speech-to-text

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). Most URLs are documentation/media links and placeholder audio/video files on inference.sh, but the presence of a direct "curl -fsSL https://cli.inference.sh | sh" installer endpoint (remote shell script execution) is a high‑risk pattern because it allows arbitrary code execution from an external source.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill fetches and transcribes arbitrary public audio/video URLs (e.g., the CLI examples using "audio_url": "https://audio.mp3" and "video_url": "https://video.mp4"), meaning the agent ingests untrusted, third‑party user content as part of its workflow and could be exposed to indirect prompt injection.