ComfyUI Painter
WarnAudited by ClawScan on May 10, 2026.
Overview
This mostly matches a local ComfyUI image-generation workflow, but it uses overbroad local process control, exposes ComfyUI on all network interfaces, and relies on under-declared credentials/download behavior.
Review this skill before installing. It appears coherent for local ComfyUI generation, but you should bind ComfyUI to localhost, fix shutdown so it only stops ComfyUI, verify Discord posting and credentials, and only download trusted models with safe filenames and hash checks.
Findings (7)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Other machines that can reach the host may be able to access the ComfyUI API and submit jobs, depending on firewall and network settings.
The skill starts ComfyUI bound to all network interfaces rather than only localhost, even though the described workflow is local.
-ArgumentList '{COMFY['main_path']}','--listen','0.0.0.0','--port','{COMFY['port']}'Bind ComfyUI to 127.0.0.1 by default, or clearly document and protect remote access with firewall rules and authentication.
Using the skill’s stop or idle-shutdown behavior could forcibly terminate unrelated Python work and cause data loss or service disruption.
The shutdown command targets every Windows process named python, not just the ComfyUI process started by this skill.
Get-Process python -ErrorAction SilentlyContinue | Stop-Process -Force
Track and stop only the specific ComfyUI process by PID, command line, or working directory, and avoid force-killing unrelated Python processes.
Generated images may be shared with members of that Discord channel, which matters if the prompt or output is private or sensitive.
The skill is designed to send generated files to a fixed Discord channel after generation.
生成完成后,将图片 cp 到 workspace 临时目录,用 message tool 发送到 #🎨-画图 频道(channel:1476675131404193823)。
Confirm the target channel and require explicit user approval before posting sensitive or unexpected outputs.
A bad or mistaken model-download request could fetch untrusted content or write outside the intended checkpoint directory if a crafted filename is used.
The visible downloader code lets an argument control both the download URL and output filename/path, without showing URL allowlisting, basename sanitization, or hash verification before curl is invoked.
def download_model(url, dest_dir=None, filename=None): ... dest = os.path.join(dest_dir, filename + ".tmp") ... cmd.append(url)
Restrict downloads to expected CivitAI URLs, sanitize filenames to a basename with safe extensions, keep writes inside the model directory, and verify hashes before use.
If used as designed, the skill may act through a Discord bot identity and post into a channel; mishandling that token could affect the Discord workspace.
The design references reading a local OpenClaw Discord bot token, while the registry metadata declares no primary credential and the provided implementation does not show clear token scoping or handling.
**Discord Bot Token**: 从 `~/.openclaw/openclaw.json` 读取
Declare the Discord credential requirement, avoid exposing raw bot tokens to skill code where possible, and limit posting permissions to the intended channel.
The skill may read and send the CivitAI token to CivitAI for searches or downloads, which is expected but should be understood before use.
The skill uses a CivitAI API key for its stated CivitAI integration, but this credential is not declared in the registry metadata.
API Key 存于 `~/.openclaw/workspace/credentials/civitai.md`
Use a dedicated CivitAI token, store it only in the documented credential file, and declare the credential requirement in metadata.
ComfyUI may be stopped automatically after idle time; this is disclosed and purpose-aligned, but should be visible and controllable by the user.
The skill documents a recurring heartbeat action that can shut down ComfyUI outside a direct user generation request.
每次心跳时运行 auto_shutdown.py 检查空闲时间,超过 15 分钟无使用自动关闭 ComfyUI 释放显存。
Make the heartbeat/idle-shutdown integration explicit in setup, allow users to disable it, and pair it with a narrowly scoped shutdown command.