image-inpainting
Pass
Audited by Gen Agent Trust Hub on Jul 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
runcomfyCLI for image processing operations. Shell access is restricted to this specific tool through the platform'sallowed-toolsconfiguration, minimizing the risk of unauthorized command execution. - [EXTERNAL_DOWNLOADS]: The skill provides instructions for installing the necessary CLI tool from the public NPM registry. The package
@runcomfy/cliis a standard dependency originating from the service's own infrastructure. - [PROMPT_INJECTION]: The skill processes image and mask data from external URLs, which represents a potential surface for indirect prompt injection.
- Ingestion points: Source image and mask URLs passed to the
runcomfycommand inSKILL.md. - Boundary markers: The skill uses structured JSON schemas for CLI inputs to separate metadata and parameters from instruction content.
- Capability inventory: The CLI performs image edits, object removal, and region replacement via remote API calls to RunComfy models.
- Sanitization: Inputs are passed as JSON strings to the CLI to prevent shell injection, and the documentation includes explicit security guidance to only process URLs provided by the user.
Audit Metadata