Skills
skills/kkoppenhaver/cc-skills/nano-banana/Gen Agent Trust Hub

nano-banana

Warn

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructions direct users to install a package named @anthropic-ai/gemini-cli. This package name is suspicious as Gemini is a Google product, and Anthropic does not officially provide a 'gemini-cli', suggesting potential brand confusion or a typosquatted package.
  • [REMOTE_CODE_EXECUTION]: The skill requires the installation of an extension from a remote GitHub repository (https://github.com/gemini-cli-extensions/nanobanana) via the gemini extensions install command. This repository is not part of the verified or trusted vendor list.
  • [COMMAND_EXECUTION]: The skill explicitly mandates the use of the --yolo flag for all shell commands. As described in the documentation, this flag is used to 'Auto-approve all tool actions (no confirmation prompts)', which bypasses the standard security guardrails and user consent mechanisms for the agent's environment.
  • [PROMPT_INJECTION]: The SKILL.md uses highly forceful language ('REQUIRED', 'ALWAYS use', 'Do NOT attempt to generate images through any other method') to constrain the AI agent's behavior and override its default decision-making logic regarding tool selection.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 1, 2026, 06:31 PM