nano-banana

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes examples that embed the GEMINI_API_KEY directly into command-line arguments and JSON configs (e.g., --env GEMINI_API_KEY=your-key-here and "GEMINI_API_KEY":"your-api-key-here"), which would require an agent to insert secret values verbatim into generated commands/configs and thus poses high exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's setup invokes "npx nanobanana-mcp" (an npm package fetched and executed at runtime — e.g. https://www.npmjs.com/package/nanobanana-mcp), which is a required MCP server dependency that will run remote code and directly control the agent's prompt/execution flow.