nano-banana-2
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes the
runcomfyCLI to perform image generation tasks. The documentation specifies that the CLI transmits JSON directly to the API without shell expansion, mitigating common injection risks. - [SAFE]: The skill outlines secure credential management practices, such as using environment variables or restricted configuration files for API tokens, and defines a clear whitelist for outbound network operations limited to the service provider's domains.
Audit Metadata