ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

ComfyUI Automation

v1.0.0

Use when you need to automate ComfyUI tasks. This skill provides instructions and scripts for installing ComfyUI, parsing API-format workflow JSON files, che...

0· 134·0 current·0 all-time
by@nhuquangls

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for nhuquangls/comfyui-automation.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "ComfyUI Automation" (nhuquangls/comfyui-automation) from ClawHub.
Skill page: https://clawhub.ai/nhuquangls/comfyui-automation
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install comfyui-automation

ClawHub CLI

Package manager switcher

npx clawhub@latest install comfyui-automation
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match what the skill does: installing ComfyUI, parsing API-format workflow JSON, checking for required model files, and running workflows via the local API. The included analyze_models.py and the SKILL.md steps correspond to these tasks; required artifacts (git clone, pip install, wget for model files) are appropriate for this purpose.
Instruction Scope
Instructions reference only the ComfyUI workspace and typical install/runtime operations. They do hard-code the /root/.openclaw/workspace path which may not match all environments and could cause the agent to look in a privileged location; otherwise the steps (creating venv, pip installing requirements, cloning custom node repos, using wget to fetch model weights, and posting to the local ComfyUI API) are within the stated scope. The skill does tell the agent to run network operations (git clone, pip install, wget) which are necessary for installing third-party code and models but should be executed only against trusted sources.
Install Mechanism
This is an instruction-only skill (no automated install spec). The SKILL.md instructs cloning from GitHub and pip-installing requirements, and to download models (suggesting Hugging Face links). Those are standard for installing ComfyUI, and the GitHub URL used is the official ComfyUI repo. Still, pip-installing arbitrary third-party custom node requirements can install arbitrary code—this is expected but poses normal supply-chain risk.
Credentials
The skill declares no required environment variables or credentials and the included code does not attempt to read secrets. It does assume read/write access to /root/.openclaw/workspace/ComfyUI (a specific path) and to create virtualenvs there; access to that workspace is required for its stated functionality but may be inappropriate if the agent runs under a different user or in a restricted environment.
Persistence & Privilege
always is false and the skill does not request permanent presence or modify other skills or system-wide agent settings. It does instruct installing software into a workspace and cloning repositories, which is normal for setting up ComfyUI but not an elevated platform privilege.
Assessment
This skill appears coherent for automating ComfyUI, but before installing or running it: (1) confirm you trust the GitHub repositories and any custom-node repos you clone—pip installing their requirements runs arbitrary code; (2) adjust the hard-coded path (/root/.openclaw/workspace/ComfyUI) if your agent runs under a different user or in a container; (3) only download model files from trusted sources (Hugging Face model pages you verify); (4) run these operations in an isolated environment (VM/container) if you are concerned about supply-chain risk; and (5) inspect any custom nodes' requirements.txt and code before pip installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97af2t54q7j25nbefw6wm99ex84v75v
134downloads
0stars
1versions
Updated 1w ago
v1.0.0
MIT-0
@nhuquangls
latest
Download

ComfyUI Automation Skill

This skill provides a reliable, standardized workflow for interacting with ComfyUI. It is specifically designed to be easily executed by automated agents.

1. Environment Setup & Verification

ComfyUI should be installed in the primary workspace. Never install directly using root pip to avoid OS conflicts (PEP 668); always use a virtual environment (venv).

Check if installed:

ls /root/.openclaw/workspace/ComfyUI/venv/bin/activate

If missing, install:

cd /root/.openclaw/workspace
git clone https://github.com/comfyanonymous/ComfyUI.git
cd ComfyUI
python3 -m venv venv
source venv/bin/activate
pip install --upgrade pip
pip install -r requirements.txt

2. Workflow Format

ComfyUI workflows must be in API Format (a flat JSON dictionary where keys are stringified Node IDs). If the user provides a standard UI format JSON (which contains links, pos, groups arrays), kindly request the API Format or use an appropriate converter.

3. Checking and Downloading Missing Models

Workflows will fail if the required weights (UNet, Checkpoints, VAE, LoRA, CLIP) are missing from the ComfyUI/models/ subdirectories. To avoid redownloading large files, always check if the file exists first.

Use the provided script to scan the workflow JSON for model requirements and check them against the local directory:

python3 scripts/analyze_models.py /path/to/workflow_api.json /root/.openclaw/workspace/ComfyUI

Downloading: If models are missing, formulate a download script. Always use wget -nc (no clobber) or -c (continue) to prevent overwriting or duplicate downloads. Example:

cd /root/.openclaw/workspace/ComfyUI/models/checkpoints
wget -nc https://huggingface.co/path/to/model.safetensors

4. Execution via API

Do not try to run ComfyUI workflows by modifying the UI state. Instead:

  1. Ensure the ComfyUI server is running locally (usually port 8188).
  2. Write a lightweight Python wrapper that loads the API JSON, alters necessary parameters (like Prompts or Seeds), and posts it to the API.

Example Python Wrapper:

import json, urllib.request, random

# 1. Load the template
with open("workflow_api.json", "r") as f:
    workflow = json.load(f)

# 2. Inject user variables (Identify the correct Node IDs beforehand)
# workflow["27"]["inputs"]["text"] = "A beautiful sunset..."
# workflow["3"]["inputs"]["seed"] = random.randint(1, 9999999)

# 3. Submit to API
payload = json.dumps({"prompt": workflow}).encode('utf-8')
req = urllib.request.Request("http://127.0.0.1:8188/prompt", data=payload)
req.add_header('Content-Type', 'application/json')
res = json.loads(urllib.request.urlopen(req).read())
print(f"Prompt queued with ID: {res['prompt_id']}")

5. Error Handling & Reporting

  • Missing Nodes: If the API returns an error about a missing class/node, locate the corresponding Custom Node repository, clone it into ComfyUI/custom_nodes/, and pip install -r requirements.txt inside its folder using the venv.
  • OOM (Out of Memory): If the GPU runs out of VRAM, suggest adding optimization arguments like --lowvram to the ComfyUI startup command.
  • Reporting: Always report the explicit failure reason to the user, including which node failed and what is missing.

Comments

Loading comments...