One of KODI extensions developer, MetalKettle, pointed out possible security risk, affecting any addon installed via repository.

MetalKettle deleted his repository on Github and another user created new one with the same name. This is huge potential security risk, as new code could be served without user even knowing about it.

For now just remove MetalKettle repository if you have it installed, in future, it would be wise to track any installed repository change.

Read more at | kodi-addon-repo-danger-metalkettle