nano-banana
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill uses a Bash script to interface with the Gemini API. Command execution is limited to standard utilities (curl, jq, base64, osascript) for processing image data and sending notifications.
- EXTERNAL_DOWNLOADS (SAFE): Network requests are made exclusively to
generativelanguage.googleapis.com. This is a trusted endpoint for the skill's stated purpose of image generation. - CREDENTIALS_UNSAFE (SAFE): The skill correctly handles API keys by looking for a
GEMINI_API_KEYenvironment variable or retrieving it from the macOS Keychain (security find-generic-password). It does not hardcode secrets or log the full key. - DATA_EXFILTRATION (SAFE): The script reads local image files only when explicitly provided as a reference for image-to-image generation. This data is sent only to the official Google API endpoint.
- PROMPT_INJECTION (SAFE): The instructions in
SKILL.mdandPROMPTING.mdfocus on legitimate prompt engineering techniques to improve image quality. There are no attempts to bypass safety filters or override agent instructions.
Audit Metadata