speech-to-text

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). Mixed signals: inference.sh and its cloud subdomain (docs and hosted image) look like legitimate documentation/CDN, but the unusual top-level domains that look like filenames (e.g., meeting.mp3, video.mp4, audio.mp3, podcast.mp3, french-audio.mp3) are nonstandard, opaque hosts that could deliver malicious media or drive-by payloads — and the skill also instructs installing/running code via npx/CLI which increases risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly shows fetching/transcribing audio and video from arbitrary public URLs (e.g., the "audio_url" and "video_url" fields in the Quick Start and Workflow examples), so untrusted third‑party/user‑generated content is ingested and its transcription can materially influence downstream actions.