The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to execute a third-party command-line interface to interact with an image editing API.
Evidence: The SKILL.md file contains instructions for invoking runcomfy run openai/gpt-image-2/edit with user-supplied parameters.
[EXTERNAL_DOWNLOADS]: The skill requires the installation of a remote Node.js package from a public registry as part of its prerequisites.
Evidence: SKILL.md documentation specifies running npm i -g @runcomfy/cli to set up the necessary tools.
[PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection because it processes untrusted data such as external image URLs and user prompts.
Ingestion points: Image URLs and instruction prompts are accepted as input for the CLI command.
Boundary markers: The skill notes that the CLI transmits data as a JSON body directly, which provides a boundary by avoiding shell expansion of the input.
Capability inventory: The skill utilizes the CLI to perform remote operations based on the provided inputs.
Sanitization: No specific sanitization or validation routines for the input data are described within the skill body.

gpt-image-edit