Skills
skills/agentspace-so/runcomfy-agent-skills/gpt-image-2/Gen Agent Trust Hub

gpt-image-2

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes the runcomfy CLI to perform image generation and editing tasks. The documentation specifies that user prompts are passed as JSON strings to the CLI to prevent shell injection vulnerabilities.
  • [EXTERNAL_DOWNLOADS]: Directs users to install the @runcomfy/cli utility from the official NPM package registry as a prerequisite.
  • [DATA_EXFILTRATION]: Facilitates the transmission of user prompts and external image URLs to the RunComfy Model API at model-api.runcomfy.net. This network activity is documented as the core functionality for generating image results.
  • [SAFE]: The skill includes a dedicated Security & Privacy section outlining safe practices for API token storage (using 0600 file permissions or environment variables) and describes input boundary protections.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 06:44 AM