Nanobanana Skill
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or overbroad agent action could run local Python commands or access files beyond the intended image-generation task.
The skill grants local file helpers and Python command execution. This is mostly aligned with running the included image script, but it is broader than a pure instruction-only workflow.
allowed-tools: Read, Write, Glob, Grep, Task, Bash(cat:*), Bash(ls:*), Bash(tree:*), Bash(python3:*)
Review the commands before allowing them, and keep execution limited to the included nanobanana.py script and the documented dependency install.
The skill can use the configured Gemini account/API key and may incur provider usage or billing under that key.
The script uses a local Gemini API key. This is expected for a Gemini image tool, but the registry metadata lists no required env vars or primary credential.
load_dotenv(os.path.expanduser("~") + "/.nanobanana.env") ... api_key = os.getenv("GEMINI_API_KEY")Use a dedicated or restricted API key where possible, keep ~/.nanobanana.env private, and monitor Gemini API usage.
Future dependency versions could change behavior or introduce vulnerabilities.
The dependency list is unpinned, and SKILL.md instructs installing it with pip. This is a normal setup pattern, but package versions and provenance are not locked.
python-dotenv httpx[socks] google-genai Pillow
Install in a virtual environment, review packages before installing, and prefer pinned versions or a lockfile for repeatable installs.
Private prompts or images provided for editing may be transmitted to Google services.
The script sends prompts and user-selected input images to the Gemini provider call, and it enables Google Search in the model configuration. This is purpose-aligned, but users should understand that data leaves the local machine.
contents.append(args.prompt) ... contents.append(image) ... client.models.generate_content(... tools=[types.Tool(google_search=types.GoogleSearch())])
Avoid using sensitive images or confidential prompts unless you are comfortable with the provider's data handling terms; disable the Google Search tool if it is not needed.