ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

ComfyUI Skill for OpenClaw

v1.0.1

Run ComfyUI workflows from any AI agent (Claude Code, OpenClaw, Codex) via a single CLI. Import workflows, manage dependencies, execute across multiple serve...

1· 49·1 current·1 all-time
by科林 KELIN@huangyuchuh
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (run ComfyUI workflows) aligns with the included files: CLI usage, workflow import, schema generation, dependency checks, a FastAPI-based UI, and utilities to manage multi-server workflows. No unrelated cloud creds or binaries are required by the skill metadata.
Instruction Scope
SKILL.md instructs the agent to read/write repository-local files (./data/<server_id>/..., config.json), launch the local UI (python3 ./ui/open_ui.py), run CLI commands (comfyui-skill ...), and perform dependency checks/installs. These actions are consistent with the stated purpose but grant the skill the ability to write files, start background processes, and open a local web server — all expected for this function but worth noting.
Install Mechanism
Registry has no automated install spec, but SKILL.md directs users to 'pip install comfyui-skill-cli' and optionally 'pip install -r requirements.txt'. The repo includes update scripts (e.g., update.sh, scripts/update_frontend.sh) that fetch frontend builds from GitHub Releases (per changelog/docs). Using pip and GitHub Releases is normal, but any update/download scripts should be reviewed before execution.
Credentials
No required environment variables or primary credential declared. The example config.json exposes an optional 'auth' / API key field for ComfyUI servers (documented in changelog). Requesting optional API keys in per-server config is proportional to multi-server/cloud node support; the SKILL.md does not ask for unrelated secrets or multiple unrelated credentials.
Persistence & Privilege
Skill is not always-enabled and is user-invocable by default. It persists state locally under its data/ and config.json files (expected behavior). The only notable privilege is that the skill can start a local web UI (FastAPI) which opens a local HTTP port and increases the local attack surface if exposed — SKILL.md instructs running it locally.
Assessment
This skill appears to do what it says: map agent requests into ComfyUI workflows, run them, and manage results. Before installing or running it: (1) Verify the comfyui-skill-cli package source (PyPI/GitHub) before pip-installing. (2) Inspect update.sh and scripts/update_frontend.sh before running them — they pull remote assets and will write to disk. (3) Keep any API keys or auth tokens in config.json (the repo notes it is gitignored); do not commit secrets. (4) Run the web UI only on localhost and avoid exposing port 18189 to untrusted networks. (5) If you need stronger isolation, run the skill/UI in a container or dedicated VM. If you want, I can scan specific files (ui/app.py, update.sh, scripts/update_frontend.sh) for network calls or suspicious constructs before you run anything.
!
config.example.json:6
Install source points to URL shortener or raw IP.
About static analysis
These patterns were detected by automated regex scanning. They may be normal for skills that integrate with external APIs. Check the VirusTotal and OpenClaw results above for context-aware analysis.

Like a lobster shell, security has layers — review code before you run it.

latestvk972txrrs28e4fqfb3py9pjcad842fkb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments