ComfyUI TTS
PassAudited by ClawScan on May 1, 2026.
Overview
This skill appears to be a straightforward ComfyUI text-to-speech wrapper, with expected network use and optional local audio file saving that users should configure carefully.
Before installing, confirm you trust the ComfyUI host you configure, avoid sending sensitive text to unknown servers, choose output paths carefully, and keep advanced option values within the documented ranges.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If COMFYUI_HOST points to a remote or untrusted server, the text being converted to speech is shared with that server.
The script sends the TTS workflow, including the requested text, to the configured ComfyUI server over HTTP.
COMFYUI_URL="http://${COMFYUI_HOST}:${COMFYUI_PORT}" ... -d "$PAYLOAD" "${COMFYUI_URL}/prompt"Use a trusted ComfyUI instance, preferably local for sensitive text, and avoid sending private content to unknown hosts.
The skill can create or overwrite the file path chosen for audio output.
When an output path is provided, the script creates the destination directory if needed and writes the downloaded audio file there.
if [ -n "$OUTPUT_FILE" ]; then ... mkdir -p "$OUTPUT_DIR" ... curl -s -o "$OUTPUT_FILE" "$VIEW_URL"
Choose a safe output location and avoid pointing the output option at important existing files.
Unusual option values could produce malformed or unintended ComfyUI workflow requests.
Several command-line option values are interpolated directly into the ComfyUI workflow JSON rather than being JSON-escaped or validated like the main text field.
--character) CHARACTER="$2" ... "character": "${CHARACTER}" ... "model_size": "${MODEL_SIZE}" ... "top_p": ${TOP_P}Use the documented option values; maintainers should validate numeric options and JSON-escape string options before building the workflow.