Nano Banana Pro

ReviewAudited by ClawScan on May 1, 2026.

Overview

The skill appears to do what it says: it generates or edits images through Google's Gemini API, with expected cautions around API-key use, cloud processing of prompts/images, and runtime Python dependencies.

Install if you are comfortable configuring a Gemini API key, sending selected prompts/images to Google, and allowing uv to use the listed Python dependencies. Use a limited API key if possible, avoid sensitive images unless appropriate for Google's service, and choose output filenames/locations deliberately.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Low

#ASI03: Identity and Privilege Abuse

What this means

Using this skill can consume the configured Gemini API quota or billing allowance.

Why it was flagged

The script accepts and uses a Gemini API key. This is expected for the stated Google image-generation purpose, but it delegates access to the user's Gemini account/quota.

Skill content

parser.add_argument("--api-key", "-k", help="Gemini API key (overrides GEMINI_API_KEY env var)") ... client = genai.Client(api_key=api_key)

Recommendation

Use a dedicated or limited Gemini API key where possible, and prefer environment/config storage over passing keys directly on the command line.

Medium

#ASI07: Insecure Inter-Agent Communication

What this means

Prompts and any selected input images leave the local environment and are processed by Google's service.

Why it was flagged

For edits/compositions, the prompt and opened input images are passed to the Gemini provider API. This is core to the skill's purpose, but it is a sensitive data boundary.

Skill content

contents = [*input_images, args.prompt] ... response = client.models.generate_content(model="gemini-3-pro-image-preview", contents=contents, ...)

Recommendation

Only provide prompts and images that you are comfortable sending to Google, and review the provider's data-use and retention terms for sensitive or regulated content.

Low

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

Running the skill with uv may install or use external package code from the Python ecosystem.

Why it was flagged

The bundled script relies on third-party Python packages with lower-bound version constraints. This is normal for a Gemini image client, but users with strict supply-chain requirements should notice it.

Skill content

dependencies = [ "google-genai>=1.0.0", "pillow>=10.0.0", ]

Recommendation

Use a trusted package source and isolated environment; pin or review dependency versions if you need stricter supply-chain control.