gpt-image-edit

Pass

Audited by Gen Agent Trust Hub on Jul 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @runcomfy/cli package via npm and provides a command to fetch skill components from the agentspace-so/runcomfy-skills repository using npx.
  • [COMMAND_EXECUTION]: The skill defines patterns for the agent to execute shell commands using the runcomfy CLI to interact with remote image models.
  • [DATA_EXFILTRATION]: The skill describes the storage of API tokens in ~/.config/runcomfy/token.json and details network operations where the CLI transmits data to model-api.runcomfy.net and downloads assets from *.runcomfy.net or *.runcomfy.com.
  • [PROMPT_INJECTION]: The skill documents a surface for indirect prompt injection when processing external image URLs. Ingestion points: The images array in the JSON input provided to the runcomfy command. Boundary markers: Input is structured as a JSON object passed through the --input flag. Capability inventory: Execution of the runcomfy CLI tool via shell. Sanitization: Documentation indicates that the CLI tool transmits the JSON body directly over HTTPS and does not perform shell expansion on the prompt content.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 13, 2026, 07:38 AM
Security Audit — agent-trust-hub — gpt-image-edit