comfyui-character-gen

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and monitor open/public third-party sources (e.g., "Check HuggingFace/Civitai" in SKILL.md and references/evolution.md and provides direct HuggingFace/Civitai/GitHub links in references/models.md), expects those community/user-uploaded models and pages to be read and used to choose models/workflows, and therefore can let untrusted, user-generated content materially influence tool selection and next actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill contains explicit install/runtime steps that clone and run third‑party code (e.g., "git clone https://github.com/Winfredy/SadTalker" followed by pip installs and python scripts), which fetches and executes remote code and is presented as a required dependency for the talking‑head workflows.