🎤 Transcribe audio files using Qwen ASR. 千问STT

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate transcription skill, but it sends the selected audio to an external Qwen demo service.

Install this only if you are comfortable sending chosen voice or audio files to the Qwen demo endpoint. Avoid highly sensitive recordings, and be aware that the script may print a remote audio file URL during processing.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 92% confidence
Finding: The skill documentation states it uses the Qwen ASR demo service and therefore performs network access, but no corresponding permission is declared. This creates a transparency and policy problem: users or hosting frameworks may believe the skill is local-only while audio data is actually sent to a remote service, which is especially sensitive because voice recordings can contain personal or confidential information.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The code uploads user-provided audio to a third-party remote service and logs the resulting remote file URL, but it provides no explicit user consent flow, privacy notice, or data-handling warning. In a voice-message transcription skill, audio often contains sensitive personal data, so silent exfiltration to an external endpoint creates a real confidentiality and compliance risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal