nanobanana
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (HIGH): The instructions in
SKILL.mdandreferences/api_reference.mddirect users to install an extension fromhttps://github.com/gemini-cli-extensions/nanobanana. This organization is not on the trusted list, meaning the code being installed is unverified and potentially malicious. - COMMAND_EXECUTION (HIGH): The skill repeatedly encourages the use of the
--approval-mode yoloflag. This flag is designed to bypass security prompts and interactive approvals for tool execution, which removes a critical layer of defense when running untrusted extensions or processing untrusted data. - REMOTE_CODE_EXECUTION (HIGH): The combination of installing code from an untrusted GitHub repository and then running the environment in a bypass mode (
yolo) creates a direct path for remote code to execute with reduced oversight. - CREDENTIALS_UNSAFE (SAFE): The skill documentation references API key environment variables (e.g.,
GEMINI_API_KEY), which is standard practice and does not involve hardcoded secrets or unsafe exposure of credentials.
Recommendations
- AI detected serious security threats
Audit Metadata