nanobanana

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). The Google AI Studio links are legitimate documentation, but the presence of a third‑party install script (https://astral.sh/uv/install.sh) — suggested to be fetched and executed (curl | sh) from an unfamiliar domain — is a high‑risk pattern because remote shell installers can deliver malware.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly supports "Google Search grounding" (see SKILL.md and scripts/generate.py where the --search flag sets config.tools = [types.Tool(google_search=types.GoogleSearch())] and references/gemini-api.md describing the search tool), which causes the agent to fetch and consume public web search results (untrusted third-party content) that can influence generation and downstream actions.