nanobanana
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- DATA_EXPOSURE (SAFE): The script retrieves credentials from a skill-specific environment file (~/.nanobanana.env). This is the documented and intended configuration method for the utility.
- INDIRECT_PROMPT_INJECTION (LOW): The skill processes user-supplied image files, which is a surface for indirect prompt injection. Evidence: 1. Ingestion points: nanobanana.py reads local files via Image.open(). 2. Boundary markers: Absent. 3. Capability inventory: The script possesses file-read, file-write, and network-send (Google API) capabilities. 4. Sanitization: Absent. Given the tool's intended use as a local image processor, the risk is minimal.
Audit Metadata