flux-kontext
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the RunComfy command-line tool to perform image edits. It passes user parameters as a structured JSON string to avoid shell expansion vulnerabilities.- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the official @runcomfy/cli Node.js package from the vendor.- [PROMPT_INJECTION]: The skill processes user-provided prompts and external image URLs, creating an attack surface for indirect prompt injection. It includes documentation explaining that inputs are passed to the CLI as JSON strings to mitigate risks.
- Ingestion points: image (URL) and prompt fields in the runcomfy run command.
- Boundary markers: JSON string input used by the CLI to prevent shell expansion.
- Capability inventory: Shell command execution of the runcomfy CLI.
- Sanitization: Handled by the CLI's transmission of JSON data to the API.- [CREDENTIALS_UNSAFE]: The documentation provides best-practice guidance for managing API tokens, such as using environment variables or configuration files with restricted permissions.
Audit Metadata