More than that; the trigger code can sit passively and just check the cache for whatever payloads may come its way.

I suppose image sanitizers come soon to browsers. Only sanitized images will be cached; anything the browser can't make sense of will be thrown away.

Exif is only the most convenient method here - you can use steganography hide arbitrary data right in the image content itself. Sanitizing would that would mean messing with how images look.

ComfyUI embeds workflows in the EXIF data. It's very handy. Would be a little sad if they stripped that out but there are alternatives. I suppose if it's only cached images and not manually downloaded images it wouldn't be bad. It'd probably break some website somehow though.