nano-banana-pro
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides image generation and editing capabilities using the official Google Gemini API (google-genai) and the Pillow (PIL) library for image processing.
- [EXTERNAL_DOWNLOADS]: The skill correctly identifies dependencies in its script header (google-genai and pillow). These are well-known, standard libraries from official registries (PyPI).
- [CREDENTIALS_UNSAFE]: The skill uses the 'GEMINI_API_KEY' environment variable for authentication, which is the standard and secure practice for this type of tool. It does not contain any hardcoded secrets.
- [COMMAND_EXECUTION]: The script uses 'uv run' to execute its internal Python script. This is a standard and safe method for running local scripts within a managed environment.
- [DATA_EXFILTRATION]: Network operations are restricted to the official Google Gemini API endpoints for image generation and processing. No unauthorized data exfiltration patterns were detected.
Audit Metadata