nano-banana-pro

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). This skill explicitly accepts an API key provided in chat and tells the agent to place it into a command-line --api-key argument (verbatim), which requires the LLM to handle and emit secret values directly, creating an exfiltration risk.