lipsync
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the
@runcomfy/cliNode.js package for its core functionality. It instructs installation via the standard npm registry or execution via npx, which are recognized and safe methods for obtaining vendor-provided tooling. - [COMMAND_EXECUTION]: The skill uses the
Bash(runcomfy *)tool to execute video processing commands. These operations are limited to the specificruncomfyCLI tool as defined in the skill's frontmatter configuration, adhering to the principle of least privilege. - [CREDENTIALS_UNSAFE]: The documentation references authentication via a local configuration file (
~/.config/runcomfy/token.json) or an environment variable (RUNCOMFY_TOKEN). This follows standard security practices for CLI tools and does not involve hardcoding secrets within the skill itself. - [PROMPT_INJECTION]: The skill ingests untrusted data via
video_url,audio_url, andimage_urlparameters. This presents an indirect prompt injection surface where instructions could theoretically be embedded in the metadata or content of the linked media. However, the risk is mitigated by the following: - Ingestion points: Asset URLs provided by the user in the CLI input.
- Boundary markers: Parameters are passed within a structured JSON object to the CLI.
- Capability inventory: Capabilities are restricted to generating video files via the authorized
runcomfybinary. - Sanitization: The skill explicitly notes that the CLI does not perform shell expansion on input content, reducing the risk of command injection through these fields.
Audit Metadata