ComfyUI图像生成

The skill provides a functional interface for ComfyUI image generation but contains high-risk path traversal vulnerabilities. The `generate` and `download_image` functions in `__init__.py` and `comfyui_generator.py` accept an `output_path` parameter and perform file write/copy operations without sanitization, potentially allowing an attacker to overwrite arbitrary system files. Additionally, the code contains hardcoded internal IP addresses (192.168.18.15) and specific mount paths (/mnt/share2win), which are characteristic of environment-specific internal tools but pose a risk if deployed in untrusted environments.