Skills
skills/agricidaniel/claude-banana/banana/Socket

banana

Warn

Audited by Socket on May 8, 2026

1 alert found:

Anomaly
AnomalyLOW
scripts/setup_mcp.py

Best matching/most complete assessment is the supply-chain + credential-handling risk identification: this code itself does not show direct malware (no exfiltration or payload execution), but it (1) persistently stores a user’s Google AI API key in plaintext in `~/.claude/settings.json` and (2) configures Claude Code to run an unpinned npm package via `npx -y @ycse/nanobanana-mcp`—a significant indirect supply-chain execution vector. Additionally, `--check` prints masked key fragments, which can still leak partial secrets to terminal/log history. Review the legitimacy of the MCP package and protect/limit access to the settings file (and ideally avoid plaintext key storage).

Confidence: 72%Severity: 69%
Audit Metadata
Analyzed At
May 8, 2026, 03:51 AM
Package URL
pkg:socket/skills-sh/AgriciDaniel%2Fclaude-banana%2Fbanana%2F@d1b5d4e48de87f3d5d7ea5ef599deb8ef263fa1d