qwen3-tts-skills

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill ingests untrusted third‑party and user-provided content: scripts and README show downloading models from ModelScope/Hugging Face and accepting arbitrary URLs/paths (e.g., --ref-audio in run_qwen3_tts.py / voice-clone and --audio in tokenizer-roundtrip, plus batch_dubbing.py using ref_audio and the AI-driven "paste an article" workflow in dubbing-skills), so the agent will read/interpret external/user content as part of its workflow.