Provides tools for generating and editing images using Google Gemini models, including support for text-to-image prompts, reference images, and session-based iterative editing.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@nanobanana-mcpGenerate a high-quality photo of a cozy cabin in a snowy forest at sunset"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
nanobanana-mcp
A hardened MCP server for Gemini image generation. Fork of ConechoAI/Nano-Banana-MCP with security fixes, strict TypeScript, and model selection.
Features
3 tools:
generate_image,edit_image,continue_editingModel selection via
NANOBANANA_MODELenv var with whitelist validationSecurity hardened: path traversal protection, file size limits, no plaintext key storage
Strict TypeScript: zero
anytypes, Zod validation on all inputs
Quick Start
Claude Code
Add to ~/.claude/settings.json:
{
"mcpServers": {
"nanobanana": {
"command": "npx",
"args": ["tsx", "/path/to/nanobanana-mcp/src/index.ts"],
"env": {
"GEMINI_API_KEY": "your-api-key",
"NANOBANANA_MODEL": "gemini-2.5-flash-image"
}
}
}
}Other MCP Clients
GEMINI_API_KEY=your-key npx tsx src/index.tsThe server communicates over stdio using the MCP protocol.
Tools
generate_image
Generate a new image from a text prompt.
prompt (required): Text describing the image to create (max 10,000 chars)edit_image
Edit an existing image with a text prompt.
imagePath (required): Full file path to the image to edit
prompt (required): Text describing the modifications (max 10,000 chars)
referenceImages (optional): Array of file paths to reference imagescontinue_editing
Continue editing the last generated/edited image in the current session.
prompt (required): Text describing changes to make (max 10,000 chars)
referenceImages (optional): Array of file paths to reference imagesConfiguration
All configuration is via environment variables. No config files are written to disk.
Variable | Required | Description |
| Yes | Google Gemini API key |
| No | Override for |
| No | Model to use (see below) |
Available Models
Model ID | Description |
| Fast generation, good for high-volume use (default) |
| Pro quality, complex prompts, better text rendering |
| Latest model, advanced features |
Output
Generated images are saved to ~/nanobanana-images/ with unique filenames. The tool response includes both the file path and the image data inline.
Security
This fork addresses the following security issues from the original:
Issue | Fix |
API key saved to disk in plaintext | Removed config file persistence entirely |
| Tool removed; keys only via env vars |
Path traversal in |
|
No prompt length validation | Capped at 10,000 chars via Zod |
Hardcoded model |
|
Silent swallowing of reference image errors | Errors now thrown and reported |
|
|
No file size limit on reads | Max 20MB |
Verbose errors leak internal paths | Sanitized error messages |
| Fixed to |
Development
npm install
npm run typecheck # Type check without emitting
npm run dev # Run with tsx (hot reload)
npm run build # Compile to dist/Project Structure
src/
index.ts # MCP server entry point (3 tool handlers)
gemini-client.ts # Gemini API wrapper with model selection
file-handler.ts # Secure file I/O with path validation
types.ts # TypeScript interfaces and Zod schemasLicense
MIT - Based on ConechoAI/Nano-Banana-MCP
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.