Back to skill

Security audit

Ai Image Gen Skill

Security checks across malware telemetry and agentic risk

Overview

This image-generation skill has a clear purpose, but it relies on an unreviewed script from another skill while using a Gemini API key and possibly private images.

Review before installing. Use it only if you trust the separately installed nano-banana-pro script it calls, and avoid giving it sensitive prompts, private images, or an unrestricted Gemini API key unless you have verified that external helper and the provider data handling.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Low
Confidence
89% confidence
Finding
The skill examples instruct the user to generate or edit images into named local files like `cover.jpg` and `edited.jpg`, but the documentation does not explicitly warn that running the command writes image data to the local filesystem. This can lead to accidental overwrites, unintended storage of sensitive generated content, or confusion about where outputs are persisted, though the security impact is limited.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill states that `GEMINI_API_KEY` is required, which strongly implies use of a third-party cloud service, but it does not disclose that prompts and any reference images may be transmitted off-host for processing. Users may unknowingly send confidential text or private images to an external provider, creating data exposure, privacy, and compliance risks.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.