ClawHub
Back to skill

Security audit

nanobanana2-apiyi

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward APIYI image-generation skill with expected API-key use, outbound prompt submission, and local image saving, with no evidence of hidden or destructive behavior.

Install only if you are comfortable sending final image prompts to APIYI and providing an APIYI API key. Prefer environment or protected config storage over passing keys on the command line, avoid private data in prompts, and choose output filenames carefully to avoid overwriting files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill invokes a Python script that uses an API key, reads local configuration, and makes outbound API calls, but it does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: a host may expose the skill to users or agents without clearly signaling that it can access secrets, local files, and the network.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The trigger text is broad enough to match ordinary requests like 'generate an image' or 'help me make xxx,' which can cause the skill to activate in many benign conversational contexts without clear user intent to use this specific tool. Over-broad activation increases the chance of unintended external API use, prompt transformation, and data disclosure to a third-party service.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.