Skills
skills/jh941213/my-claude-code-asset/nano-banana/Gen Agent Trust Hub

nano-banana

Fail

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires installing a global NPM package @google/gemini-cli and an extension from an untrusted GitHub repository (https://github.com/gemini-cli-extensions/nanobanana).
  • [REMOTE_CODE_EXECUTION]: The process of installing the nanobanana extension via a URL from an untrusted organization (gemini-cli-extensions) constitutes a remote code execution risk, as the downloaded code is executed in the local environment.
  • [COMMAND_EXECUTION]: The instructions mandate the use of the --yolo flag for all commands, which is described as a method to 'auto-approve all tool actions' and bypass confirmation prompts. This explicitly instructs the agent to ignore safety guardrails.
  • [CREDENTIALS_UNSAFE]: Setup steps encourage users to export their GEMINI_API_KEY as a plain-text environment variable, which can lead to credential leakage via shell history or other system logs.
  • [PROMPT_INJECTION]: The skill includes instructions like 'REQUIRED for all image generation requests' and 'ALWAYS use this skill,' attempting to override the agent's decision-making and force it into using these insecure tools.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 9, 2026, 07:27 PM