The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the runcomfy CLI through a restricted Bash(runcomfy *) configuration, limiting the agent's shell capabilities to the vendor's specific toolset.
[EXTERNAL_DOWNLOADS]: The instructions recommend installing @runcomfy/cli from the official npm registry. This is a legitimate download of vendor-provided software from a well-known service.
[CREDENTIALS_UNSAFE]: The skill describes how the runcomfy CLI manages API tokens, noting they are stored in ~/.config/runcomfy/token.json with secure permissions (0600). It also recommends using the RUNCOMFY_TOKEN environment variable for secure automation.
[PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection through external video content.
Ingestion points: The video_url field within the JSON input for the runcomfy run command (found in SKILL.md).
Boundary markers: Prompts and URLs are encapsulated within a JSON string passed to the CLI tool.
Capability inventory: The agent has the Bash(runcomfy *) capability as defined in the YAML frontmatter of SKILL.md.
Sanitization: The skill documentation states that the CLI processes inputs as JSON and avoids shell expansion to prevent command injection.

video-outpainting