Skills
skills/anionex/banana-slides/banana-cli/Gen Agent Trust Hub

banana-cli

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructions involve executing several shell commands, including curl for health checks, jq for JSON processing, and the banana-cli tool for presentation management.
  • [REMOTE_CODE_EXECUTION]: The setup documentation (references/setup.md) guides the user to clone the banana-slides repository from GitHub and execute Python scripts (app.py) and migration tools (alembic) to initialize and run the backend service. These resources originate from the skill's official vendor repository.
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the download of its backend components and dependencies from the author's GitHub repository (github.com/Anionex/banana-slides).
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it processes untrusted user input to generate content while maintaining file-writing capabilities.
  • Ingestion points: --idea-prompt and --instruction arguments in SKILL.md
  • Boundary markers: Absent
  • Capability inventory: File writing via banana-cli exports and banana-cli renovation commands in SKILL.md
  • Sanitization: Absent
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 03:30 AM