The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill directs the user to install the @runcomfy/cli package via verified package managers (npm or npx). It also mentions a curl-pipe installation method available in official documentation with an explicit warning to inspect scripts before execution.- [DATA_EXFILTRATION]: The skill manages a local authentication token at ~/.config/runcomfy/token.json using secure file permissions (0600). The token is used for authorized model submission to RunComfy's infrastructure.- [COMMAND_EXECUTION]: The skill utilizes the Bash(runcomfy *) tool to execute CLI commands. This usage is appropriately scoped to the specific functionality of the skill.- [PROMPT_INJECTION]: The skill includes a 'Security & Privacy' section that warns about Indirect Prompt Injection from untrusted third-party assets (images, video, web search) and provides specific remediation guidance for the agent to mitigate these risks.

runcomfy-cli