ai-image-generation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly accepts user-supplied external URLs (e.g., i2i Route A's "image_urls" and Nano Banana's "enable_web_search" flags) and the skill/RunComfy servers fetch those public resources (Security & Privacy section notes reference image URLs and web-search results are untrusted), so third‑party content can be ingested and materially influence generation and downstream actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill fetches user-supplied image URLs at runtime (e.g., "https://.../portrait.jpg"), which the RunComfy model server ingests and can contain embedded instructions or metadata that directly influence generation for required i2i/edit workflows.