nano-banana-pro-grsai

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly tells the agent to accept and use a user-provided API key via the --api-key argument ("use if user provided key in chat"), which requires the LLM to include secret values verbatim in generated commands—an exfiltration risk.

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). The URL points to an install.sh shell script on an unrecognized third‑party domain (astral.sh) and the skill explicitly instructs piping it to sh — a high‑risk pattern because it runs remote, unsigned code with user privileges despite using HTTPS.