ClawHub

Nano Banana Pro Enhanced

Security checks across malware telemetry and agentic risk

Overview

This skill coherently generates or edits images with Gemini, with disclosed API-key use and local batch-job bookkeeping, but users should avoid sensitive prompts or images.

Install if you are comfortable sending prompts and selected images to Google's Gemini API using your Gemini API key. Avoid confidential prompts or private images, use safe output paths, and remove any HEARTBEAT.md or cron reminders after batch results are retrieved.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs users to send prompts and optional input images to Gemini but does not warn that this content leaves the local environment and is transmitted to an external Google service. Users may unknowingly provide sensitive images, proprietary data, or personal information under the false assumption that processing is local.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The batch workflow tells the agent to record why an image was requested in HEARTBEAT.md, which can persist sensitive user context beyond the immediate task. This creates an avoidable data retention issue where personal, confidential, or regulated information may be stored locally without minimization, consent, or retention guidance.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script persists batch job metadata to a local JSON file and includes the full user prompt in that record. Prompts can contain sensitive personal, business, or regulated data, so storing them on disk without minimization, consent, or retention controls creates an avoidable privacy exposure if the workstation, repo, or shared memory directory is accessed by others.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal