Skills
skills/inferen-sh/skills/nano-banana-2/Gen Agent Trust Hub

nano-banana-2

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the infsh CLI tool, a vendor-specific utility, to handle model execution and account login.- [EXTERNAL_DOWNLOADS]: The skill documentation references the inferencesh Python SDK and provides instructions for installing vendor components via npx from the inference-sh/skills repository.- [PROMPT_INJECTION]: The skill exhibits vulnerability to indirect prompt injection due to the ingestion of external and untrusted data.
  • Ingestion points: User input through the prompt field and web-retrieved information when enable_google_search is used.
  • Boundary markers: No explicit markers or specific instructions are provided to help the model distinguish between control instructions and data.
  • Capability inventory: The skill is granted access to the Bash(infsh *) capability for interacting with the generation platform.
  • Sanitization: There is no evidence of input validation or sanitization before processing strings provided to the underlying model.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 09:54 PM