ComfyUI Painter
Security checks across static analysis, malware telemetry, and agentic risk
Overview
ComfyUI Painter mostly matches its image-generation purpose, but it opens ComfyUI to all network interfaces and can force-stop unrelated Python programs, so it needs review before use.
Use this skill only if you are comfortable with it starting and stopping local ComfyUI, downloading models, using a CivitAI API key, and posting generated images to Discord. Before installing, change ComfyUI to bind to localhost unless remote access is intentional, replace the all-Python kill command with PID-specific shutdown, validate download filenames, and use scoped credentials.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the host firewall allows it, other machines on the reachable network may be able to access the ComfyUI API and submit generation jobs.
The manager starts ComfyUI bound to all network interfaces even though the skill describes controlling a local ComfyUI API.
'--listen','0.0.0.0','--port','{COMFY['port']}'Bind ComfyUI to 127.0.0.1 by default, document any intentional remote access, and require firewall/authentication controls before listening on 0.0.0.0.
Idle shutdown or a manual stop could terminate unrelated Python apps, notebooks, servers, or user work running on the machine.
The stop routine targets every Python process, not just the ComfyUI process started by this skill.
Get-Process python -ErrorAction SilentlyContinue | Stop-Process -Force
Track the specific ComfyUI process ID or command line and stop only that process; avoid force-killing all Python processes.
A malformed filename containing absolute paths or ../ segments could write outside the intended ComfyUI checkpoint directory if passed through by the agent or user.
The download helper accepts a caller-supplied filename and joins it to the destination directory without visible path validation.
dest = os.path.join(dest_dir, filename + ".tmp"); final = os.path.join(dest_dir, filename)
Normalize to a basename, reject path separators and absolute paths, resolve the final path, verify it remains inside the checkpoint directory, and avoid overwriting existing files without confirmation.
Installing or using the CivitAI features gives this skill access to the user's CivitAI API key for model search/download operations.
The skill reads a local CivitAI API token and sends it as a bearer token to CivitAI for authenticated API/download calls.
cred_file = CREDENTIALS_DIR / "civitai.md" ... cmd.extend(["-H", f"Authorization: Bearer {key}"])Use a scoped CivitAI token, protect the credential file permissions, and document this credential requirement in metadata.
Discord output may use delegated bot/account authority to post generated images to the configured channel.
The design document says Discord posting may use a bot token from OpenClaw's local configuration, although the included scripts do not show direct token handling.
**Discord Bot Token**: 从 `~/.openclaw/openclaw.json` 读取
Prefer a scoped message tool or a narrowly scoped Discord token, and ensure token use is explicitly declared before enabling Discord posting.
ComfyUI may continue running and consuming local GPU/resources until the idle shutdown runs.
The skill is designed to keep ComfyUI running after use and manage it via heartbeat-based idle checks.
心跳时调用 auto_shutdown.py 检查空闲时间,超过 15 分钟无使用自动关闭 ComfyUI
Make the background/heartbeat behavior visible to users and provide an easy manual stop option.