Skills
skills/runcomfy-com/skills/runcomfy-cli/Gen Agent Trust Hub

runcomfy-cli

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: Invokes the runcomfy CLI using the Bash(runcomfy *) tool. This access is restricted to the specific vendor-provided binary to perform model operations.\n- [EXTERNAL_DOWNLOADS]: Retrieves generated files from the vendor's official domains (*.runcomfy.net, *.runcomfy.com) and identifies the @runcomfy/cli package for installation via npm.\n- [PROMPT_INJECTION]: Addresses potential indirect prompt injection risks associated with processing external image/video URLs or web search results. The skill provides the agent with specific mitigations to prioritize user instructions over embedded data.\n
  • Ingestion points: External URLs and web search data processed by model endpoints in SKILL.md.\n
  • Boundary markers: Uses structured JSON for model inputs to avoid command injection.\n
  • Capability inventory: Execution is restricted to the runcomfy CLI via the Bash tool.\n
  • Sanitization: Instructions specify the agent should only use user-provided URLs and verify output consistency.\n- [SAFE]: Documents secure token storage at ~/.config/runcomfy/token.json using owner-only permissions (0600) and allows the use of the RUNCOMFY_TOKEN environment variable for authentication.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 02:05 PM