wan-2-7

Pass

Audited by Gen Agent Trust Hub on Jul 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONCREDENTIALS_UNSAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill directs the agent to execute shell commands via the runcomfy CLI, passing user inputs to the system as parameters for video generation.
  • [EXTERNAL_DOWNLOADS]: The skill recommends installing the @runcomfy/cli package globally from the NPM registry to enable model invocation.
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it processes untrusted user-supplied text and URLs.
  • Ingestion points: User-provided prompt and audio_url fields within the runcomfy command input in SKILL.md.
  • Boundary markers: Input is wrapped in a JSON string template (--input '{"prompt": "..."}').
  • Capability inventory: Employs subprocess execution of the CLI and requires network access to external runcomfy.net APIs.
  • Sanitization: No explicit sanitization or validation of user-provided content is defined in the skill instructions; safety relies on the agent's ability to format valid JSON for shell execution.
  • [CREDENTIALS_UNSAFE]: The skill involves the management of API tokens, which are stored locally in the ~/.config/runcomfy/token.json file for service authentication.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 13, 2026, 07:38 AM
Security Audit — agent-trust-hub — wan-2-7