image-outpainting
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@runcomfy/clipackage from the official NPM registry. This is a standard vendor-provided dependency required for the skill's primary functionality. - [COMMAND_EXECUTION]: Operations are restricted to the
runcomfyCLI as specified in theallowed-toolsmanifest. The instructions utilize this tool for authenticated API calls to perform image editing tasks. - [DATA_EXFILTRATION]: Network traffic is directed toward the vendor's official domains (
*.runcomfy.netand*.runcomfy.com). Credential management is handled through restricted configuration files (~/.config/runcomfy/token.json) or environment variables, which aligns with security best practices. - [PROMPT_INJECTION]: The skill handles untrusted data in the form of user-provided image URLs and prompts. It acknowledges this indirect injection surface and provides mitigations.
- Ingestion points: Untrusted data is processed via the
image_urlsandpromptfields within theruncomfy runcommand (SKILL.md). - Boundary markers: Inputs are passed as structured JSON strings to the CLI, which reduces the risk of instruction leakage.
- Capability inventory: The skill interacts with the model API to generate and download edited images.
- Sanitization: Documentation specifies that the CLI avoids shell expansion of prompt content, and the skill provides guidelines to only ingest user-verified URLs.
Audit Metadata