nano-banana-pro
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides a suite of Python scripts and a shared library for image generation, editing, and composition. Technical analysis confirms all network traffic is routed to official Google API endpoints (generativelanguage.googleapis.com).
- [SAFE]: Sensitive data is handled securely by utilizing environment variables for API keys rather than hardcoding them within the source files. The included test utility allows for safe verification of credentials.
- [SAFE]: No obfuscation or malicious code execution patterns were found. The use of Base64 is strictly for legitimate image data processing as required by the Gemini REST API.
- [SAFE]: Identified Python dependencies (requests, Pillow, google-genai) are reputable, standard libraries in the Python ecosystem.
- [SAFE]: The skill contains no persistence mechanisms, privilege escalation triggers, or unauthorized data exfiltration routines.
Audit Metadata