. That mismatch can undermine least-privilege expectations and make secret access less transparent to users reviewing the skill.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The usage examples encourage passing --api-key on the command line, which can expose the secret through shell history, process listings, logs, or telemetry. This is a real credential-handling weakness because users may copy the example directly and unintentionally leak their API key.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill sends user prompts and potentially local input images to an external Google API, but the documentation does not warn users about this data transfer. In a tool that handles local files and creative prompts, missing disclosure can lead to unintended sharing of sensitive images, embedded metadata, or confidential prompt content.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script transmits the user's prompt and, when provided, a local input image to Google's external API, but it does not give an explicit user-facing notice at the point of transmission about what data leaves the system. In an agent skill context, this can surprise users and cause unintended disclosure of sensitive images or prompt content, especially if the skill is invoked on private local files.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal