nano-banana-pro
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/generate_image_boluobao.pyattempts to retrieve an API key by executing thepasscommand (pass show api/boluobao) if the key is not found in environment variables. This is a common pattern for users of the standard Unix password manager. - [EXTERNAL_DOWNLOADS]: The fallback script
scripts/generate_image_boluobao.pycommunicates withapipark.boluobao.aito generate images and subsequently downloads the resulting image files to the local system. - [DATA_EXFILTRATION]: User-provided text prompts and, optionally, local input images are transmitted to external AI services (Google and Boluobao) to fulfill the image generation and editing requests.
- [INDIRECT_PROMPT_INJECTION]: The skill processes user-supplied text and images which are passed directly to large models for processing.
- Ingestion points: User prompts via
--promptand image files via--input-imageinscripts/generate_image.py. - Boundary markers: The skill uses basic prompt templates described in
SKILL.mdbut lacks strict technical delimiters in the execution scripts. - Capability inventory: Limited to network API calls for image generation and local file writing for saving the generated image.
- Sanitization: No specific sanitization or filtering of the input prompt is performed before transmission to the API.
Audit Metadata