Back to skill
Skillv1.5.0
ClawScan security
ComfyUI ImageGen (Flux2) · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 12, 2026, 1:44 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's files and runtime instructions are consistent with its stated purpose (submitting Flux2 workflows to a ComfyUI instance and downloading images); nothing in the package requests unrelated credentials or installs surprising binaries.
- Guidance
- This skill appears to do what it says: submit a Flux2 workflow to a ComfyUI HTTP server (default localhost:8188), poll for completion, and download the saved image. Before installing/using: 1) ensure you trust the ComfyUI host you point it at (default is localhost; if you change --host to a remote server, your structured prompts and any metadata will be sent to that server), 2) be aware the SKILL.md examples auto-send images via the agent's message tool (Telegram) — confirm the agent's messaging channels/targets are ones you trust, 3) the example uses a user-specific workspace path for spawned jobs; modify that to a safe directory on your system if you run the watcher, and 4) the script writes downloaded images to disk and removes them in the example — check file paths and permissions you grant the agent. If you need stricter guarantees, run ComfyUI locally and avoid using the example sessions_spawn Telegram send until you verify messaging credentials and targets.
Review Dimensions
- Purpose & Capability
- okName/description match the included script and workflow: the Python script posts a Flux2 workflow JSON to a ComfyUI host, polls history, and downloads the saved JPG. There are no unexpected required env vars, binaries, or installers that would be unrelated to image generation.
- Instruction Scope
- noteSKILL.md stays largely within image-generation scope, but the examples include orchestration steps (sessions_spawn) that automatically send images via the agent's message tool (Telegram) and use a hardcoded example workspace path (C:\Users\hal\.openclaw\workspace). Those orchestration instructions reach into the agent's messaging/channel capabilities and the local filesystem; they are plausible but are external to core generation and deserve operator awareness.
- Install Mechanism
- okNo install spec is provided (instruction-only with a small included script), so nothing is downloaded or executed at install time. This minimizes supply-chain risk.
- Credentials
- noteThe skill declares no environment variables or credentials, which matches its behavior (it talks to a ComfyUI HTTP host). However SKILL.md demonstrates auto-sending images to Telegram via the agent's message tool but does not declare Telegram credentials — this relies on the agent/runtime having messaging credentials configured. The example also references a user-specific workspace path; if followed, that grants the skill read/write in that folder.
- Persistence & Privilege
- okThe skill does not request permanent/always-on inclusion (always:false) and does not modify other skills or global agent settings. It uses a spawned watcher sub-agent in examples, which is normal for async jobs but not a privileged persistent presence.