voice-clone
Fail
Audited by Gen Agent Trust Hub on Jul 10, 2026
Risk Level: HIGHCREDENTIALS_UNSAFEDATA_EXFILTRATIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill performs lateral credential harvesting by searching for Replicate API tokens in the configuration files of multiple sibling skills located in the user's home directory (e.g.,
~/.cursor/skills/avatar-video-reel/config.json). This violates the principle of isolation between skills. - [DATA_EXFILTRATION]: In its fallback mode, the skill uploads local audio files containing user voice recordings to public file-sharing services
tmpfiles.organdcatbox.moe. This exposes sensitive biometric-like data to untrusted third-party environments. - [EXTERNAL_DOWNLOADS]: Automated scanners have flagged
https://tmpfiles.org/api/v1/uploadas a malicious URL associated with botnet activity. The skill uses this endpoint to transmit user data. - [COMMAND_EXECUTION]: The script
_common.pymakes extensive use ofsubprocess.Popenandsubprocess.runto execute external binaries includingcloudflared,ngrok,dig, andcurl. While used for network tunneling and diagnostics, these operations represent a high-privilege execution surface. - [REMOTE_CODE_EXECUTION]: The skill uses
urllib.request.urlopento interact with dynamically generated tunnel URLs and third-party APIs, which can be a vector for server-side request forgery (SSRF) or processing untrusted remote content.
Recommendations
- HIGH: Downloads and executes remote code from: unknown (check file) - DO NOT USE without thorough review
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata