Nano banana korean rendering

What to consider before installing: - Credential mismatch: The registry metadata does not list any required env vars, but SKILL.md and setup.mjs require GEMINI_API_KEY. Confirm this omission with the publisher and only provide a key you trust and can rotate. Prefer a scoped/tokenized key with minimal privileges. - Network & data flow: The skill will send prompts and pre-rendered PNGs to Google Gemini (via @google/generative-ai). Do not use it with sensitive or private text/images unless you accept that data will be transmitted to that external service. - Installation side effects: setup.mjs runs npm install (execSync) and downloads font files from GitHub raw URLs, writing node_modules and fonts into the skill's directory. Run setup in an isolated/sandbox environment or inspect the exact npm install output before trusting it. - Code review: Although the visible code appears to implement the stated pipeline, review render.mjs fully (the provided content was truncated) to ensure there are no unexpected network endpoints, telemetry, or file accesses beyond fonts/node_modules and Gemini SDK calls. - Safety steps: run the setup and skill in a sandbox/container, verify the fonts come from trusted sources, set GEMINI_API_KEY in a secure manner (not embedded in files), and monitor outgoing network connections during initial use. If you require help with specific checks (full code audit, network monitoring steps, or how to run in a sandbox), I can guide you through them.