ComfyUI Local Gen

Security checks across malware telemetry and agentic risk

Overview

This is a real local ComfyUI image-generation skill, but its helper script has under-scoped file handling that could read unintended JSON files or write files outside the expected output folder if used with an untrusted server.

Install only if you trust the ComfyUI server address you configure and the workflow JSON files you pass to the helper. Avoid cloud-synced output folders for sensitive generations, and consider patching the script to restrict workflow paths, validate local server URLs, add timeouts, and sanitize downloaded filenames.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 81% confidence
Finding: The skill states that generated images are saved to an output directory and may be configured to sync to local document folders, but it does not clearly warn users about file writes. Silent or under-documented writes can expose sensitive prompts or generated content on disk and may place files into broader-sync locations unintentionally.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The script performs outbound HTTP requests to a user-supplied server and writes the downloaded image to local disk without any user-facing disclosure, confirmation, or validation. In an agent/skill context, these side effects can surprise users, enable unintended interaction with internal network services, and persist untrusted remote content locally.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal