Nano Triple

Security checks across malware telemetry and agentic risk

Overview

The skill does what it advertises, but it tells the agent to pass raw user image prompts into shell commands without any escaping or safe argument-handling guidance.

Install only if you trust the external Nano Banana Pro helper it calls and your agent safely passes prompt text as arguments rather than interpolating it into a shell command. Expect each request or refinement to use three Gemini image generations and avoid putting secrets or sensitive data in prompts.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger phrases are very broad and likely to activate on many ordinary image-generation requests, causing this skill to run in situations where the user may not expect its specific behavior. Because the skill always generates three images in parallel, overbroad matching can lead to unnecessary API consumption, higher cost, and unintended invocation frequency.

Missing User Warnings

Low

Confidence: 89% confidence
Finding: The skill behavior automatically performs three parallel generations, but the user-facing description and flow do not clearly warn about the increased API usage or possible cost implications before execution. This creates a transparency and consent issue, especially in environments where image generation is metered or rate-limited.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal