The Agent Skills Directory

[SAFE]: No malicious patterns or security risks were identified. The skill correctly directs users to use an official CLI tool and legitimate service domains.
[COMMAND_EXECUTION]: The skill documents the use of the runcomfy CLI. It explicitly mentions that user prompts are handled as JSON strings to mitigate shell injection vulnerabilities.
[EXTERNAL_DOWNLOADS]: The skill references the official @runcomfy/cli package and uses a whitelist for downloading generated assets from *.runcomfy.net and *.runcomfy.com domains.
[CREDENTIALS_UNSAFE]: The skill provides guidance on secure credential management, recommending the use of environment variables or configuration files with restricted access (0600 permissions).

gpt-image-2