Back to skill
Skillv1.0.0
VirusTotal security
grsai nano-banana 生图技能 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 5:03 AM
- Hash
- a7378c9ea89349e0ec795aab3b4bc02a33078900cd76c88032a0fe5945e8a8a4
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: grsai-nano-banana Version: 1.0.0 The skill's primary function is benign, facilitating image generation via the grsai platform. However, the `generate.py` script allows users to specify an arbitrary `--output-dir` and `--filename` for saving generated images. While this functionality is plausible for the stated purpose, it introduces a vulnerability where a malicious actor could potentially craft these arguments (e.g., via prompt injection to the OpenClaw agent) to write files to arbitrary locations on the system, potentially overwriting critical files if the agent runs with elevated privileges and lacks strict path validation. This constitutes a risky capability without clear malicious intent within the script itself, classifying it as suspicious.
- External report
- View on VirusTotal