image-to-video
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for executing the
runcomfy runCLI command. It maps user intent to specific model identifiers and passes parameters as a JSON object to the local shell. - [EXTERNAL_DOWNLOADS]: The documentation directs the user to install the
@runcomfy/clipackage from the NPM registry. It also describes the process of downloading generated video outputs from theruncomfy.netandruncomfy.comdomains, which are the official infrastructure for the service. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests untrusted data from external sources.
- Ingestion points: External data enters the agent context via
image_url,video_url,audio_url, and the user-providedpromptfield inSKILL.md. - Boundary markers: Data is encapsulated within a JSON string provided to the
--inputflag, which acts as a structural delimiter. - Capability inventory: The skill has the capability to execute shell commands via the
runcomfyCLI as described across all model routes inSKILL.md. - Sanitization: The skill documentation explicitly states that the CLI does not perform shell-expansion on the prompt content, reducing the risk of direct command injection from the prompt text.
Audit Metadata