The Agent Skills Directory

[SAFE]: The skill utilizes the vendor's official CLI tool, @runcomfy/cli. Installations of recognized vendor packages from the official NPM registry are standard and safe.
[SAFE]: Command execution is appropriately restricted using the allowed-tools configuration, scoping Bash usage exclusively to the runcomfy CLI and preventing arbitrary command execution.
[SAFE]: Network communication is directed toward official vendor domains (runcomfy.com, runcomfy.net) for model API interactions and documentation access, which is expected for the skill's functionality.
[SAFE]: The skill includes proactive security guidance, advising against piping remote scripts into the shell and detailing secure API token management via environment variables or restricted-access configuration files.

ace-step