https://old.reddit.com/r/comfyui/comments/1dbls5n/psa_if_youve_used_the_comfyui_llmvision_node_from/
While I’ve not messed with this stuff myself, apparently “nodes” are just arbitrary code run on your computer, and as such can contain exploits, in this case a typical “discord stealer” script, which grabs whatever user data it can (including browser profiles) and sends it off to a discord.
So be careful what you run. Since it’s 2024 and unless you take special steps yourself, your security model is still:
