The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The Python and JavaScript scripts are configured to communicate with an external third-party API at https://api.zhizengzeng.com/google. This endpoint receives user prompts and base64-encoded image data for processing.\n- [COMMAND_EXECUTION]: The skill requires the execution of local scripts (generate_image.py and generate_image.js) which perform file system operations, such as reading input images and environment-stored credentials, and writing the results to the local ./output/nanobanana directory.\n- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface within its materials-science figure templates. \n
Ingestion points: User-provided background text is accepted as a command-line argument and directly formatted into complex visual generation prompts. \n
Boundary markers: The templates do not utilize delimiters or instructional guardrails to prevent the user-provided 'Scientific Background' from overriding the figure constraints. \n
Capability inventory: The scripts possess both network egress to the API and file system write access for output storage. \n
Sanitization: Input content is interpolated using simple string replacement (.format() or .replace()) without validation or escaping of potential injection sequences.

nanobanana-image-generation