qwen-tts

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill automatically downloads and loads models from the public Hugging Face repository (e.g., Qwen/Qwen3-TTS-12Hz-1.7B-CustomVoice) and also supports contacting arbitrary remote TTS servers via --remote / QWEN_TTS_REMOTE, so it fetches and consumes untrusted third‑party content as part of its runtime workflow.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill contains runtime code (scripts/tts.py and scripts/tts-voicedesign.py) that sends requests to a remote HTTP server (e.g. http://192.168.188.177:8765) which executes TTS generation remotely and is required for the remote-mode VoiceDesign client, so this URL is a runtime external endpoint that executes remote code.