nb-image-generation
Warn
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of the
nanobanana(aliasnb) CLI tool to process image generation and manipulation requests. - [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@giorgioliapakis/nanobananaglobal NPM package. This package is owned by the skill's author and is the primary dependency for the skill's functionality. - [DATA_EXFILTRATION]: The skill's documentation in
references/editing.mdspecifies that the CLI tool automatically searches for input files in sensitive local directories, including~/Downloads/and~/Desktop/. This automated access to common user storage locations increases the risk of unintended file exposure. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted image data from various local and external sources.
- Ingestion points: Files are ingested from the current directory,
./images/,./input/,./nanobanana-output/,~/Downloads/, and~/Desktop/. - Boundary markers: The system lacks explicit boundary markers or instructions to the model to ignore potential malicious prompts embedded within image data.
- Capability inventory: The skill has the capability to execute shell commands and write output files to the local file system.
- Sanitization: There is no evidence of content validation or sanitization of the image files before they are processed by the underlying AI models.
Audit Metadata