video-edit
Fail
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references and encourages the download of an installation script from
https://runcomfy.com/install.sh. This is the official resource for the RunComfy service being integrated. - [REMOTE_CODE_EXECUTION]: The installation instructions for the RunComfy CLI involve a common but inherently risky pattern of piping a remote script to the system shell (
curl -fsSL https://runcomfy.com/install.sh | sh). - [COMMAND_EXECUTION]: The skill primarily functions by executing the
runcomfycommand-line tool, passing shell commands that include JSON-formatted input strings derived from user prompts and media URLs. - [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection as it ingests untrusted user data and interpolates it into prompts used for video generation and CLI commands.
- Ingestion points: The
prompt,video,image, andvideo_urlparameters defined in the Route 1, Route 2, and Route 3 schemas withinSKILL.mdare directly populated from user input. - Boundary markers: The skill does not employ explicit delimiters or system instructions to separate user data from administrative instructions when passing content to the CLI.
- Capability inventory: The skill utilizes the
runcomfyCLI, which communicates with external APIs and downloads output files to the local file system. - Sanitization: There is no evidence of input sanitization, escaping, or validation to mitigate malicious instructions embedded within the processed data.
Recommendations
- HIGH: Downloads and executes remote code from: https://runcomfy.com/install.sh - DO NOT USE without thorough review
Audit Metadata