nano-banana

SUSPICIOUS: the core image-generation purpose is coherent, but the trust model is weaker than it should be. The skill requires transitive installation of another skill, uses an install path inconsistent with the publisher's own documented belt CLI channels, grants broad Bash access, and forwards user auth/data through third-party CLI infrastructure. This looks more like a risky integration pattern than confirmed malware.