Fully offline Qwen3 TTS for your agent

The skill is classified as suspicious due to a significant data exfiltration vulnerability. The `/v1/audio/send/telegram` and `/v1/audio/send/whatsapp` endpoints in `server/tts_server.py` accept an `audio_file` path, which is then read and uploaded to external messaging services. While the skill's intended purpose is to send generated audio, the implementation allows a malicious user to instruct the agent to send *any* file accessible to the agent (e.g., `~/.ssh/id_rsa`) to an external chat, if the messaging credentials are configured. This constitutes a high-risk capability that could be exploited for data exfiltration, even though the skill itself does not explicitly instruct the agent to perform such malicious actions. Additionally, the `SKILL.md` instructs the agent to use a `curl | bash` installation method, which is a common supply chain vulnerability, and contains prompt injection surfaces for user-provided voice names, though server-side sanitization mitigates direct command injection.