ai-avatar-video

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). Most links are media/docs on inference.sh, but the instruction to curl and pipe https://cli.inference.sh to sh is a high-risk pattern (remote shell execution/installer from an external domain) that can be used to distribute malware.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly accepts and processes arbitrary external URLs (see the infsh app run examples with "image_url", "audio_url", and "video_url" such as https://portrait.jpg and https://video.mp4) which fetches untrusted public content that the agent will read/transcribe/sync, enabling indirect prompt injection.