ai-avatar-video

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). The prompt instructs piping a remote script into sh (curl ... | sh from cli.inference.sh) and references several unspecified/placeholder media URLs; executing a remote shell script and downloading files from unclear or untrusted hosts is a common malware vector, so this is potentially risky.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md shows the skill accepts arbitrary external media URLs (e.g., "image_url", "audio_url", "video_url" in the Quick Start and Full Workflow sections) and explicitly transcribes/translates/generates speech from those inputs, so untrusted third‑party audio/video/web-hosted content is fetched and ingested and can influence subsequent LLM-driven processing.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The Quick Start instructs running "curl -fsSL https://cli.inference.sh | sh", which fetches and immediately executes remote shell code from https://cli.inference.sh at runtime and is required to use the CLI, so this URL directly executes remote code.