ComfyUI图像生成

PassAudited by ClawScan on May 10, 2026.

Overview

This appears to be a purpose-aligned ComfyUI image-generation helper, but it sends prompts/workflows to a configured HTTP ComfyUI server and writes generated images to user-chosen paths.

Before installing, confirm that the default ComfyUI server address and workflow/output paths match your environment. Use a trusted ComfyUI endpoint, avoid sensitive prompts if the server is shared, and write outputs only to safe directories.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Low

#ASI07: Insecure Inter-Agent Communication

What this means

Prompts and workflow details may be sent to the configured ComfyUI server, which by default is a private-network HTTP address.

Why it was flagged

The skill submits the modified workflow, including the user's prompt, to a configured ComfyUI HTTP endpoint. This is expected for ComfyUI generation, but it defines a network data boundary users should be aware of.

Skill content

COMFYUI_SERVER = os.getenv('COMFYUI_SERVER', 'http://192.168.18.15:8188') ... data = json.dumps({"prompt": workflow}).encode('utf-8') ... url = f"{COMFYUI_SERVER}/prompt"

Recommendation

Use this only with a ComfyUI server you trust, and override COMFYUI_SERVER if the default LAN address is not yours.

Info

#ASI02: Tool Misuse and Exploitation

What this means

Generated image files can be written wherever the agent process has permission if that path is supplied.

Why it was flagged

The skill creates directories and writes downloaded image bytes to the caller-provided output path. This is normal for an image-generation skill, but it gives the invocation control over where files are written.

Skill content

os.makedirs(output_dir, exist_ok=True) ... with open(output_path, 'wb') as f: f.write(content)

Recommendation

Choose explicit, non-sensitive output directories and avoid directing generated files into system or project paths where overwrites would matter.

Low

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

Users have less external context for who maintains the skill or where updates originate.

Why it was flagged

The registry metadata does not provide a source repository or homepage, limiting provenance verification. The provided code itself did not show hidden install behavior.

Skill content

Source: unknown; Homepage: none

Recommendation

Review the included code and prefer installing from a trusted publisher or source-controlled location when available.