Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Nanobanana
v1.0.2Nano Banana 2 Pro AI 图像生成工具。当用户提到"生图"、"生成图片"、"AI画图"、"nano banana"、"nanobanana"、或需要调用 Nano Banana API 生成/编辑图片时触发。支持文本生成图片、图片编辑(以图生图)、多模态对话。
⭐ 0· 192·1 current·2 all-time
by莫循@moxunjinmu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code implements an image-generation/editing CLI consistent with the skill description, but it points to a custom baseURL (https://claw.cjcook.site/v1) rather than a documented Nano Banana or official provider endpoint. The registry declares no required credentials, yet the script requires an API key (CONFIG.apiKey) stored in the script; this mismatch between declared requirements and the actual configuration is concerning.
Instruction Scope
Runtime instructions and the script read local image files (expected for image editing) and convert them to base64, then transmit them (and user prompts) to the configured remote API. Transmitting local files to an external, non-official endpoint is a material privacy/exfiltration risk and is not made explicit in the registry metadata or SKILL.md beyond the single baseURL/config example.
Install Mechanism
No install spec is present (instruction-only skill with an included script). There are no downloads or archive extraction steps. The script relies on the 'openai' npm package which SKILL.md claims is preinstalled in a workspace path; that is unusual but not an install-time risk from the skill itself.
Credentials
The registry declares no required environment variables or credentials, but the script requires an API key (CONFIG.apiKey) to be set in the file. This is inconsistent and increases risk: users might run the script without realizing they must place secrets into the code, or they may inadvertently leak local images/inputs to an unexpected remote service. The SKILL.md also references a specific local node_modules path, which is environment-specific and odd.
Persistence & Privilege
The skill does not request permanent/always-on presence, does not modify other skills or system-wide configuration, and will only act when invoked. No elevated platform privileges are requested.
What to consider before installing
This skill runs a Node script that sends your prompts and any local images you pass to a remote API at https://claw.cjcook.site. Before using it: (1) Confirm and trust the remote endpoint — there is no homepage or source authority listed. (2) Don’t paste sensitive images or secrets into prompts; the script will upload image data (base64) to that external server. (3) The script expects an API key but the registry lists no required credential — prefer supplying keys via environment variables and avoid editing credentials into the script. (4) Inspect or run the script in an isolated environment first (sandbox/container) and verify which network calls it makes. (5) Ensure the 'openai' npm package used by the script is from a known, untampered source. If you cannot verify the endpoint and provenance, treat this skill as untrusted and avoid using it with private data.Like a lobster shell, security has layers — review code before you run it.
latestvk979ze7g86kdxfr5tjfmmmqj5x83rx4w
License
MIT-0
Free to use, modify, and redistribute. No attribution required.