comfy-swap

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's installer and setup explicitly fetch and download public GitHub content (scripts/install.py calls the GitHub releases API and downloads release binaries, and references/setup.md instructs git clone or downloading ZIPs from GitHub), so the agent ingests untrusted, public third‑party content that can directly change what it installs or executes.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill includes runtime fetch-and-install steps that download and install remote code—e.g., the installer downloads binaries from https://github.com/kamjin3086/comfy-swap/releases/download/... and the manual install directs git clone https://github.com/kamjin3086/ComfyUI-ComfySwap.git—which will place and run third‑party code (plugin/binary) required for the skill.