Skills
skills/halt-catch-fire/skills/nano-banana-2/Gen Agent Trust Hub

nano-banana-2

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references documentation and installation scripts hosted on the official GitHub repository for the inference-sh organization and links to the inference.sh domain for service execution.
  • [COMMAND_EXECUTION]: Utilizes the 'belt' CLI tool to perform model inference tasks. The execution environment is restricted to this specific utility through the 'allowed-tools' configuration field.
  • [DATA_EXFILTRATION]: Transmits user-provided prompts and metadata to the inference.sh API endpoints to generate images, which aligns with the skill's documented primary purpose.
  • [PROMPT_INJECTION]: The skill ingests user-supplied text and image URLs for processing by a remote large language model. This presents an attack surface for indirect prompt injection, although the implementation uses structured JSON for parameter passing to mitigate simple data-instruction confusion.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 02:15 AM
Security Audit — agent-trust-hub — nano-banana-2