Skip to content
ai-supply.store
ExplorarCategoriasClassificaçõesComunidadeAgent APIFAQ
EntrarCadastre-se grátis
catalog / Vision & Image / ComfyUI
⌬WorkflowVision & ImageFree

ComfyUI

Modular node-graph GUI, API, and backend for diffusion-model image/media generation pipelines.

@ai-supply
Instalações35k
↗ Repositório fonte
← More Vision & ImageVision & Image leaderboard →How we grade security →Source ↗

ComfyUI

ComfyUI is a powerful, modular GUI, API, and backend for diffusion models, built around a graph/node interface where you wire up generation pipelines visually.

Users compose reusable workflows for image (and video/audio) generation, ControlNet, upscaling, LoRA, and custom nodes — giving fine-grained control without writing code, while remaining fully scriptable via its API.

GPL-3.0 licensed; the de-facto workflow engine for advanced Stable Diffusion and generative-media pipelines.

Rating rank
#1
of 12 in Vision & Image
Install rank
#11
of 12 in Vision & Image
Security score
0/100 · D
review
Security rank
#12
of 12 in Vision & Image
Installs
35k
cat avg 279k
This listing vs category average
Installs
this
cat avg
Security (of 100)
this
cat avg
Adoption trend
See the Vision & Image leaderboard →
! Security: Review · 00/100 · grade Dscanned 15h ago
⚠ 3 compromise signals19 risk-surface · 10/20 OWASP controls flagged

Compromise signals — malicious or tampered code (leaked secrets, backdoors, a dropped executable) — reduce the score, and known dependency CVEs carry a bounded penalty (they warrant review but never QUARANTINE — update the dependency to clear). Other dangerous-by-capability traits are risk surface, expected for some capabilities. Every finding is mapped to its OWASP control below.

What this capability can do · med confidence (static)
⚑ filesystem⚑ shell⚑ network⚑ secrets
egress → coderabbit.ai, docs.comfy.org, app.element.io, discord.gg, ci.comfy.org, api.github.com, download.pytorch.org, www.python.org +20
94 steps⚑ uses secretscoderabbit.aidocs.comfy.orggithub.comapp.element.iodiscord.ggactions/github-script@v7actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd

Findings mapped to the OWASP Top 10 for LLM Applications (2025) and the OWASP Machine Learning Security Top 10. Expand any flagged control for the exact findings — compromise reduces the score; expected/risk-surface do not.

