image-edit

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). The listed URLs are mostly benign static assets and documentation on a single vendor domain and GitHub, but they include a direct shell installer (https://runcomfy.com/install.sh) and explicit "curl | sh" instructions — a high-risk pattern for executing untrusted code — so the bundle should be treated as moderately suspicious until the vendor and installer contents are verified.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required schemas explicitly accept publicly-fetchable HTTPS image URLs and mask URLs (see Route 1 "image_urls" and Route 4 "mask_image" in SKILL.md), which the CLI/model will fetch and the edit models will interpret (including in-image text/multi-ref composition), so arbitrary untrusted web-hosted content can be ingested and materially influence model behavior.