Pub Banana
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill is mostly a documented API gateway, but it gives the agent broad model, email, SMS, and scraping capabilities through one API key without clear per-action limits or approval guidance.
Review this carefully before installing. It may be fine if you want a broad SkillBoss gateway, but do not treat it as only an image-generation skill. Use a scoped or separate API key where possible, avoid sensitive data unless you trust the provider routing, and require explicit approval before sending emails, SMS messages, OTPs, or batch communications.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked incorrectly, the agent could send unwanted emails or SMS messages, potentially causing reputational, billing, or account issues.
The skill exposes outbound email and SMS, including batch sending. These are high-impact actions, and the provided artifacts do not show explicit approval, recipient scoping, rate limits, or rollback guidance.
`email/send` | Send single email ... `email/batch` | Send batch emails ... `prelude/notify-batch` | Batch SMS notifications
Only use this skill when you intend to grant messaging authority. Require explicit user confirmation before any email, SMS, OTP, or batch-send action.
The same API key may enable many kinds of paid or account-affecting actions, not just image generation.
A single bearer key is used for a broad multi-provider service, rather than a narrowly scoped image-generation credential.
One API key, 50+ models across providers ... Call any model directly by ID ... **Auth:** `-H "Authorization: Bearer $SKILLBOSS_API_KEY"`
Use a least-privilege or separate SkillBoss key if available, monitor usage and billing, and avoid installing it in environments where the agent should only generate images.
Sensitive prompts, files, audio, or documents could be processed by third-party model providers selected by the gateway.
User prompts, media, audio, or documents may be routed through SkillBoss to downstream model providers; this is disclosed and purpose-aligned, but provider selection and data-handling boundaries are not fully described in the provided artifacts.
50+ models across providers (Bedrock, OpenAI, Vertex, ElevenLabs, Replicate, Minimax, and more) ... smart routing to auto-select the cheapest or highest-quality option
Do not submit sensitive or regulated data unless you understand SkillBoss and downstream provider privacy, retention, and routing behavior.
Users or agents may look for or fetch an external helper script that was not included in the reviewed artifacts.
The documentation references a run.mjs helper, but the manifest contains only markdown files and no install spec or helper script.
run.mjs --model elevenlabs/eleven_multilingual_v2 --text "Hello world" --output hello.mp3
Prefer the documented curl examples, or verify the source and contents of any run.mjs helper before executing it.