Back to skill

Security audit

image

Security checks across malware telemetry and agentic risk

Overview

This ComfyUI skill is mostly coherent, but it can automatically install and run an unverified downloader binary and persist model files on the user’s machine.

Install only if you are comfortable allowing the skill to modify ~/ComfyUI and possibly add an executable in ~/.local/bin. Prefer trusted model URLs, consider using --no-pget, and manually verify or install pget if you do not want a latest-release binary downloaded and executed automatically.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill is configured to activate on very broad image-generation language, including generic image descriptions. That can cause unintended invocation of a powerful local-execution workflow skill in contexts where the user did not explicitly ask to run ComfyUI, increasing the chance of unexpected file edits, local service interaction, or follow-on network/download actions. In this context, broad activation is more dangerous because the skill can modify workflows, talk to a localhost service, and potentially trigger installation/download behavior.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs the agent to download external model weights and even install auxiliary tooling automatically, but does not require an explicit user warning or confirmation about network access, disk usage, provenance, or execution environment changes. This is dangerous because attacker-supplied URLs could lead to untrusted files being placed into the local ComfyUI installation, consuming significant resources and potentially introducing malicious or unsafe models or tooling into future runs.

VirusTotal

No VirusTotal findings

View on VirusTotal

Static analysis

No suspicious patterns detected.