Skillv1.0.9

ClawScan security

Nano Banana 2 Image Generation&Editing · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 18, 2026, 4:27 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files, instructions, and required credentials align with its stated purpose (image generation/editing via Atlas Cloud or Google AI Studio); nothing suggests misdirection or unrelated access, though there's a small metadata wording mismatch about required env vars.
Guidance: This skill appears to do what it says: it sends prompts and (with your explicit consent) image files to Atlas Cloud or Google AI Studio and returns generated images. Before installing, consider: (1) the SKILL.md requires you to confirm any local-file uploads — make sure the agent actually asks you before uploading sensitive photos; (2) the registry metadata vs. SKILL.md wording: you only need at least one provider key, not necessarily both — set only the provider key you trust to reduce accidental use; (3) API keys grant billing-capable access — use keys with restricted scope if possible, enable billing alerts, and be prepared to revoke keys; (4) test with non-sensitive images first and review output files before sharing. If you want higher assurance, review the full script locally (it uses only standard-library network calls) or run it in an isolated environment.

Review Dimensions

Purpose & Capability: okThe skill claims to call Atlas Cloud or Google AI Studio for image generation and the code + SKILL.md request exactly the corresponding API keys and endpoints. Requiring ATLASCLOUD_API_KEY and/or GEMINI_API_KEY is proportionate to the stated functionality; primaryEnv being ATLASCLOUD_API_KEY is reasonable given Atlas Cloud is the default provider.
Instruction Scope: okSKILL.md and the included script limit actions to submitting prompts, uploading local images (with explicit user consent required in the doc), polling for results, and downloading outputs. The instructions do send data to third-party endpoints (api.atlascloud.ai and generativelanguage.googleapis.com) which is expected for this skill and is explicitly called out with a privacy note.
Install Mechanism: okThere is no install spec (instruction-only plus a small Python script). No downloads or archive extraction are requested. The script uses only Python standard library (urllib), so there is no opaque install-time code execution risk.
Credentials: noteRequesting Atlas Cloud and Google API keys is justified. Minor inconsistency: registry metadata lists both ATLASCLOUD_API_KEY and GEMINI_API_KEY as 'required env vars', while SKILL.md states 'At least one of the above must be set' and the script supports choosing either provider. This is a documentation/metadata mismatch rather than an unexplained privilege request.
Persistence & Privilege: okThe skill is not always-included, does not request system-wide configuration changes, and does not persist credentials on its own. Autonomous invocation is allowed by platform default but does not combine with any other broad privileges in this skill.