wan-2-7
Pass
Audited by Gen Agent Trust Hub on Jul 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONCREDENTIALS_UNSAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to execute shell commands via the
runcomfyCLI, passing user inputs to the system as parameters for video generation. - [EXTERNAL_DOWNLOADS]: The skill recommends installing the
@runcomfy/clipackage globally from the NPM registry to enable model invocation. - [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it processes untrusted user-supplied text and URLs.
- Ingestion points: User-provided
promptandaudio_urlfields within theruncomfycommand input in SKILL.md. - Boundary markers: Input is wrapped in a JSON string template (
--input '{"prompt": "..."}'). - Capability inventory: Employs subprocess execution of the CLI and requires network access to external
runcomfy.netAPIs. - Sanitization: No explicit sanitization or validation of user-provided content is defined in the skill instructions; safety relies on the agent's ability to format valid JSON for shell execution.
- [CREDENTIALS_UNSAFE]: The skill involves the management of API tokens, which are stored locally in the
~/.config/runcomfy/token.jsonfile for service authentication.
Audit Metadata