comfyui
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [REMOTE_CODE_EXECUTION]: Automated scanners flagged instances of
curl | python3incomfyui_setup.shandSKILL.md. Manual verification confirms these are false positives; the commands use the safejson.toolmodule (e.g.,python3 -m json.tool) to pretty-print API responses for the user, which does not involve executing arbitrary code. - [COMMAND_EXECUTION]: The skill uses
subprocess.runto interact with the localcomfy-cliand perform hardware probes. These calls are executed using argument lists withoutshell=True, which is a secure practice that prevents command injection. The commands are limited to legitimate lifecycle management (installing, launching, and stopping the server). - [DATA_EXFILTRATION]: No unauthorized data exfiltration was detected. The skill includes a proactive security measure in
scripts/_common.pythat strips sensitive headers (includingX-API-KeyandAuthorization) when an HTTP redirect crosses to a different host. This prevents authentication tokens from being leaked to external storage backends like S3 during file downloads. - [DATA_EXPOSURE]: The executor script
scripts/run_workflow.pyimplements asafe_path_joinutility. This ensures that any filenames provided by a remote ComfyUI server (which could contain path traversal sequences like../) are restricted to the user-specified output directory, preventing arbitrary file writes. - [EXTERNAL_DOWNLOADS]: The skill facilitates the download of AI models and software dependencies from well-known and trusted platforms, including GitHub, HuggingFace, and Comfy Cloud. These downloads are central to the skill's purpose and are performed through the official
comfy-clitool. - [CREDENTIALS_UNSAFE]: No hardcoded secrets were found. The skill manages authentication via environment variables and placeholders, which is the standard and safe approach for handling API keys.
Audit Metadata