nano-banana-pro
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script 'scripts/generate_image_boluobao.py' uses 'subprocess.run' to execute the system command 'pass show api/boluobao' to retrieve stored API credentials.
- [EXTERNAL_DOWNLOADS]: The skill performs HTTP GET requests via the 'requests' library to download generated image files from 'apipark.boluobao.ai' and other URLs returned by the generation APIs.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. 1. Ingestion points: User-provided prompts and input images processed in 'scripts/generate_image.py' and 'scripts/generate_image_boluobao.py'. 2. Boundary markers: No explicit markers or instructions are provided to the models to ignore embedded instructions in the user data. 3. Capability inventory: The skill has the capability to write files to the local disk, perform network requests to external APIs, and execute system commands to retrieve credentials. 4. Sanitization: No input sanitization or prompt filtering is performed on user-supplied content before it is sent to external image generation services.
Audit Metadata