nano-banana-2-image-gen

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt explicitly shows and supports passing API keys as command-line arguments (e.g., -k "your-api-key-here") and instructs copying/pasting keys into examples, which can cause an LLM to emit secret values verbatim (even though env-var usage is mentioned, the CLI pattern is insecure).