Skills
skills/inference-sh/skills/nano-banana-2/Gen Agent Trust Hub

nano-banana-2

Pass

Audited by Gen Agent Trust Hub on Apr 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the infsh CLI and inferencesh Python SDK to execute image generation tasks. These tools are part of the vendor's own infrastructure.
  • [EXTERNAL_DOWNLOADS]: References an installation script for the CLI tool from the vendor's GitHub repository and suggests adding related skills via npx.
  • [PROMPT_INJECTION]: The skill processes external data which could lead to indirect prompt injection.
  • Ingestion points: User-provided prompt strings and external images URLs processed by the image generation model (SKILL.md).
  • Boundary markers: None identified in the provided examples to separate instructions from untrusted data.
  • Capability inventory: Uses the infsh tool to perform remote model inference.
  • Sanitization: No input sanitization or prompt wrapping is evident in the instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 23, 2026, 12:56 PM