ClawHub

使用Nano Banana Pro(Gemini 3 Pro Image)通过第三方中转API站清云EchoFlow API生成或编辑图像。支持图像生成、图像编辑和多图像合成(最多14张图像)。当用户请求生成图像、创建图像、编辑图像或组合图像时使用。关键词:图像生成、图片生成、生成图片、AI绘画、Nano Banana Pro、Gemini、Gemini 3 Pro Image。

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed EchoFlow image-generation skill that sends user prompts, selected images, and an EchoFlow API key to the expected third-party API.

Install this only if you trust EchoFlow with your prompts, selected input images, and EchoFlow API key. Prefer the ECHOFLOW_API_KEY environment variable over --api-key, keep --api-base at the default EchoFlow endpoint unless you fully trust another host, and avoid copying the Linux curl-to-shell uv installer without first verifying the installer source.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill explicitly requires an API key in environment variables and communicates with an external API, but it does not declare corresponding permissions. Undeclared env and network capabilities reduce transparency and can cause users or orchestrators to invoke a skill without understanding that secrets will be read and data will be transmitted off-host.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The trigger list contains broad everyday phrases such as image-generation terms that could cause the skill to activate in more situations than users expect. Overbroad activation increases the chance of unintended external API calls and accidental transmission of prompts or images to a third-party service.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The reference instructs users to send an API key and service requests to a third-party endpoint without any privacy, data handling, or external-transmission warning. In a skill that processes user prompts and potentially sensitive images, omission of this disclosure can cause users to unknowingly expose credentials and content to an external provider.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The image edit and image-input sections describe uploading source images and base64 image content to the remote API but do not warn that user images leave the local environment. This is dangerous because users may submit private or regulated images assuming local-only processing, leading to confidentiality or compliance issues.

External Script Fetching

High
Category
Supply Chain
Content
# macOS (Homebrew)
brew install uv

# Linux (curl | sh — 检查脚本后再运行 / Inspect script before running)
curl -LsSf https://astral.sh/uv/install.sh | sh
```
Confidence
97% confidence
Finding
curl | sh

External Script Fetching

Low
Category
Supply Chain
Content
brew install uv

# Linux (curl | sh — 检查脚本后再运行 / Inspect script before running)
curl -LsSf https://astral.sh/uv/install.sh | sh
```

**第二步 — 设置 API 密钥** / Set your API key:
Confidence
98% confidence
Finding
curl -LsSf https://astral.sh/uv/install.sh | sh

Chaining Abuse

High
Category
Tool Misuse
Content
brew install uv

# Linux (curl | sh — 检查脚本后再运行 / Inspect script before running)
curl -LsSf https://astral.sh/uv/install.sh | sh
```

**第二步 — 设置 API 密钥** / Set your API key:
Confidence
96% confidence
Finding
| sh

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal