Skills
skills/runcomfy-com/skills/relight/Gen Agent Trust Hub

relight

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFEDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill documentation guides the agent to install the @runcomfy/cli package via the NPM registry or execute it directly using npx. This is the primary tool required for the skill's functionality.
  • [COMMAND_EXECUTION]: The skill is configured to use the Bash(runcomfy *) tool, allowing it to execute the RunComfy CLI to perform image processing tasks.
  • [CREDENTIALS_UNSAFE]: The skill describes standard authentication mechanisms, including storing an API token at ~/.config/runcomfy/token.json and utilizing the RUNCOMFY_TOKEN environment variable. These are documented best practices for the CLI's operation.
  • [DATA_EXFILTRATION]: The CLI transmits user-provided image URLs and processing prompts to the vendor's API endpoints at *.runcomfy.net and *.runcomfy.com. This network activity is inherent to the cloud-based relighting service provided by the author.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 02:04 PM