Skills
skills/runcomfy-com/skills/nano-banana-edit/Gen Agent Trust Hub

nano-banana-edit

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill documents the use of the runcomfy command-line interface to interact with remote image-generation models. This is the intended purpose of the skill and involves passing structured JSON data to the vendor's API.
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the official @runcomfy/cli package from the NPM registry. This is a standard installation procedure for the vendor's tools.
  • [SAFE]: The skill includes a 'Security & Privacy' section that details safe credential management (using ~/.config/runcomfy/token.json with restricted permissions) and explicitly warns about the risks of image-based prompt injection when processing untrusted external URLs.
  • [SAFE]: All external URLs and resources (e.g., runcomfy.com, model-api.runcomfy.net) are owned by the vendor and used for their intended purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 02:04 PM