Qwen3-TTS VoiceDesign

The skill bundle is classified as suspicious due to a critical shell injection vulnerability in `scripts/batch_seeds.sh` where the `TEXT` variable is unsafely interpolated into a `curl -d` argument, allowing arbitrary command execution if user input contains shell metacharacters. Additionally, the `SKILL.md` documentation instructs users to set up a Windows scheduled task with `highest privileges` for server auto-restart, which is a significant security risk and persistence mechanism. The `tts_server.py` also defaults to binding on `0.0.0.0`, exposing the service to the network by default.