Skills
skills/doany-ai/skills/image-edit/Gen Agent Trust Hub

image-edit

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the runcomfy CLI to invoke various image editing models including Nano Banana, GPT Image 2, Flux, and Z-Image. Command arguments are passed via a JSON string to the --input flag, which prevents shell injection from user-supplied prompts.\n- [EXTERNAL_DOWNLOADS]: The skill requires the @runcomfy/cli package from the NPM registry and fetches images and masks from external HTTPS URLs as part of its core functionality.\n- [PROMPT_INJECTION]: The skill processes untrusted user prompts and external image URLs, presenting a surface for indirect prompt injection.\n
  • Ingestion points: External data enters the agent context through the image_urls, images, image, and mask_image fields in the runcomfy run commands defined in SKILL.md.\n
  • Boundary markers: The CLI uses JSON encapsulation for the input payload to isolate the data from the shell environment.\n
  • Capability inventory: The skill has the capability to execute subprocesses via the runcomfy CLI and perform network operations to download processed assets.\n
  • Sanitization: The documentation explicitly acknowledges the risk of image-based prompt injection and advises users to treat external URLs as untrusted.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 02:23 PM