Back to Home
leegonzales icon

MCPServers

Verified Safe

by leegonzales

View Source

Overview

Provides an MCP interface for Google Gemini's AI image generation and editing capabilities, including text-to-image, image editing, iterative refinement, and session history.

Installation

Run Command
GEMINI_API_KEY=your-key node dist/index.js

Environment Variables

  • GEMINI_API_KEY

Security Notes

The server uses `fs.readFileSync` with `path.resolve` on user-provided `imagePath` for editing. While intended for local user files, this pattern could be exploited as a Local File Inclusion (LFI) vulnerability if the AI agent supplying the path is malicious or buggy, allowing it to read arbitrary files accessible by the server process. No explicit path validation or sandboxing beyond `path.resolve` is present. `GEMINI_API_KEY` is correctly handled via environment variables, not hardcoded. Output files are saved to a dedicated directory `~/Documents/nanobanana_generated/`.

Stats

Interest Score0
Security Score6
Cost ClassMedium
Avg Tokens3000
Stars0
Forks0
Last Update2025-12-15

Tags

AI Image GenerationImage EditingGoogle GeminiModel Context ProtocolCreative AI