nano-banana-pro

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs passing API keys via a --api-key command-line argument (and shows examples), which encourages embedding real secrets verbatim into generated commands/outputs and thus creates an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly accepts and fetches remote, user-provided image URLs and calls a third‑party Boluobao API (see SKILL.md's "Boluobao-specific options" and scripts/generate_image_boluobao.py), and the script prints API-returned text like "revised_prompt" which the agent/toolchain would read and could be used to influence subsequent actions, creating a clear vector for indirect prompt injection.