Audio Transcription
PassAudited by ClawScan on May 10, 2026.
Overview
This appears to be a normal audio transcription skill; the main caveats are user-directed dependency installs and optional upload of selected audio to OpenAI when an API key is configured.
This skill is reasonable to install if you are comfortable running a local shell script and any transcription dependencies you choose to install. For sensitive recordings, prefer local Whisper/whisper.cpp. If you set OPENAI_API_KEY, expect selected audio files to be sent to OpenAI and billed to that account.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing these dependencies could run third-party code on the user's machine.
The skill documents user-run installation of external transcription dependencies without pinning versions. This is expected for the purpose, but users are trusting external packages/source code.
pip install openai-whisper ... git clone https://github.com/ggerganov/whisper.cpp.git ~/whisper.cpp ... make
Install dependencies only from trusted sources, consider pinning versions, and use a controlled environment if handling sensitive audio.
If an OpenAI key is set, the skill can make billable transcription requests using that account.
The script uses an OpenAI API key when present. This is purpose-aligned and disclosed in SKILL.md, but the registry metadata declares no credentials or environment variables.
if [[ -n "${OPENAI_API_KEY:-}" ]]; then ... -H "Authorization: Bearer $OPENAI_API_KEY"Use a scoped API key where possible, monitor provider usage, and treat OPENAI_API_KEY as an optional credential for this skill.
Audio content may leave the local machine and be processed by OpenAI if the API fallback is used.
When local transcription tools are unavailable and OPENAI_API_KEY is set, the selected audio file is uploaded to OpenAI for transcription.
curl -s -X POST https://api.openai.com/v1/audio/transcriptions ... -F file=@"$AUDIO_CONV"
Use the local Whisper or whisper.cpp paths for private audio, or confirm that sending the selected file to OpenAI is acceptable.