Back to skill
Skillv1.0.1
VirusTotal security
nano-banana-pdf-edit · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 4:20 AM
- Hash
- 638bee53aab450d82e21ea5358751b4df6d7576172eebaeef81571ea7915c3b4
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: nano-banana-pdf-skill Version: 1.0.1 The skill is classified as suspicious due to the inherent risk of shell injection and broad execution capabilities. The `SKILL.md` instructs the AI agent to construct and execute `nano-pdf` shell commands based on user input, which presents a vulnerability if user input is not rigorously sanitized or quoted, potentially leading to arbitrary command execution. Additionally, the agent is instructed to install system-level dependencies (`pip install`, `brew install`, `apt-get install`), granting it broad permissions to modify the system, which could be exploited if the agent's command generation is compromised by a malicious prompt.
- External report
- View on VirusTotal