ai-avatar-video
Pass
Audited by Gen Agent Trust Hub on Jul 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
runcomfyCLI for video generation tasks. This execution is limited to specific subcommands via theallowed-toolsconfiguration, which prevents broader shell access.\n- [EXTERNAL_DOWNLOADS]: Installs the@runcomfy/clitool from the NPM registry and downloads media assets from RunComfy's official domains (runcomfy.net,runcomfy.com).\n- [PROMPT_INJECTION]: The skill identifies and documents an indirect prompt injection surface due to its processing of user-supplied prompts and external media URLs (images and audio).\n - Ingestion points: Processes untrusted
prompt,image_url, andaudio_urlfields within theruncomfy runcommand.\n - Boundary markers: External data is encapsulated within a JSON string provided to the
--inputflag, which serves as a data boundary.\n - Capability inventory: The skill is capable of performing network requests to the model provider's API and writing generated video files to the local file system via the
runcomfycommand.\n - Sanitization: Documentation specifies that the CLI does not perform shell expansion on input fields, which helps mitigate direct command injection from malicious prompt content.
Audit Metadata