Nano Banana
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill is purpose-aligned for Gemini image generation, but it relies on an unreviewed local CLI that handles a Gemini API key and user-selected images.
Before installing, make sure you trust and have reviewed the local nano-banana CLI that this skill will execute. Use a dedicated Gemini API key, keep it chmod 600, and do not send sensitive reference images unless you are comfortable sharing them with Google.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may run whatever local file is present at that path, and ClawScan cannot verify how that helper handles prompts, images, or the API key.
The skill's main action depends on a local executable/source file that is not included in the provided package, which has no install spec and no code files to review.
Binary: `~/bin/nano-banana` (Node.js). Source lives at `<your-tools-dir>/nano-banana.js`.
Only use this after reviewing or independently trusting the nano-banana CLI source and confirming the binary path points to the expected file.
The CLI will be able to use the user's Gemini account quota/billing and must be trusted not to expose the key.
The skill requires a Gemini API key for a purpose-aligned Google image-generation workflow, but the registry metadata does not declare a primary credential or required environment variable.
Store the Gemini API key at `~/.openclaw/credentials/google/gemini_api_key` (`chmod 600`). Load it before invoking the CLI: ```bash export GEMINI_API_KEY=$(cat ~/.openclaw/credentials/google/gemini_api_key) ```
Use a dedicated/restricted Gemini API key if possible, keep the credential file permission-restricted, and rotate the key if the helper script or environment is compromised.
Any selected reference images and prompt text may leave the local machine and be processed by Google.
The skill discloses that prompts and reference images are sent to Google's Generative Language API as part of the image generation/editing workflow.
For reference images, additional `parts` with `inlineData` are prepended before the text prompt.
Avoid using sensitive, private, or regulated images unless the user is comfortable sending them to Google under the applicable account and policy terms.