Nano Banana Pro 1.0.1

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Google Gemini image generator/editor that only sends user-provided prompts and optional selected images when run.

Install only if you are comfortable using a Gemini API key and sending prompts plus any selected input images to Google's API. Prefer GEMINI_API_KEY over putting a key on the command line, avoid sensitive or regulated images unless you intend to upload them, and use unique output filenames in a directory you control.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 90% confidence
Finding: The skill instructs use of an environment variable (`GEMINI_API_KEY`) and command execution, but the metadata declares no permissions. That mismatch is a real security issue because it hides the skill's capability to access sensitive environment data and invoke tooling, preventing informed review and consent.

Missing User Warnings

Medium

Confidence: 98% confidence
Finding: The documentation says prompts and input images are sent to Google's Nano Banana Pro API, but it does not clearly warn users that their text prompts and uploaded/edit input images leave the local environment and are transmitted to a third-party service. This creates a real privacy and data-handling risk, especially if users provide sensitive images, proprietary artwork, or confidential prompt content.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal