Skills
skills/inference-sh-9/skills/nano-banana/Socket

nano-banana

Warn

Audited by Socket on Mar 17, 2026

1 alert found:

Anomaly
AnomalyLOW
SKILL.md

SUSPICIOUS: The skill's purpose and capabilities align, but it depends on an external platform CLI, routes prompts/images through inference.sh instead of direct Google endpoints, and instructs installation of a broader transitive skill. This looks more like a legitimate platform integration with medium supply-chain and data-handling risk than confirmed malicious behavior.

Confidence: 84%Severity: 62%
Audit Metadata
Analyzed At
Mar 17, 2026, 11:54 AM
Package URL
pkg:socket/skills-sh/inference-sh-9%2Fskills%2Fnano-banana%2F@630b455a3363c9bf3896c53f5f0992eb8e776da7