Nano Banana 2 FAL
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill is coherent for Gemini image generation/editing, with expected cautions around the Gemini API key, sending prompts/images to Google, uv-installed dependencies, and writing output files.
Install only if you trust the publisher and are comfortable using a Gemini API key with this helper. Avoid sensitive prompts or private images unless you accept sending them to Gemini, choose output paths carefully, and remember that uv may install the listed Python dependencies.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Someone using the skill can consume the configured Gemini API key's quota or billing allowance for image generation.
The helper authenticates to Gemini with the user's API key. This is necessary for the stated purpose, but it grants use of the user's Gemini/API quota.
api_key = get_api_key(args.api_key) ... client = genai.Client(api_key=api_key)
Use a Gemini API key you are comfortable dedicating to this skill, monitor usage, and avoid sharing the key in chat or shell history.
Prompts and selected input images may be processed by Google's Gemini service, so private or sensitive image content could leave the local machine.
When editing or composing images, the script sends the prompt and any input images to the Gemini model provider. This is expected for the image API workflow.
contents = [*input_images, args.prompt] ... response = client.models.generate_content(model="gemini-3-pro-image-preview", contents=contents, ...)
Only provide images and prompts you are comfortable sending to the Gemini API, and review the provider's data handling terms for your account.
The exact package versions installed may change over time, which can affect behavior or introduce normal dependency supply-chain risk.
The uv-run script may resolve/install these Python packages using lower-bound version constraints rather than exact pinned versions. This is common for simple helpers but leaves dependency versions variable.
# dependencies = [ # "google-genai>=1.0.0", # "pillow>=10.0.0", # ]
Install in a trusted environment and consider pinning or reviewing resolved dependency versions if reproducibility is important.
If given an unintended filename, the skill could overwrite or create files in locations the current user can write to.
The script writes the generated PNG to the caller-provided filename and creates parent directories as needed. This is central to the skill's purpose, but the path is not restricted by the script.
output_path = Path(args.filename) output_path.parent.mkdir(parents=True, exist_ok=True) ... image.save(str(output_path), 'PNG')
Use explicit output filenames in a safe working directory and avoid pointing the skill at important existing files.