ace-step
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is configured to use the
runcomfyCLI tool for music generation, inpainting, and outpainting tasks. This execution is scoped via theallowed-toolsmetadata field, which is a recognized security best practice for limiting agent capabilities. - [EXTERNAL_DOWNLOADS]: The documentation provides instructions for installing the
@runcomfy/clipackage from the official NPM registry. These references target the official resources of the RunComfy service and do not involve unauthorized or suspicious third-party sources. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection attack surface because it processes untrusted data from external audio URLs during inpainting and outpainting operations.
- Ingestion points: The
audioinput parameter in theacestep-ai/ace-step/audio-inpaintandacestep-ai/ace-step/audio-outpaintendpoints (SKILL.md). - Boundary markers: Not present in the command templates; however, the skill's documentation includes a specific security warning regarding the use of untrusted audio sources.
- Capability inventory: Uses the
runcomfyCLI to perform audio processing and remote API calls. - Sanitization: No specific sanitization or validation of the remote audio content is described before processing.
Audit Metadata