ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

nano banana pro pptx

v1.0.3

Generate PowerPoint presentations with AI images using Gemini. Each slide is a full-bleed image. Use for creating visual presentations, slideshows, or image-...

0· 112·0 current·0 all-time
by@jinpeng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the code: the script plans slides, requests Gemini image/content models, and assembles PNGs into a .pptx. Declared dependencies in the script header (google-genai, python-pptx, Pillow) are appropriate for the stated purpose. However, the registry metadata provided earlier lists no required environment variables or primary credential while SKILL.md and the script require GEMINI_API_KEY (and optionally GEMINI_BASE_URL); this mismatch is an incoherence to be aware of.
Instruction Scope
Runtime instructions direct the agent to run the bundled script with a prompt and slide count. The script only reads GEMINI_API_KEY and GEMINI_BASE_URL, writes output files (slide-plans.json, images, logs) into the user-specified output directory, and does not attempt to read other system files or unrelated environment variables. It also logs request metadata locally.
Install Mechanism
No install spec is present (instruction-only skill with a bundled script). There are no downloads or archive extracts in the manifest. The script lists expected Python dependencies in comments, which is normal for a Python script.
!
Credentials
Requiring GEMINI_API_KEY is proportionate to the purpose, but the registry metadata omitted declaring any required env vars while SKILL.md and the script require GEMINI_API_KEY (required) and GEMINI_BASE_URL (optional). Allowing a custom GEMINI_BASE_URL means a user could point requests to an arbitrary endpoint; if that endpoint is untrusted it could capture prompts, plans, and images. The mismatch between metadata and SKILL.md is a notable inconsistency.
Persistence & Privilege
The skill is not always-enabled and does not request system-wide persistence or modify other skills. It writes files only to the output directory it creates. Autonomous invocation is enabled by default but that is the platform norm and not a distinguishing risk here.
What to consider before installing
This skill largely does what it claims: it builds slide plans, asks Gemini for images/content, and writes images and a .pptx to a local output directory. However: (1) the registry metadata you were shown does not list the GEMINI_API_KEY even though SKILL.md and the script require it — that's an inconsistency worth questioning the publisher about; (2) the skill accepts a GEMINI_BASE_URL (env or arg) which, if pointed at an attacker-controlled endpoint, could expose prompts, slide plans, and image requests — only set that to trusted proxies; (3) the source/homepage is unknown and the owner ID is not human-readable, so prefer to run this in an isolated/sandbox environment (or inspect and run the script locally) before providing your Gemini API key. If you proceed, verify the GEMINI_BASE_URL is an official endpoint (or left unset), consider creating an API key with limited quota, and review the generated slide-plans.json and image-requests.log files after a run.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dnn0dz6ggtx1eetkws0x16s839csw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments