comfyui

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests and executes arbitrary workflow JSON and interacts with public third‑party sources (e.g., community workflow downloads from Civitai/Reddit/Discord, model download URLs from HuggingFace/CivitAI, git installs from GitHub, and Comfy Cloud API) as part of its runtime flow—see SKILL.md "Step 1" and the model-download examples plus scripts like run_workflow.py, check_deps.py and auto_fix_deps.py—so untrusted content can be read and can materially change subsequent tool actions.