nano-banana-pro
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The fallback script uses the 'pass' utility to retrieve API keys from the user's password manager, which is a standard secret management practice using a fixed argument list.
- [EXTERNAL_DOWNLOADS]: The skill connects to the Boluobao API service (apipark.boluobao.ai) to generate and download image files, which is its core documented functionality.
- [DATA_EXFILTRATION]: User prompts and image references are transmitted to external AI providers (Google and Boluobao) for processing as intended by the skill's design.
Audit Metadata