runcomfy-cli
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the @runcomfy/cli package from the NPM registry and the download of generated media files from official RunComfy domains.
- [DATA_EXFILTRATION]: Documentation identifies sensitive locations like ~/.config/runcomfy/token.json used by the CLI for token persistence and acknowledges the use of authentication environment variables.
- [PROMPT_INJECTION]: The skill processes untrusted media assets and web results that could contain adversarial content designed to influence model generation (indirect prompt injection). Mandatory Evidence Chain: 1. Ingestion point: --input flag in runcomfy run (SKILL.md). 2. Boundary markers: CLI uses JSON formatting; skill instructions advise agent to only ingest URLs explicitly provided by the user. 3. Capability inventory: execution of the runcomfy CLI and file-writing capabilities to the local directory. 4. Sanitization: No explicit content filtering or escaping is mentioned, but behavioral guidance is provided to the agent.
Audit Metadata