ai-voice-cloning

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). These links point to an unfamiliar third‑party domain (inference.sh) that instructs users to run a remote install script via curl | sh plus includes generic/placeholder media URLs—downloading and executing a shell script from an untrusted host (and fetching arbitrary remote media) can run arbitrary code or deliver malware, so these sources should be treated as suspicious unless independently verified.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflows (e.g., media-merger and omnihuman examples) accept and fetch user-supplied public URLs such as "video_url", "image_url", and "audio_files" which can point to untrusted third‑party content on the open web and be ingested as part of processing, enabling indirect prompt injection.