OWASP Top 10 for LLM Applications
⚠LLM01Prompt Injectioncompromise · high
Adversarial instructions embedded in an artifact that hijack a downstream LLM.
•Prompt-injection phrasing — instruction-subversion language detected · Comfy-Org-ComfyUI-b08debc/SECURITY.md (CWE-77)risk surface
•Trojan-source (bidi) characters — Unicode bidirectional overrides can hide code from reviewers · Comfy-Org-ComfyUI-b08debc/comfy/text_encoders/ace_lyrics_tokenizer/vocab.json (CWE-1007)compromise
⚠LLM02Sensitive Information Disclosurecompromise · high
Secrets, credentials or PII shipped inside the artifact.
•Embedded credentials — found: hardcoded credential · Comfy-Org-ComfyUI-b08debc/comfy/model_detection.py (CWE-798)compromise
•Verified secret leak (deep scan) — 1 leak(s): generic-api-key (CWE-798)compromise
⚠LLM07System Prompt Leakagecompromise · high
Secrets, internal hosts or proprietary logic exposed in shipped prompts.
•Embedded credentials — found: hardcoded credential · Comfy-Org-ComfyUI-b08debc/comfy/model_detection.py (CWE-798)compromise
•Verified secret leak (deep scan) — 1 leak(s): generic-api-key (CWE-798)compromise
⚠LLM03Supply Chaincritical
Vulnerable/compromised dependencies, models or archives in the artifact.
•Dependency manifest — 1 pip requirements declared · Comfy-Org-ComfyUI-b08debc/manager_requirements.txtrisk surface
•Dependency manifest — 35 pip requirements declared · Comfy-Org-ComfyUI-b08debc/requirements.txtrisk surface
•Dependency manifest — 4 pip requirements declared · Comfy-Org-ComfyUI-b08debc/tests-unit/requirements.txtrisk surface
•Vulnerable dependencies — 89 known vulnerabilities in: gitpython@3.1.9, idna@3.9.0, pyjwt@2.9.0, uv@0.9.9, aiohttp@3.11.8, pydantic@2.0, simpleeval@1.0.0, transformers@4.50.3 (CWE-1395)known CVE · -25 pts
⚠LLM06Excessive Agencyhigh
Over-broad tool/permission surface or unrestricted egress.
•External endpoints declared — 1 distinct host(s) · Comfy-Org-ComfyUI-b08debc/.ci/windows_amd_base_files/README_VERY_IMPORTANT.txtrisk surface
•External endpoints declared — 3 distinct host(s) · Comfy-Org-ComfyUI-b08debc/.github/ISSUE_TEMPLATE/config.ymlrisk surface
•External endpoints declared — 2 distinct host(s) · Comfy-Org-ComfyUI-b08debc/.github/ISSUE_TEMPLATE/feature-request.ymlrisk surface
•External endpoints declared — 4 distinct host(s) · Comfy-Org-ComfyUI-b08debc/.github/workflows/windows_release_nightly_pytorch.ymlrisk surface
•External endpoints declared — 20 distinct host(s) · Comfy-Org-ComfyUI-b08debc/README.mdrisk surface
•Broad capability surface — 4 high-impact capability categories referenced — verify least-privilege · Comfy-Org-ComfyUI-b08debc/comfy/text_encoders/hydit_clip_tokenizer/vocab.txt (CWE-272)risk surface
•Broad capability surface — 3 high-impact capability categories referenced — verify least-privilege · Comfy-Org-ComfyUI-b08debc/openapi.yaml (CWE-272)risk surface
•Egress to a private/loopback host — 127.0.0.1 · Comfy-Org-ComfyUI-b08debc/script_examples/basic_api_example.py (CWE-918)risk surface
⚠LLM05Improper Output Handlingmedium
Code that pipes model/user output into shell, eval, SQL or paths unsafely.
•Path traversal sequences — '../' present in content or name · Comfy-Org-ComfyUI-b08debc/.ci/update_windows/update_comfyui.bat (CWE-22)risk surface
•Suspicious code patterns — dynamic code execution · Comfy-Org-ComfyUI-b08debc/comfy/audio_encoders/audio_encoders.py (CWE-95)risk surface
•Suspicious code patterns — OS command execution · Comfy-Org-ComfyUI-b08debc/cuda_malloc.py (CWE-78)risk surface
⚠LLM10Unbounded Consumptionmedium
Unbounded loops/recursion causing DoS or runaway cost.
Enforced at runtime by the gateway (rate limits + spend caps + size caps); static check flags unbounded loops.
•Potentially unbounded loop — an infinite loop (while True / while(1) / for(;;)) may cause runaway consumption · Comfy-Org-ComfyUI-b08debc/app/assets/api/routes.py (CWE-835)risk surface
§LLM09MisinformationGovernance
Artifacts designed to produce false/deceptive output.
Detectable only by runtime behavioral evaluation; addressed via responsible-use attestation.
✓LLM04Data and Model PoisoningPassed
Backdoors/poisoning in training data or serialized models.
Behavioral poisoning needs model execution; static check covers unsafe serialization + dataset skew only.
✓LLM08Vector and Embedding WeaknessesPassed
PII or plaintext source leakage in embedding/vector exports.
Embedding inversion/poisoning is largely runtime; static check covers PII in vector exports.
OWASP Machine Learning Security Top 10
⚠ML06AI Supply Chaincritical
Compromised PyPI/npm packages, typosquats, unsafe serialized models.
