I am curious about the potential security risks of having Flash on a website.

I am working with a vendor that is going to provide me a SWF that I can load onto my website with a demo of their products and services. Since I have not created the Flash, I am curious what I am potentially opening myself up to by loading their file onto my web space.

Do you trust them?

http://www.adobe.com/products/flashplayer/articles/localcontent/

I trust them as a company. Not sure who their devlopers are though. I know I can watch activity on my local machine when I run the flash, but are there security concerns on what a flash file could do with my web server content?

No.. The only concern with a locally run SWF file is it reaching out to a third party server and downloading, reporting, and collecting data. If the locally run SWF is not doing that then there is no risk.

Clearly.. if they are tell you to link externally to their SWF file then the risk is there (if you don't trust them).

Thanks, that is kind of what I was finding...but wasn't finding a clear answer.