nano-banana
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill interacts with Google's official Generative Language API (
generativelanguage.googleapis.com). These communications are directed toward a well-known, trusted service provider for its intended purpose of image generation. - [COMMAND_EXECUTION]: The skill utilizes
curlfor API interactions andjqwithbase64for processing image data. These are standard system utilities used here in a transparent and non-malicious manner to facilitate the skill's primary function. - [CREDENTIALS_UNSAFE]: The skill correctly instructs users to provide their API key via an environment variable (
GEMINI_API_KEY) rather than hardcoding sensitive information within the scripts or documentation.
Audit Metadata