Skills
skills/cdeistopened/opened-vault/nano-banana-image-generator/Gen Agent Trust Hub

nano-banana-image-generator

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
  • [COMMAND_EXECUTION]: The generate_image.py script uses subprocess.run to execute the system open command on the paths of generated images to provide a preview to the user upon completion. This is a standard utility function and is implemented using argument lists without a shell, minimizing injection risks.
  • [EXTERNAL_DOWNLOADS]: The skill's documentation instructs users to download high-resolution reference images from external sources such as Wikipedia, Wikimedia Commons, and institutional archives to improve the quality and likeness of AI-generated portraits.
  • [CREDENTIALS_UNSAFE]: The skill relies on a GEMINI_API_KEY for its operations. The documentation provides shell commands to extract this key from a local .env file, which is a common developer practice for managing local environment variables.
  • [DATA_INGESTION]: The skill processes external image files provided via the --input flag as references for image modification and cleanup, which is a core feature of the tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 12:14 AM