Skills
skills/tamtom/image-generation-skills/gemini-nano-banana-2/Gen Agent Trust Hub

gemini-nano-banana-2

Pass

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted user prompts and external image files which constitute an indirect prompt injection attack surface.\n
  • Ingestion points: The --prompt and --input-image arguments in scripts/generate_image.py ingest external content from the user.\n
  • Boundary markers: No specific delimiters or instructions are used to separate user input from the overall model context.\n
  • Capability inventory: The skill can write files to the local system using the PIL.Image.save method in scripts/generate_image.py.\n
  • Sanitization: No sanitization or filtering is performed on the prompt text or image content before it is processed by the API.\n- [EXTERNAL_DOWNLOADS]: The script declares dependencies on legitimate, well-known Python libraries.\n
  • Evidence: The scripts/generate_image.py file specifies google-genai>=1.0.0 and pillow>=10.0.0 as requirements, which are fetched during execution.\n- [COMMAND_EXECUTION]: The skill utilizes command-line execution to run its internal processing script.\n
  • Evidence: SKILL.md provides uv run commands to execute the scripts/generate_image.py script for its core image generation and editing tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 16, 2026, 04:55 AM