PSA: A possible malware disguised as ComfyUI custom node Claude skills on GitHub
I was looking for some Claude skills to help create a custom node for Comfyui. And I found two:
https://github.com/jtydhr88/comfyui-custom-node-skills
https://github.com/MusfiqurRahma/comfyui-custom-node-skills
And noticed that the second is basically the same as the first even if it' is not a fork, and it's bigger! so I downloaded and checked the zip and found that there is another zip in one of the subfolders with three files:
https://preview.redd.it/456s9di0sx5h1.png?width=667&format=png&auto=webp&s=72dc706827c60e458211ac48503d081e0faf489d
The cmd run "unit.exe packages.txt", and that text files is actually an obfuscated lua(?) script. Moreover, all the links in their newly created/modified README are changed to download this particular inside zip.
I dunno how to report a Github repos, but I'm creating an account now to do it. In the meanwhile, i wanted to warn people from it.
https://redd.it/1tzq7js
@rStableDiffusion
I was looking for some Claude skills to help create a custom node for Comfyui. And I found two:
https://github.com/jtydhr88/comfyui-custom-node-skills
https://github.com/MusfiqurRahma/comfyui-custom-node-skills
And noticed that the second is basically the same as the first even if it' is not a fork, and it's bigger! so I downloaded and checked the zip and found that there is another zip in one of the subfolders with three files:
https://preview.redd.it/456s9di0sx5h1.png?width=667&format=png&auto=webp&s=72dc706827c60e458211ac48503d081e0faf489d
The cmd run "unit.exe packages.txt", and that text files is actually an obfuscated lua(?) script. Moreover, all the links in their newly created/modified README are changed to download this particular inside zip.
I dunno how to report a Github repos, but I'm creating an account now to do it. In the meanwhile, i wanted to warn people from it.
https://redd.it/1tzq7js
@rStableDiffusion
GitHub
GitHub - jtydhr88/comfyui-custom-node-skills: A curated collection of [Claude Code skills](https://docs.anthropic.com/en/docs/claude…
A curated collection of [Claude Code skills](https://docs.anthropic.com/en/docs/claude-code/skills) for developing ComfyUI custom nodes. These skills give Claude comprehensive knowledge of the Comf...
An experiment: recreate JSON-prompted closed model image in Ideogram 4
https://redd.it/1tzr6ci
@rStableDiffusion
https://redd.it/1tzr6ci
@rStableDiffusion
Ideogram 4 isn't overhyped, it's underrated
Just to set some context before I dive in. I'm not someone who gets hyped over every new model that drops. Ernie, MS Lens, HiDream, even ZiT (sorry ZiT fans)... I thought most of them were overhyped. Z-Image is solid, but I personally stick to Flux and Qwen Image. So when I say Ideogram is the first model since Z-Image that genuinely caught my attention, that means something. And it did not disappoint.
I think this is the closest we've gotten to NB or GPT Image quality in an open model. In some cases, depending on how you prompt it, I'd argue it's even better. And keep in mind that this is the model with zero LoRAs, no custom nodes or months worth of community optimizations. This is the floor, the worst it'll ever be, and it's already impressive.
On the safety filter
I haven't had a single image blocked. I'm using Kijai's JSON prompt builder workflow along with the safety filter bypass node, and it handles explicit content without issues. The only real limitation is genitals looking a bit rough, but that's an expected model constraint, not a filter problem. Hopefully that can be fixed through training.
On generation times
If your 3090 or 5070 is taking 15 minutes per image, something is wrong with your setup. I'm running 2MP images at 20 steps in about 2 minutes. Drop to 1MP and 12 steps and you're at roughly 30 seconds. Quality takes a hit, but it's perfectly fine for quick scene testing. I have a 4080 and 64GB DDR4 RAM.
