Ai Podcast Pipeline

Before installing, be aware of these issues and take steps to reduce risk: 1) Credentials: the scripts require GEMINI_API_KEY (or NANO_BANANA_KEY) even though the skill metadata lists no env vars — provide an API key via environment variables only (as the SKILL.md advises) and do not paste keys into prompts or logs. Understand that the same key is used for both TTS and thumbnail generation. 2) Missing declared dependencies: the package invokes external binaries (ffmpeg, ffprobe), Python libraries (Pillow), and a 'uv' runner to call a separate nano-banana-pro script; those binaries and the font assets are not declared in metadata. Ensure you have ffmpeg/ffprobe installed, Python and packages available, and verify what 'uv run' refers to on your system before running. 3) Local-path assumptions: the code expects a QUARTZ_ROOT path and attempts to map HTTPS QuickView URLs to local markdown under that root; confirm that the default path is appropriate for your environment or set QUARTZ_ROOT to a safe directory. The build_podcast_assets script also expects WORKSPACE_DIR/skills/nano-banana-pro and youtube-editor fonts to exist — verify those paths or pass --no-image if you want to skip image generation. 4) Cross-skill invocation: the thumbnail step calls another skill/script (nano-banana-pro). Verify you trust that other code before letting this skill run it. 5) Audit recommended: because metadata is incomplete and the skill will send data to Google Gemini (network requests), review the included scripts yourself (or run in an isolated/test environment) to confirm they meet your privacy/security requirements. If you plan to use a real Gemini API key, consider quota/cost and rotate keys if you suspect misuse. Taken together these mismatches (undisclosed env vars and undeclared binary/config dependencies, plus cross-skill execution) make the package suspicious rather than plainly benign; resolve or validate these points before use.