v1.0.3

Nano banana korean rendering

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:23 AM.

Analysis

This skill appears aligned with its stated image text-rendering purpose, but it installs dependencies/downloads fonts and sends prompts or images to Gemini using a user-provided API key.

GuidanceBefore installing, expect to run a setup script that installs npm packages and may download fonts. Only provide GEMINI_API_KEY if you are comfortable with Gemini processing your prompts and images, and avoid using sensitive reference images unless that is acceptable.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Unexpected Code Execution

SeverityLowConfidenceHighStatusNote

setup.mjs

execSync('npm install', { cwd: __dirname, stdio: 'inherit' });

The setup script runs a shell command to install dependencies. It is user-directed and purpose-aligned, but npm install can execute third-party package lifecycle behavior.

User impactRunning setup may execute dependency installation code on the local machine.

RecommendationRun setup only if you trust the skill source and npm dependencies; prefer pinned versions or a reviewed lockfile for stronger reproducibility.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

setup.mjs

const response = await fetch(url, { redirect: 'follow' });

The setup script downloads font files from predefined external URLs. This supports the stated font-rendering purpose, but the artifacts do not show integrity pinning for those downloaded files.

User impactSetup relies on external font downloads if local fonts are unavailable.

RecommendationUse trusted network sources, consider verifying downloaded font checksums, or provide local reviewed font files.

Tool Misuse and Exploitation

SeverityLowConfidenceHighStatusNote

SKILL.md

비라틴 문자가 감지되면 반드시 전체 파이프라인 (detect→analyze→render→generate)을 실행한다

The instruction directs the agent to run the full tool chain when matching text is detected. This is central to the skill, but users should understand it can invoke external API calls and create output files.

User impactA matching image-generation request may automatically run multiple local and Gemini-backed steps.

RecommendationUse the skill for intended image-generation tasks and review prompts/output paths before running costly or sensitive generations.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

SKILL.md

`GEMINI_API_KEY` | ⭐ 필수 | Gemini Flash(분석) + Gemini Image(생성) 모두에 사용

The skill requires a Gemini API key for analysis and image generation. This is appropriate for the Gemini integration, but the registry metadata lists no required env vars or primary credential.

User impactUsing the skill may consume quota or incur costs on the Gemini account associated with the provided API key.

RecommendationUse a Gemini key with appropriate quota controls and remove it from the environment when not needed.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

SKILL.md

프리렌더링 PNG를 **첫 번째 참조 이미지**로 Gemini에 전달

The skill sends the rendered text image, and potentially user reference images, to Gemini as part of the disclosed generation workflow.

User impactPrompts, rendered text images, and optional reference images may be processed by Google's Gemini service.

RecommendationAvoid sending sensitive or private images/text unless Gemini processing is acceptable for that content.