voice-clone

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's source step clearly fetches and ingests arbitrary public URLs (scripts/voice-clone.ts cmdSource uses fetch(url) to download given URLs and SKILL.md documents yt-dlp/YouTube download examples), so it consumes untrusted third-party content as part of the cloning workflow which can materially affect outputs.