On JSON prompting
This is the complaint I find most frustrating, because it's largely a non-issue. It's not like you have to write JSON by hand - there's already a node that lets you visually draw and build your scene, which generates the JSON for you. If you don't want to do even that, you can just write a normal prompt and have an LLM convert it. Having fine-grained control over composition and scene layout is a feature, not a burden. I'd much rather place elements deliberately than write a wall of text and hope the model interprets it correctly. People have been asking for open models that compete with closed ones, and now that we have one with this level of control, it seems odd to complain about that being the issue.
This is still "v1", no community fine-tunes, no loras, no custom nodes (except for the ones mentioned), no optimized workflows, nothing. It's only going to get better from here. I really hope the community gets behind it. A few months of training and experimentation and we could have something special.
The main reason I wrote this is because I keep seeing criticism that just doesn't match my experience with the model, and I wanted to push back on some of it with some actual context.
https://redd.it/1tzwl34
@rStableDiffusion
Just to set some context before I dive in. I'm not someone who gets hyped over every new model that drops. Ernie, MS Lens, HiDream, even ZiT (sorry ZiT fans)... I thought most of them were overhyped. Z-Image is solid, but I personally stick to Flux and Qwen Image. So when I say Ideogram is the first model since Z-Image that genuinely caught my attention, that means something. And it did not disappoint.
I think this is the closest we've gotten to NB or GPT Image quality in an open model. In some cases, depending on how you prompt it, I'd argue it's even better. And keep in mind that this is the model with zero LoRAs, no custom nodes or months worth of community optimizations. This is the floor, the worst it'll ever be, and it's already impressive.
On the safety filter
I haven't had a single image blocked. I'm using Kijai's JSON prompt builder workflow along with the safety filter bypass node, and it handles explicit content without issues. The only real limitation is genitals looking a bit rough, but that's an expected model constraint, not a filter problem. Hopefully that can be fixed through training.
On generation times
If your 3090 or 5070 is taking 15 minutes per image, something is wrong with your setup. I'm running 2MP images at 20 steps in about 2 minutes. Drop to 1MP and 12 steps and you're at roughly 30 seconds. Quality takes a hit, but it's perfectly fine for quick scene testing. I have a 4080 and 64GB DDR4 RAM.
On JSON prompting
This is the complaint I find most frustrating, because it's largely a non-issue. It's not like you have to write JSON by hand - there's already a node that lets you visually draw and build your scene, which generates the JSON for you. If you don't want to do even that, you can just write a normal prompt and have an LLM convert it. Having fine-grained control over composition and scene layout is a feature, not a burden. I'd much rather place elements deliberately than write a wall of text and hope the model interprets it correctly. People have been asking for open models that compete with closed ones, and now that we have one with this level of control, it seems odd to complain about that being the issue.
This is still "v1", no community fine-tunes, no loras, no custom nodes (except for the ones mentioned), no optimized workflows, nothing. It's only going to get better from here. I really hope the community gets behind it. A few months of training and experimentation and we could have something special.
The main reason I wrote this is because I keep seeing criticism that just doesn't match my experience with the model, and I wanted to push back on some of it with some actual context.
https://redd.it/1tzwl34
@rStableDiffusion
Reddit
From the StableDiffusion community on Reddit
Explore this post and more from the StableDiffusion community
ComfyUI Tutorial: LTX 2.3 Obscura LORA Remove Objects From Videos With Prompts
https://youtu.be/UtLKnkzYyPE
https://redd.it/1u010u8
@rStableDiffusion
https://youtu.be/UtLKnkzYyPE
https://redd.it/1u010u8
@rStableDiffusion
YouTube
ComfyUI Tutorial: LTX 2.3 Can Now Remove Objects From Videos With Prompts #comfyuitutorial #ltx2
Hello everyone, in this tutorial we will test out another interesting lora named obscura lora that is an LTX 2.3 video-to-video LoRA for occlusion removal, haze cleanup, foreground-object removal, and temporal scene reconstruction. That will allows you to…