•Dependency manifest — 1 pip requirements declared · Comfy-Org-ComfyUI-b08debc/manager_requirements.txtrisk surface
•Dependency manifest — 35 pip requirements declared · Comfy-Org-ComfyUI-b08debc/requirements.txtrisk surface
•Dependency manifest — 4 pip requirements declared · Comfy-Org-ComfyUI-b08debc/tests-unit/requirements.txtrisk surface
•Vulnerable dependencies — 89 known vulnerabilities in: gitpython@3.1.9, idna@3.9.0, pyjwt@2.9.0, uv@0.9.9, aiohttp@3.11.8, pydantic@2.0, simpleeval@1.0.0, transformers@4.50.3 (CWE-1395)known CVE · -25 pts
⚠ML02Data Poisoninghigh
Poisoned training datasets with triggers or anomalous distributions.
Static check covers trigger phrasing, PII and label skew; full poisoning detection is runtime.
•Prompt-injection phrasing — instruction-subversion language detected · Comfy-Org-ComfyUI-b08debc/SECURITY.md (CWE-77)risk surface
⚠ML09Output Integritymedium
Middleware tampering with model outputs in transit.
Gateway enforces TLS + response integrity; static check flags output-rewriting code.
•Path traversal sequences — '../' present in content or name · Comfy-Org-ComfyUI-b08debc/.ci/update_windows/update_comfyui.bat (CWE-22)risk surface
•Suspicious code patterns — dynamic code execution · Comfy-Org-ComfyUI-b08debc/comfy/audio_encoders/audio_encoders.py (CWE-95)risk surface
•Suspicious code patterns — OS command execution · Comfy-Org-ComfyUI-b08debc/cuda_malloc.py (CWE-78)risk surface
§ML01Input Manipulation (Adversarial)Governance
Models vulnerable to adversarial perturbations.
Requires runtime robustness evaluation; addressed via publisher robustness attestation.
§ML03Model InversionGovernance
Training data reconstructable from a model's outputs.
Runtime/evaluation property; addressed via model-card data-provenance + DP attestation.
§ML04Membership InferenceGovernance
Determining whether a record was in the training set.
Runtime/evaluation property; addressed via overfitting disclosure + DP attestation.
§ML08Model SkewingGovernance
Models trained on skewed data producing biased output.
Requires fairness evaluation; addressed via model-card bias/limitations disclosure.
✓ML05Model TheftPassed
Unlicensed re-distribution / license-incompatible derivatives.
Static check verifies license declaration; extraction throttling is runtime.
✓ML07Transfer Learning AttackPassed
Backdoored base models / LoRA adapters propagating to derivatives.
Backdoor detection needs behavioral probing; static check covers unsafe serialization + provenance.
✓ML10Model Poisoning (Weights)Passed
Tampered model weight files; integrity must be verifiable.
Static check enforces safe formats + records a content hash for downstream verification.
Other findings (14) · hygiene / uncategorized
•Disallowed file type — '.bat' executables are not permitted · Comfy-Org-ComfyUI-b08debc/.ci/update_windows/update_comfyui.bat (CWE-434)risk surface
•Unrecognized file type — '.gitattributes' is not on the allowlist · Comfy-Org-ComfyUI-b08debc/.gitattributesrisk surface
•Unrecognized file type — '.gitignore' is not on the allowlist · Comfy-Org-ComfyUI-b08debc/.gitignorerisk surface
•Unrecognized file type — '.?' is not on the allowlist · Comfy-Org-ComfyUI-b08debc/CODEOWNERSrisk surface
•Unrecognized file type — '.ini' is not on the allowlist · Comfy-Org-ComfyUI-b08debc/alembic.inirisk surface
•Unrecognized file type — '.mako' is not on the allowlist · Comfy-Org-ComfyUI-b08debc/alembic_db/script.py.makorisk surface
•Unrecognized file type — '.frag' is not on the allowlist · Comfy-Org-ComfyUI-b08debc/blueprints/.glsl/Brightness_and_Contrast_1.fragrisk surface
•Possible obfuscation — very long lines · Comfy-Org-ComfyUI-b08debc/blueprints/Audio Generation (Stable Audio 3 Medium Base).jsonrisk surface
•Suspicious network references — suspicious TLD (3 URLs) · Comfy-Org-ComfyUI-b08debc/blueprints/Text to Image (NetaYume Lumina).jsonrisk surface
•Unrecognized file type — '.pyi' is not on the allowlist · Comfy-Org-ComfyUI-b08debc/comfy_api/latest/generated/ComfyAPISyncStub.pyirisk surface
•Unrecognized file type — '.example' is not on the allowlist · Comfy-Org-ComfyUI-b08debc/custom_nodes/example_node.py.examplerisk surface
•Suspicious network references — raw IP URL (3 URLs) · Comfy-Org-ComfyUI-b08debc/script_examples/basic_api_example.pyrisk surface
•Suspicious network references — suspicious TLD (2 URLs) · Comfy-Org-ComfyUI-b08debc/tests-unit/app_test/frontend_manager_test.pyrisk surface
•Suspicious network references — raw IP URL (1 URLs) · Comfy-Org-ComfyUI-b08debc/tests-unit/assets_test/conftest.pyrisk surface
✔ verified source · pinned Comfy-Org-ComfyUI-b08debc
Check against a policy

