ClawHub
Back to skill
v1.0.0

Nano Banana 2

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:08 AM.

Analysis

The skill appears to be a coherent NanoPhoto image API integration, but it uses your NanoPhoto API key, can spend service credits, and sends prompts or public image URLs to NanoPhoto.

GuidanceInstall only if you trust NanoPhoto with the prompts and public image URLs you submit, and if you are comfortable granting this skill a NanoPhoto API key that may spend credits. Prefer the secure environment-variable setting for the key, keep Google Search enhancement off unless needed, and avoid sensitive or private images.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
references/api.md
Credits are pre-deducted and refunded automatically if generation fails.

Submitting generation jobs can spend NanoPhoto credits, which is disclosed and purpose-aligned but is still a cost-bearing action.

User impactUnintended, repeated, or high-quality generations could consume NanoPhoto credits.
RecommendationConfirm the user wants a generation request and choose the intended quality level, especially before repeated calls or higher-cost 2K/4K generations.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
SKILL.md
Primary credential: `NANOPHOTO_API_KEY` ... Resolution order in the bundled script: `--api-key` → `NANOPHOTO_API_KEY` environment variable → `~/.openclaw/openclaw.json` skill env

The skill clearly declares one NanoPhoto credential and a bounded fallback location for retrieving it; this is expected for the integration but still grants account-level API access.

User impactThe agent can authenticate to NanoPhoto as the user for generation and status requests.
RecommendationStore the key only in the platform's secure environment setting, avoid pasting it into chat, and rotate or revoke it if the skill is no longer needed.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityLowConfidenceHighStatusNote
references/api.md
`POST https://nanophoto.ai/api/nano-banana-2/generate` ... `prompt` | string | Yes ... `inputImageUrls` | string[] | Conditional | Required for `edit`; public URLs only; max 14

The API workflow sends prompts and optional input image URLs to the external NanoPhoto service.

User impactPrompts and public image URLs leave the local environment and are processed by NanoPhoto.
RecommendationUse only prompts and image URLs you are comfortable sharing with NanoPhoto; avoid sensitive, private, or signed image URLs.