Skills
skills/agentspace-so/runcomfy-agent-skills/seedance-v2/Gen Agent Trust Hub

seedance-v2

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes the runcomfy command-line interface to execute model runs. It passes user-provided prompts and media URLs as a JSON string within the --input argument.
  • [EXTERNAL_DOWNLOADS]: Installation of the @runcomfy/cli package from the NPM registry is required. Additionally, the skill downloads generated video and audio files from vendor-controlled domains including *.runcomfy.net and *.runcomfy.com.
  • [CREDENTIALS_UNSAFE]: The skill documentation describes the use of the RUNCOMFY_TOKEN environment variable and local token storage at ~/.config/runcomfy/token.json for service authentication.
  • [DATA_EXFILTRATION]: User-supplied text prompts and URLs for reference images, videos, and audio are transmitted to the RunComfy Model API. This data transmission is the primary intended function of the skill and targets the vendor's official infrastructure.
  • [PROMPT_INJECTION]: The skill processes untrusted user input within the prompt field. Although the documentation states that the CLI avoids shell expansion by transmitting the JSON body directly, the skill represents an attack surface for indirect prompt injection.
  • Ingestion points: User-provided prompt, image_url, video_url, and audio_url fields in SKILL.md.
  • Boundary markers: Input is structured within a JSON string for the CLI.
  • Capability inventory: Execution of the runcomfy shell command.
  • Sanitization: Documentation claims the CLI transmits JSON directly to the API over HTTPS, reducing shell injection risks.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 06:39 AM