Skillv1.0.0

ClawScan security

Comfyui anfrage · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 11, 2026, 8:27 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly implements a ComfyUI requester, but the documentation, declared requirements, and runtime behavior contain mismatches (and an unnecessary curl requirement), so you should verify intent before installing.
Guidance: This skill's code appears to perform the expected ComfyUI request/poll flow, but the documentation and declared requirements disagree with the implementation. Before installing: (1) confirm you want the default host/port (192.168.179.111:28188) or set COMFYUI_HOST/PORT to your own server; (2) note the SKILL.md says it posts to /run but the code uses /prompt and /history — if your ComfyUI API differs, the skill may fail; (3) the package declares curl as required but the script does not use it — you can remove that requirement or verify why it was declared; (4) if you plan to provide COMFYUI_USER/PASS, ensure credentials are only stored in a secure place; (5) test the CLI in a safe environment against your ComfyUI endpoint to confirm behavior, and consider asking the skill author to correct the documentation or code so endpoints and expectations match.

Review Dimensions

Purpose & Capability: noteThe code implements sending a prompt to a local ComfyUI-like HTTP API (/prompt), polling /history/{prompt_id}, and returning image info and view URLs — this matches the stated purpose of requesting ComfyUI workflows. However the SKILL.md text claims the skill POSTs to /run and expects an 'image' field, which does not match the implementation. The skill also hardcodes a default LAN IP (192.168.179.111) and port (28188) which is plausible for local testing but may be surprising to users.
Instruction Scope: concernThe SKILL.md instructs POSTing to /run and expecting an 'image' field (or base64) but the CLI actually POSTs to /prompt, expects a prompt_id in the response, polls /history/{prompt_id}, and extracts images from outputs. This mismatch could lead to unexpected behavior. The SKILL.md also suggests using a .env file in the skill directory; the code reads environment variables but there is no install step that creates or documents such a file.
Install Mechanism: okThere is no install spec and no remote downloads. The skill is instruction + a small CLI script (Node) — nothing writes arbitrary archives to disk or pulls external code at install-time.
Credentials: noteThe skill does not require any secrets by default. It supports optional COMFYUI_HOST/PORT/USER/PASS and timeout/poll env vars which are reasonable. However the skill metadata and registry list required binaries as node and curl; the included Node script does not call curl, so declaring curl as required is unnecessary and disproportionate. Also the default COMFYUI_HOST is a specific private IP — verify that this default is intended for your environment.
Persistence & Privilege: okThe skill is not always-enabled and does not request elevated privileges or modify other skills or system-wide settings. It executes as a CLI invoked by the agent and only makes HTTP calls to the configured host/port.