skills/feiskyer/claude-code-settings/nanobanana-skill/Snyk

nanobanana-skill

Warn

Audited by Snyk on Apr 26, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.90). The nanobanana.py script enables Google Search grounding by default (see config_kwargs["tools"] = [types.Tool(google_search=types.GoogleSearch())] and the SKILL.md option --no-search which is disabled by default), so the agent can fetch and consume public web search results that could influence generation behavior.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

Apr 26, 2026, 09:11 AM

Issues

1