Skills
skills/sixtysecondsapp/use60/nano-banana-image/Gen Agent Trust Hub

nano-banana-image

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill incorporates untrusted user input into prompts sent to an external image generation model, creating a surface for indirect prompt injection.\n
  • Ingestion points: User inputs such as subject, mood, and style defined in SKILL.md are concatenated into the final prompt sent to the model.\n
  • Boundary markers: The skill lacks explicit delimiters or boundary instructions to isolate user-provided text from the system-defined prompt layers.\n
  • Capability inventory: The skill utilizes the openrouter_api to facilitate network requests to the external image model.\n
  • Sanitization: There is no evidence of input filtering or validation logic to prevent malicious instructions from being included in the user-provided fields.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 11:38 AM