Skills
skills/agentspace-so/runcomfy-agent-skills/face-swap/Gen Agent Trust Hub

face-swap

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the runcomfy CLI tool through a restricted Bash tool configuration (Bash(runcomfy *)). This ensures the agent can only execute the intended vendor-specific commands.\n- [EXTERNAL_DOWNLOADS]: Includes instructions to install the official @runcomfy/cli package from the NPM registry, which is the standard distribution method for the tool.\n- [PROMPT_INJECTION]: The skill provides a surface for processing untrusted media URLs provided by the user. It incorporates safety instructions directing the agent to validate user intent and refuse requests involving non-consensual or harmful content.\n
  • Ingestion points: Media URLs (image, audio, video) are ingested via the --input JSON argument in SKILL.md.\n
  • Boundary markers: Data is passed to the CLI as a structured JSON string, maintaining a clear boundary.\n
  • Capability inventory: Subprocess execution and network operations are limited to the runcomfy CLI as described in SKILL.md.\n
  • Sanitization: Content validation is handled at the model API level, with explicit agent instructions to refuse malicious use cases.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 01:31 PM