comfyui-inventory
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
curlcommands to interact with a local ComfyUI server at127.0.0.1:8188to retrieve system statistics, registered nodes, and model lists. - [COMMAND_EXECUTION]: Metadata in
SKILL.mdindicates a dependency onpwsh(PowerShell Core) and references a local scriptscan-inventory.ps1used for manual cache refreshing. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from the local filesystem and API responses. 1. Ingestion points: Filesystem directories under
COMFYUI_PATHand JSON responses fromhttp://127.0.0.1:8188/object_infoas described inSKILL.md. 2. Boundary markers: Absent; no delimiters or instructions to ignore embedded commands within ingested data are identified. 3. Capability inventory: The skill usescurlfor network requests tolocalhostand performs filesystem directory scans. 4. Sanitization: Absent; the skill does not describe any sanitization or validation logic for the filenames or node names retrieved before caching them instate/inventory.json.
Audit Metadata