Skills
skills/agentspace-so/runcomfy-skills/seedance-v2/Gen Agent Trust Hub

seedance-v2

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the runcomfy command-line interface to interact with the RunComfy Model API for video generation tasks.
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @runcomfy/cli Node.js package from the official registry and downloads generated media assets from verified runcomfy.net and runcomfy.com subdomains.
  • [DATA_EXFILTRATION]: The skill transmits user-supplied prompts and media URLs to the RunComfy infrastructure. It manages sensitive API tokens using standard local configuration files or environment variables.
  • [SAFE]: The skill handles untrusted data which presents a theoretical surface for indirect prompt injection. Ingestion points: prompt and media URL fields in SKILL.md. Boundary markers: JSON string interpolation via the --input flag. Capability inventory: runcomfy CLI execution. Sanitization: The CLI does not perform shell expansion on the JSON input body.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 09:26 AM