Aliyun Speech Transcriber

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This skill appears to do what it says: it uses your Aliyun DashScope API key to transcribe user-provided media URLs, with no hidden persistence or unrelated behavior found.

This skill looks safe for its stated purpose if you are comfortable using an Aliyun DashScope API key and sharing the selected media URLs and resulting transcripts with Aliyun. Pass only URLs you intend to transcribe, use short-lived signed URLs for private files, and review the small included script if source provenance matters to you.

Static analysis

Env credential access

Critical

Finding: Environment variable access combined with network send.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI03: Identity and Privilege Abuse

Low

What this means

Anyone using the skill must provide an Aliyun DashScope API key, and transcription requests will be made under that account.

Why it was flagged

The skill uses a local environment variable as an Aliyun DashScope bearer credential. This is disclosed and purpose-aligned, but the key can authorize provider actions and possible billing.

Skill content

const primary = process.env.ASR_DASHSCOPE_API_KEY; ... 'Authorization': `Bearer ${apiKey}`

Recommendation

Use a scoped or revocable API key if available, keep it in environment variables rather than hardcoding it, and revoke or rotate it if it is no longer needed.

#ASI03: Identity and Privilege Abuse

Low

What this means

Aliyun DashScope may be able to access the media at any URL you submit, including private content reachable through a signed URL.

Why it was flagged

The workflow may send signed private media URLs to Aliyun for transcription. Signed URLs can grant temporary access to otherwise private files, but this is disclosed and central to the stated purpose.

Skill content

Pass one or more externally accessible URLs ... including signed Qiniu URLs ... Only send URLs the user intends to transcribe.

Recommendation

Only provide URLs for media you intend to share with Aliyun, prefer short-lived signed URLs for private files, and avoid submitting sensitive recordings unless that provider processing is acceptable.

#ASI04: Agentic Supply Chain Vulnerabilities

Info

What this means

You have less external provenance information for verifying who maintains the skill beyond the included artifacts.

Why it was flagged

The registry metadata does not identify a source repository or package origin. The included code is small and readable, and there is no install script, so this is a provenance note rather than a behavioral concern.

Skill content

Source: unknown

Recommendation

Review the included script before use and prefer trusted or source-linked releases when provenance is important.