image-to-video

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly requires arbitrary image_url/video_url/audio_url inputs (see the Route schemas) which the RunComfy model server fetches (see "How it works" and "Security & Privacy"), meaning untrusted public media can be ingested and influence generation (image/audio-based prompt injection risk).

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill’s runtime explicitly fetches user-supplied media URLs (e.g., image_url "https://.../subject.jpg" and audio_url "https://.../voiceover-en.mp3") which are downloaded by the RunComfy model server and injected into the model context to drive lip‑sync and visual generation, so these external URLs directly control the agent’s output.