Security audit

Kie AI Nano Banana Pro 生图

Security checks across malware telemetry and agentic risk

Overview

This is a coherent image-generation skill for Kie AI, with privacy and trigger-scope cautions but no evidence of hidden or destructive behavior.

Install only if you are comfortable sending image prompts, reference image URLs, generation settings, and optional callback endpoints to Kie AI. Store the API key securely, avoid secrets or confidential material in prompts or images, use HTTPS callbacks with verification, and confirm intent before submitting high-cost or sensitive generation requests.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (6)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The README promotes webhook callbacks and external API usage but does not warn users that prompts, reference images, generated outputs, and task metadata may be transmitted to third-party services and callback endpoints. In an AI image-generation skill, this omission can lead to unintentional disclosure of sensitive business data or personal images because users may reasonably assume data stays local unless told otherwise.

Missing User Warnings

Low

Confidence: 87% confidence
Finding: The README instructs users to obtain and configure an API key without any guidance on secure credential handling. That omission increases the chance of accidental exposure through logs, screenshots, checked-in config files, or insecure sharing, which could enable unauthorized API use and billing abuse.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The scene trigger phrases are broad natural-language requests like '帮我生成一个图片...' and '用 Kie AI 生成...', which can cause the skill to activate for general image-generation intents beyond a narrowly scoped product integration. Over-broad activation can silently route user content to this skill and, in this case, onward to an external API, increasing the chance of unintended data disclosure or incorrect tool selection.

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The primary trigger list includes ambiguous short aliases such as 'kie' that are likely to collide with unrelated user text. Ambiguous triggers raise the risk that the skill is invoked unintentionally, which is more dangerous here because invocation leads to third-party API usage and potential transmission of user-supplied content.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill positioning section presents the capability as an official image assistant but does not warn users that prompts, reference image URLs, and callback URLs are sent to an external service. This omission undermines informed consent and can lead users to disclose sensitive content without realizing it will leave the local system boundary.

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The trigger list contains very generic terms such as "kie", "Kie AI", and "nano banana", which are likely to appear in ordinary user conversation and can cause the skill to activate unintentionally. In a skill that invokes an external image-generation API, accidental activation can lead to unintended requests, privacy leakage through prompt forwarding, and unanticipated costs or user confusion.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.