nano-banana

SUSPICIOUS. The core capability is coherent for an image-generation skill, but it depends on a remote CLI installed via curl|sh, forwards auth and content through inference.sh instead of direct Google endpoints, and encourages transitive skill installation. This looks more like a platform wrapper than a direct Gemini integration; risk is medium from install trust and intermediary data flow, not confirmed malware.