kling-3-0

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill's i2v workflow explicitly requires publicly fetchable source image URLs (see "Prerequisites" and the Input schema fields image_url / tail_image_url and the i2v example invocations), which are fetched by RunComfy servers and thus constitute untrusted third-party content that the model will read/interpret and can materially influence generation (the SKILL.md even warns about image-based prompt injection).