---

-= Per source details. Do not edit below this line.=-

Source: amazon-inspector (fc206ef48bfccaec8e81aac2b666e2d54a4a027e8432cc1d08d3823cf333caca)

setup.py executes git clone --depth 1 --branch dev-3.12 https://github.com/gabry-lab/index-tts during the build_py / egg_info / sdist / bdist_wheel lifecycle and copies the cloned tree into src/indextts, which is then packaged into the wheel and executed by every installer who imports the package. The branch reference (dev-3.12) is mutable — no commit SHA is pinned — so whoever controls the gabry-lab/index-tts repository can change the bundled Python code at any time without republishing on PyPI. The clone source is also a personal-user fork rather than the upstream index-tts/index-tts organization repository that README.md and PKG-INFO advertise as the source of vendored code. The combination of (a) install-time fetch of executable Python source, (b) mutable branch ref with no integrity verification, and (c) publisher mismatch between the documented upstream and the actual fetched repository is the canonical install-time remote-code-execution shape: the bytes that end up running on the installer's machine are determined by future commits to a third-party-controlled branch, not by the version published to PyPI.