skills/agentspace-so/runcomfy-agent-skills/relight/Snyk

relight

Warn

Audited by Snyk on May 13, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.80). The skill ingests user-supplied/public image URLs as inputs (see the "Invoke" examples and "Route 2: Description-based edit" using image_urls and the "Security & Privacy" note stating "source image URLs are untrusted"), so untrusted third-party images are fetched and directly used to guide relighting edits and model behavior.

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 13, 2026, 05:42 PM

Issues

1