ComfyUI Automation
PassAudited by ClawScan on May 10, 2026.
Overview
This is a coherent ComfyUI automation helper, but it does rely on downloading and installing third-party ComfyUI code, models, and custom nodes.
This skill appears safe for its stated purpose, but it can install ComfyUI, dependencies, models, and custom nodes into your workspace. Before using it, make sure you trust the repositories and model URLs it downloads from, especially any custom nodes selected to satisfy a workflow.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing third-party code can change the local workspace and run code when ComfyUI or its dependencies are used.
The skill instructs installing ComfyUI and Python dependencies from external sources. This is central to the skill's purpose, but users should trust and review those sources.
git clone https://github.com/comfyanonymous/ComfyUI.git ... pip install -r requirements.txt
Use trusted repositories, prefer pinned versions where possible, keep the virtual environment isolated, and review custom nodes before installing them.
A workflow that requires custom nodes may lead to installing additional third-party Python code in the ComfyUI environment.
Custom node installation is expected for ComfyUI workflows, but the repository is not specified or pinned, so the actual installed code is outside the reviewed artifacts.
locate the corresponding Custom Node repository, clone it into `ComfyUI/custom_nodes/`, and `pip install -r requirements.txt` inside its folder
Confirm the custom node repository with the user, inspect its source and requirements, and avoid installing unknown custom nodes automatically.