The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses Python scripts and the sessions_spawn tool to execute background tasks. The provided usage examples include hardcoded file paths (e.g., C:\\Users\\hal\\.openclaw\\workspace) and a specific Telegram recipient ID (595846104).
[EXTERNAL_DOWNLOADS]: The Python script communicates with a local ComfyUI API on localhost:8188 to submit jobs and download generated image data. It also interfaces with Telegram to deliver generated media.
[PROMPT_INJECTION]: The skill processes natural language input from users to generate image prompts, creating a surface for indirect prompt injection.
Ingestion points: Natural language user requests processed in SKILL.md.
Boundary markers: The agent is instructed to use a specific JSON schema for prompts, but lacks instructions to disregard control tokens or embedded commands within that structure.
Capability inventory: scripts/generate.py performs network requests and file system writes; sessions_spawn executes shell commands.
Sanitization: No sanitization of user-provided prompt strings is performed before inclusion in the JSON object or command-line arguments.

comfyui-imagegen