Back to skill
Skillv1.0.0
VirusTotal security
ComfyUI Video · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 8:48 AM
- Hash
- 9831d08cfd40645887d75590f0906d18eb0be1a6a011c64086825f1d7e09ba90
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: comfyui-video Version: 1.0.0 The skill bundle provides automation for ComfyUI video generation but includes instructions in SKILL.md for the AI agent to execute high-privilege shell commands via SSH (e.g., `ssh -p PORT root@HOST`) to monitor logs and list files. While these actions are plausibly related to managing a remote GPU workspace, the inclusion of root-level SSH commands represents a significant attack surface and risky capability. Additionally, scripts/batch_scenes.js performs direct manipulation of the ComfyUI web API and application state, which could be leveraged for unintended actions if the agent's context is compromised.
- External report
- View on VirusTotal