grtninja/repo-b-mcp-comfy-bridge
skill-candidates/repo-b-mcp-comfy-bridge/SKILL.md
Canonical MCP adapter and Comfy bridge operations for <PRIVATE_REPO_B>. Use when enabling MCP, validating shim.comfy resources/tools, operating workflow/pipeline submissions, or running fail-closed Comfy diagnostics with optional AMUSE and CapCut contract checks.
$ install --global
skillsauthnpx skillsauth add grtninja/skill-arbiter repo-b-mcp-comfy-bridgeInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 5, 2026, 2:37 PM181.9s3 files scanned
SKILL.md
- name:
- repo-b-mcp-comfy-bridge
- description:
- Canonical MCP adapter and Comfy bridge operations for <PRIVATE_REPO_B>. Use when enabling MCP, validating shim.comfy resources/tools, operating workflow/pipeline submissions, or running fail-closed Comfy diagnostics with optional AMUSE and CapCut contract checks.
REPO_B Shim MCP Comfy Bridge
Use this skill as the canonical MCP + Comfy lane in <PRIVATE_REPO_B>.
A legacy local Comfy wrapper is retained for backward-compatible triggers and should route here for new work.
Workflow
- Enforce loopback-only MCP and fail-closed defaults.
- Validate MCP runtime state via
/api/mcp/status. - Apply
/api/mcp/configchanges only when configuration drift is confirmed. - Validate required Comfy resources (
shim.comfy.status,shim.comfy.queue,shim.comfy.history). - Validate Comfy tools (
shim.comfy.prompt.submit,shim.comfy.workflow.submit,shim.comfy.pipeline.run). - Validate optional AMUSE status/capabilities and profile-level CapCut export metadata contracts.
- Fail closed on stale status or schema contract violations.
Scope Boundary
Use this skill for MCP adapter state/config plus shim.comfy.* resource health.
Do not use this skill for:
- OpenAI-thin-waist chat/vision/jobs route debugging.
- Agent Bridge task/write-mode safety lanes.
- Hybrid Windows-host/WSL network topology checks.
Required Environment (PowerShell)
$env:SHIM_ENABLE_MCP = "1"
$env:SHIM_MCP_HOST = "127.0.0.1"
$env:SHIM_MCP_PORT = "9550"
$env:SHIM_MCP_ALLOW_LAN = "0"
$env:MX3_COMFYUI_ENABLED = "1"
$env:MX3_COMFYUI_BASE_URL = "http://127.0.0.1:8188"
$env:MX3_COMFYUI_TIMEOUT_S = "10"
$env:MX3_COMFYUI_DEFAULT_WORKFLOW_PROFILE = "small_video"
$env:MX3_AMUSE_ENABLED = "1"
$env:MX3_AMUSE_BASE_URL = "http://127.0.0.1:3001"
$env:MX3_AMUSE_TIMEOUT_S = "15"
$env:REPO_B_LOCAL_COMFY_ORCH_FAIL_CLOSED = "1"
Runtime/API Checks
curl http://127.0.0.1:9000/api/mcp/status
curl http://127.0.0.1:9000/api/comfy/workflows/templates
curl http://127.0.0.1:9000/api/comfy/pipelines/profiles
curl http://127.0.0.1:9000/api/amuse/status
curl http://127.0.0.1:9000/api/amuse/capabilities
Apply config:
curl -X POST http://127.0.0.1:9000/api/mcp/config \
-H "content-type: application/json" \
-d '{"enabled":true,"persist":true,"apply_now":true}'
Resource Contract Checks
Validate these resource contracts before accepting diagnostics:
shim.comfy.status:enabled=truereachable=true- empty
last_error - fresh
checked_at
shim.comfy.queue:running_prompt_idsandpending_prompt_idslistsrunning_countandpending_countmust match list lengths
shim.comfy.history:entrieslistcountmust matchentrieslength
Workflow/Pipeline Contract Checks
shim.comfy.workflow.submitaccepts one of:workflowobjectworkflow_idworkflow_pathworkflow_profile
shim.comfy.pipeline.runsupports profile defaults and optional AMUSE stage:profilevalues includesmall_video_capcutandquality_video_capcutwait_for_statemust normalize toNONE|QUEUED|RUNNING|DONE- when
capcut_preset=true, response includescapcut_export.editor=capcut - when
amuse_enhance=true, response includes additiveamusepayload
Pipeline run example:
curl -X POST http://127.0.0.1:9000/api/comfy/pipelines/run \
-H "content-type: application/json" \
-d '{"profile":"small_video_capcut","wait_for_state":"RUNNING","capcut_preset":true}'
Advanced Diagnostics (Optional Legacy Tooling)
When deterministic artifact output is needed, use the legacy local orchestrator drop-ins
(tools/local_comfy_orchestrator.py, tools/local_comfy_validate.py):
python tools/local_comfy_orchestrator.py \
--task comfy-health-check \
--json-out .codex/local_comfy/comfy-health-check.json \
--repo-root .
Comfy Bridge Control Vars
MX3_COMFYUI_ENABLEDMX3_COMFYUI_BASE_URLMX3_COMFYUI_API_KEYMX3_COMFYUI_TIMEOUT_SMX3_COMFYUI_DEFAULT_WORKFLOW_PROFILEMX3_AMUSE_ENABLEDMX3_AMUSE_BASE_URLMX3_AMUSE_TIMEOUT_S
References
references/mcp-comfy-checklist.md
Loopback
If this lane is unresolved, blocked, or ambiguous:
- Capture current evidence and failure context.
- Route back through
$skill-hubfor chain recalculation. - Resume only after the updated chain returns a deterministic next step.
Related Skills
grtninja/white-hat
tools
VerifiedTrustedCommunity
Run a defender-first security sweep on code, configs, prompts, model/tooling surfaces, or third-party contribution lanes. Use when a request involves safe bug, leak, zero-day-class, exploit, or hack hunting for protection, when contributing to outside repositories and you want a focused security pass, or when touching auth, secrets, permissions, network exposure, prompt/tool boundaries, data flow, or update/build surfaces. This skill is defensive only and must never be used for weaponization or unauthorized access.
2SKILL.mdUpdated Apr 22, 2026
grtninja/vrm-sandbox-startup-acceptance
development
VerifiedTrustedCommunity
Validate and repair VRM Sandbox startup acceptance with shim-first local model authority, frontend/backend bring-up, and avatar-runtime launch proof. Use when launch behavior, chat handoff, voice fallback, or runtime bridge acceptance must be verified end to end.
2SKILL.mdUpdated Apr 22, 2026
grtninja/voice-catalog-runtime-alignment
documentation
VerifiedTrustedCommunity
Align documented voice-command catalogs, endpoint action allowances, and live runtime handlers so operator-visible voice surfaces match what the stack can actually execute. Use when voice command docs, parser matrices, endpoint permissions, or runtime action routing drift apart.
2SKILL.mdUpdated Apr 22, 2026
grtninja/skillhub-trend-radar
development
VerifiedTrustedCommunity
Track SkillHub trend and topic drift, maintain a bounded rewrite watchlist, and surface emerging gaps worth turning into repo-owned skills. Use when the marketplace query set shows new families or when the current shortlist has gone stale.
2SKILL.mdUpdated Apr 22, 2026