Back to skill

Security audit

Nano Banana Image Workflow Helper

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only helper for planning AI image workflows, with broad trigger wording but no executable code or sensitive access.

Reasonable to install if you want help structuring AI image prompts, QA checks, and retry plans. If precise routing matters, invoke it explicitly or disable implicit invocation because its trigger wording may catch loosely related image or workflow requests.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger example is broad enough to match ordinary image-generation and workflow-help requests, which can cause this skill to activate in contexts beyond its narrowly intended use. Overbroad triggering increases the chance of prompt interception, unintended instruction precedence, or inappropriate skill routing, especially in agent systems where multiple skills compete for common user intents.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill description uses very broad trigger language such as applying when a user 'needs practical workflow, code, checklist, documentation, or review support for this job,' which can cause the skill to activate for loosely related requests. Overbroad activation increases the chance of inappropriate routing, unnecessary exposure of the skill's instructions, and interference with more relevant skills, especially in multi-skill agent environments.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill enables implicit invocation with no documented trigger constraints, allowing the agent to auto-select this skill in loosely related conversations. Because the skill influences prompt construction and workflow guidance for image generation/editing, unintended activation could cause unreviewed instructions or externally supplied workflow content to be injected into user interactions, expanding the attack surface for prompt abuse or policy bypass.

Vague Triggers

High
Confidence
95% confidence
Finding
The trigger sentence begins with a very broad phrase ('Help me') and then appends a long requirement summary, which creates a high risk of accidental activation for unrelated user requests. In an agent environment, overly generic triggers can cause the wrong skill to be invoked, leading to scope confusion, unsafe workflow substitution, or unintended handling of user data and tasks.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger scope is ambiguous because the listed trigger sentences and keywords mix product names, generic terms, and a pasted requirement narrative rather than clear invocation rules. This makes routing imprecise and increases the chance the skill is selected for loosely related productivity, bug-fix, or documentation requests outside its intended image-workflow domain.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.