ai-voice-cloning

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). These links point to an unfamiliar third‑party domain (inference.sh) that instructs users to run a remote install script via curl | sh plus includes generic/placeholder media URLs—downloading and executing a shell script from an untrusted host (and fetching arbitrary remote media) can run arbitrary code or deliver malware, so these sources should be treated as suspicious unless independently verified.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill accepts and processes arbitrary external URLs (e.g., "video_url": "https://your-video.mp4", "image_url": "https://portrait.jpg", and "audio_files"/"audio_url" in the infsh media-merger and bytedance/omnihuman examples), which means it can fetch and ingest untrusted third-party user-provided content as part of its workflow.