The same gate an agent runs before installing (POST /api/v1/trust/comfyui/check). Click a policy:

Consume ComfyUI programmatically. Authenticate with an API key or session — see Authorize an agent.

# Agents: CHECK BEFORE YOU INSTALL (no auth) — score, grade, level, capability manifest
curl https://ai-supply.store/api/v1/trust/comfyui

# Gate against your org policy (returns { pass, violations })
curl -X POST https://ai-supply.store/api/v1/trust/comfyui/check \
  -H "Content-Type: application/json" \
  -d '{"minGrade":"B","denyPermissions":["shell"],"denyUnknownEgress":true}'

# CLI
npx ai-supply add comfyui

# REST (install → download)
curl -X POST https://ai-supply.store/api/v1/listings/comfyui/install \
  -H "Authorization: Bearer $AIM_KEY"

# MCP tool
install_listing({ "slug": "comfyui" })
OpenAPI spec →
vlatest
! Security: Review · 017h ago

Curated mirror — latest upstream source. See the repository for tagged releases.

Sign in and install this listing to leave a review.

More from @ai-supply

View profile →
◉Agent
MetaGPT
Multi-agent framework that assigns GPT roles (PM, engineer, QA) to solve complex software tasks end-to-end.
↓ 1.0M
⇄Connector
vLLM
High-throughput, memory-efficient LLM inference engine with PagedAttention and continuous batching.
↓ 892k
⇄Connector
Meilisearch
Lightning-fast open-source search engine with typo-tolerance, semantic hybrid search, and sub-50ms response times.
↓ 811k
△Eval
Weights & Biases (wandb)
ML experiment tracking and visualization — log metrics, hyperparameters, models, and media in real time.
↓ 784k
ai-supply.store

Recursos de IA gratuitos e com segurança verificada — skills, MCPs, plugins, agents, datasets e muito mais, cada um com nota e acompanhamento de atualização, feitos tanto para pessoas quanto para agents.

api · v3.1status · all green
Contato
support@ai-supply.storesecurity@ai-supply.store
Catálogo
  • Explorar
  • Categorias
  • Classificações
  • Benchmarks
  • Segurança
Comunidade
  • Comunidade
  • FAQ
Para agentes
  • Início rápido (60s)
  • Autorizar um agente
  • Agent API
  • Especificação OpenAPI
Para desenvolvedores
  • Publicar
  • Painel
Conta
  • Criar conta
  • Entrar
  • Configurações
Legal
  • Termos
  • Acordo de editor
  • Uso aceitável
  • Privacidade