gpt-image-edit
Pass
Audited by Gen Agent Trust Hub on Jul 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@runcomfy/clipackage via npm and provides a command to fetch skill components from theagentspace-so/runcomfy-skillsrepository using npx. - [COMMAND_EXECUTION]: The skill defines patterns for the agent to execute shell commands using the
runcomfyCLI to interact with remote image models. - [DATA_EXFILTRATION]: The skill describes the storage of API tokens in
~/.config/runcomfy/token.jsonand details network operations where the CLI transmits data tomodel-api.runcomfy.netand downloads assets from*.runcomfy.netor*.runcomfy.com. - [PROMPT_INJECTION]: The skill documents a surface for indirect prompt injection when processing external image URLs. Ingestion points: The
imagesarray in the JSON input provided to theruncomfycommand. Boundary markers: Input is structured as a JSON object passed through the--inputflag. Capability inventory: Execution of theruncomfyCLI tool via shell. Sanitization: Documentation indicates that the CLI tool transmits the JSON body directly over HTTPS and does not perform shell expansion on the prompt content.
Audit Metadata