ai-avatar-video

Pass

Audited by Gen Agent Trust Hub on Jul 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the runcomfy CLI for video generation tasks. This execution is limited to specific subcommands via the allowed-tools configuration, which prevents broader shell access.\n- [EXTERNAL_DOWNLOADS]: Installs the @runcomfy/cli tool from the NPM registry and downloads media assets from RunComfy's official domains (runcomfy.net, runcomfy.com).\n- [PROMPT_INJECTION]: The skill identifies and documents an indirect prompt injection surface due to its processing of user-supplied prompts and external media URLs (images and audio).\n
  • Ingestion points: Processes untrusted prompt, image_url, and audio_url fields within the runcomfy run command.\n
  • Boundary markers: External data is encapsulated within a JSON string provided to the --input flag, which serves as a data boundary.\n
  • Capability inventory: The skill is capable of performing network requests to the model provider's API and writing generated video files to the local file system via the runcomfy command.\n
  • Sanitization: Documentation specifies that the CLI does not perform shell expansion on input fields, which helps mitigate direct command injection from malicious prompt content.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 13, 2026, 07:38 AM
Security Audit — agent-trust-hub — ai-avatar-video