Skills
skills/inference-sh/skills/nano-banana/Gen Agent Trust Hub

nano-banana

Pass

Audited by Gen Agent Trust Hub on Apr 23, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill links to installation guides hosted on the author's official GitHub repository at inference-sh/skills.
  • [COMMAND_EXECUTION]: Uses the 'infsh' command-line interface to run image generation applications and query the application registry.
  • [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by accepting free-text user input for the 'prompt' parameter. * Ingestion points: 'prompt' field in the JSON input for 'infsh app run' within SKILL.md. * Boundary markers: No delimiters or protective instructions are used to wrap user-supplied content. * Capability inventory: Access to shell command execution through the 'infsh' utility. * Sanitization: No input validation or sanitization is performed on the user-supplied prompts.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 23, 2026, 12:24 AM