registry  /  comfyui-mcp  /  0.27.0

comfyui-mcp@0.27.0

Local-first, agent-native control plane for ComfyUI — MCP server + autonomous sidebar agent that drives your live graph in natural language on ANY LLM: Claude/ChatGPT/Gemini on your subscription (no API key), free local models via Ollama (fully offline)

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 16 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShellWebSocket
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 193 file(s), 1.78 MB of source, external domains: 127.0.0.1, abcd-8188.proxy.runpod.net, api.comfy.org, api.github.com, api.runpod.io, civitai.com, cloud.comfy.org, comfyui-mcp.artokun.io, docs.comfy.org, example.invalid, github.com, hub.docker.com, huggingface.co, mcp.civitai.com, ollama.com, openrouter.ai, raw.githubusercontent.com, registry.comfy.org, registry.npmjs.org, www.w3.org

Source & flagged code

9 flagged · loading source
package.jsonView file
scripts.postinstall = node scripts/postinstall.mjs
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
dist/services/node-management.jsView file
1import { execFileSync } from "node:child_process"; L2: import { createHash, randomUUID } from "node:crypto";
High
Child Process

Package source references child process execution.

dist/services/node-management.jsView on unpkg · L1
dist/services/env-capabilities.jsView file
6// L7: // Every probe is best-effort and time-bounded: a hung ComfyUI, a slow PowerShell, L8: // or a missing python must NEVER stall session start. Each field degrades to
High
Shell

Package source references shell execution.

dist/services/env-capabilities.jsView on unpkg · L6
dist/utils/optional-dep.jsView file
13try { L14: const mod = (await import(spec)); L15: cache.set(spec, mod);
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/utils/optional-dep.jsView on unpkg · L13
dist/services/crash-log.jsView file
191size > MAX_TAIL_BYTES L192: ? buf.subarray(size - MAX_TAIL_BYTES).toString("utf8") L193: : buf.toString("utf8");
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/services/crash-log.jsView on unpkg · L191
scripts/codex-parity-smoke.mjsView file
12L13: import { spawn } from "node:child_process"; L14: import { fileURLToPath } from "node:url"; L15: import net from "node:net"; L16: import { WebSocket } from "ws"; L17: L18: const PORT = Number(process.env.TEST_PORT || 9141); L19: const MCP_ENTRY = fileURLToPath(new URL("../dist/index.js", import.meta.url));
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

scripts/codex-parity-smoke.mjsView on unpkg · L12
dist/services/self-update.jsView file
21import { existsSync, lstatSync, readFileSync, realpathSync } from "node:fs"; L22: import { execFile } from "node:child_process"; L23: import { dirname, join, resolve } from "node:path"; ... L37: try { L38: const res = await fetch(`https://registry.npmjs.org/${PACKAGE_NAME}/latest`, { L39: signal: AbortSignal.timeout(REGISTRY_TIMEOUT_MS), ... L43: return undefined; L44: const json = (await res.json()); L45: return typeof json.version === "string" ? json.version : undefined; ... L55: // so there is no shell-injection surface. L56: const isWin = process.platform === "win32"; L57: const cmd = isWin ? "npm.cmd" : "npm";
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

dist/services/self-update.jsView on unpkg · L21
packs/qwen-image-edit-edit/install-windows.batView file
path = packs/qwen-image-edit-edit/install-windows.bat kind = build_helper sizeBytes = 3162 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

packs/qwen-image-edit-edit/install-windows.batView on unpkg
dist/orchestrator/gemini-backend.jsView file
matchType = previous_version_dangerous_delta matchedPackage = comfyui-mcp@0.24.5 matchedIdentity = npm:Y29tZnl1aS1tY3A:0.24.5 similarity = 0.825 summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

dist/orchestrator/gemini-backend.jsView on unpkg

Findings

6 High5 Medium5 Low
HighInstall Time Lifecycle Scriptspackage.json
HighChild Processdist/services/node-management.js
HighShelldist/services/env-capabilities.js
HighSame File Env Network Executionscripts/codex-parity-smoke.mjs
HighSandbox Evasion Gated Capabilitydist/services/self-update.js
HighPrevious Version Dangerous Deltadist/orchestrator/gemini-backend.js
MediumDynamic Requiredist/utils/optional-dep.js
MediumNetwork
MediumEnvironment Vars
MediumShips Build Helperpacks/qwen-image-edit-edit/install-windows.bat
MediumStructural Risk Force Deep Review
LowScripts Present
LowWeak Cryptodist/services/crash-log.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings