ai-avatar-video

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). These links largely point to a single third‑party service (inference.sh) and include an explicit "curl https://cli.inference.sh | sh" install command plus direct file-hosting URLs and ambiguous example domains (e.g., https://portrait.jpg, https://speech.mp3) — executing a remote shell script or fetching unknown hosted files from an untrusted source is a high-risk distribution vector for malware.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill’s examples and workflow explicitly accept arbitrary public URLs for images, audio, and video (e.g., "image_url": "https://portrait.jpg", "audio_url": "https://speech.mp3", "video_url": "https://original-video.mp4") which the agent ingests and processes (transcription, TTS, lip-sync), exposing it to untrusted third‑party user content that could carry indirect prompt injections.