flux-kontext

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's schema and invocation require a publicly fetchable "image" URL (see "Endpoints + input schema" and "How it works") and the Security & Privacy section explicitly states that image/mask/video URLs are fetched by the RunComfy model server and should be treated as untrusted, so third-party image content is ingested and can influence the model's behavior.