Comfyui Automation Skill
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: comfyui-automation-skill Version: 1.0.1 The skill bundle automates ComfyUI workflows via the RunningHub API (runninghub.cn). While the logic in `comfyui_automation.py` is aligned with the stated purpose, it implements high-risk capabilities including network communication and local file access (reading and uploading files). Per the provided criteria, the presence of these risky capabilities—even when plausibly needed for the skill's function—requires a suspicious classification. No evidence of intentional malice, such as data exfiltration or backdoors, was identified in the code or the `SKILL.md` instructions.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill can act through the RunningHub account associated with the API key, including running workflows and related API operations.
The skill requires a RunningHub API key and correctly marks it as sensitive; this is expected for RunningHub API automation, but it gives the skill delegated access to the user's RunningHub account.
api_key:
type: string
description: "RunningHub API密钥"
required: true
sensitive: trueUse a dedicated or least-privileged RunningHub API key if available, rotate it if exposed, and only provide it to skills you trust.
If the wrong path is provided, a private local file could be uploaded to RunningHub.
The implementation uploads a user-specified local file to RunningHub. This matches the documented image/material upload feature, but local file uploads are a sensitive data flow.
with open(file_path, 'rb') as f:
files = {'file': (filename, f, 'application/octet-stream')}
...
response = requests.post(
upload_url,
headers=upload_headers,
files=files
)Before confirming a run, verify that every local file path points only to the intended image or asset.
Completion information may be sent to the configured webhook endpoint if that option is used.
The skill accepts an optional webhook URL for task completion notifications. This is disclosed and optional, but webhook destinations can be external systems with their own access and data-handling risks.
`webhook_url` (string) [optional]: 用于接收任务完成通知的webhook URL
Only use webhook URLs you control or trust, and avoid sending workflow details to public or shared endpoints unless intended.
Users have less external provenance information for deciding whether to trust the code and publisher.
The registry information does not provide a source repository or homepage. The included artifacts are coherent, but provenance is limited for a networked Python skill.
Source: unknown Homepage: none
Prefer installing from a known publisher or review the included files before providing credentials or uploading private assets.