controlnet-pose

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly requires the CLI to ingest user-supplied reference_video_url, character_image_url, and control_image_url (see the "Invoke" examples and the "Indirect prompt injection (third-party content)" section), which are untrusted third-party assets that directly condition model outputs and can therefore alter agent decisions/actions.