ClawHub

Nano Banana Pro

Security checks across static analysis, malware telemetry, and agentic risk

Overview

The skill coherently implements a NanoPhoto image-generation client, with expected use of a NanoPhoto API key and remote API calls that may consume credits.

This appears safe for its stated purpose if you are comfortable giving it a NanoPhoto API key. Use the secure environment-variable setup, do not paste the key into chat, avoid private or sensitive images, and be aware that generation requests may consume credits.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI03: Identity and Privilege Abuse
Low
What this means

If installed with a valid key, the agent can submit NanoPhoto generation requests using that account.

Why it was flagged

The script authenticates to NanoPhoto using a bearer API key. This is expected for the service, but it grants the skill access to act through the user's NanoPhoto account.

Skill content
api_key = args.api_key or os.environ.get("NANOPHOTO_API_KEY") ... "Authorization": f"Bearer {api_key}"
Recommendation

Store the key only in the skill's secure environment setting, avoid passing it on the command line or in chat, and rotate the key if it is exposed.

#ASI02: Tool Misuse and Exploitation
Low
What this means

Repeated or high-quality generations may use account credits.

Why it was flagged

The API requests can consume NanoPhoto credits. This is disclosed and aligned with image generation, but users should notice the cost-bearing behavior.

Skill content
Credits are pre-deducted and automatically refunded if generation fails.
Recommendation

Confirm the prompt, image quality, and number of requested generations before running the skill, especially for 2K or 4K outputs.

#ASI04: Agentic Supply Chain Vulnerabilities
Info
What this means

Users are relying on the packaged artifact and publisher claims rather than a verified source repository.

Why it was flagged

The registry does not identify a source repository or verified source location. The included script is reviewable and coherent, but provenance is still a user-trust consideration.

Skill content
Source: unknown
Recommendation

Install only if you trust the publisher/package source, and review the included script before providing an API key.