nano-banana

SUSPICIOUS: The skill’s purpose is coherent, but it depends on third-party MCP packages that receive the Gemini API key and mediate all image requests. That makes the main risk supply-chain trust and credential forwarding, not confirmed malware. The misleading claim about local-only processing further weakens data-flow integrity.