ai-voice-cloning

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). The prompt directs users to download and execute an unreviewed remote shell script (curl https://cli.inference.sh | sh) and references .sh endpoints — a high-risk pattern for malware distribution even if other links (mp4/jpg) seem benign placeholders.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly installs and calls a third‑party CLI and accepts arbitrary external URLs and media inputs (e.g., infsh/media-merger's "audio_files" / "video_url" and bytedance/omnihuman's "image_url") which will be fetched and processed, so it ingests untrusted public content that could carry indirect prompt-injection.