flux-image

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This SKILL.md explicitly shows running infsh with arbitrary image_url and lora_url values (e.g., "image_url": "https://your-image.jpg" and instructions to "add lora_url for custom style"), which causes the system to fetch and ingest untrusted public web resources (images/LoRA weights) that can directly influence model behavior and outputs.