ai-image-generation
Fail
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill's documentation provides a command to install the necessary CLI tool by fetching and executing a script from
https://runcomfy.com/install.shdirectly through a shell pipe. - [EXTERNAL_DOWNLOADS]: The skill references the
@runcomfy/clipackage on the NPM registry and communicates with the RunComfy service infrastructure to perform image generation and download results. - [COMMAND_EXECUTION]: The skill is configured to execute the
runcomfycommand, which allows the agent to interact with the host environment to run models, manage authentication, and download files. It interpolates user-supplied data into command arguments. - [PROMPT_INJECTION]: The skill handles untrusted user input that is passed to remote AI models, creating a surface for indirect prompt injection.
- Ingestion points: User-provided text prompts for image generation as described in the
SKILL.mdfile. - Boundary markers: The prompt text is encapsulated within a JSON object passed to the CLI's
--inputargument. - Capability inventory: The
runcomfyCLI tool can perform network requests to the RunComfy API and write generated image files to the local file system. - Sanitization: No explicit content filtering or validation of the user's prompt is implemented beyond the JSON encapsulation.
Recommendations
- HIGH: Downloads and executes remote code from: https://runcomfy.com/install.sh - DO NOT USE without thorough review
Audit Metadata