ClawHub

Podcast Summarizer

Security checks across malware telemetry and agentic risk

Overview

This podcast summarizer performs the expected download, transcription, and LLM summarization workflow, but users should understand that summaries send transcript text to Gemini or OpenAI when API keys are configured.

Install this only if you are comfortable downloading audio from the URLs you provide and sending transcript text to Gemini or OpenAI for summarization when those API keys are present. Use --transcript-only or avoid setting LLM API keys for private, regulated, paid, or proprietary audio.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The script reads API keys from the environment and sends podcast transcript content to third-party LLM providers for summarization. This creates a real data-exposure risk because transcripts may contain sensitive or proprietary content, and the CLI/help text does not clearly warn users that their data will leave the local environment.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The skill description and notes do not clearly warn that using the tool downloads untrusted remote audio and may persist transcripts or summaries locally. While this is primarily a disclosure issue rather than an exploit by itself, it can lead to unsafe use in sensitive environments where network retrieval, storage of derived content, or handling of copyrighted/private audio should be explicitly acknowledged.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
Transcript content is transmitted to external LLM APIs without any explicit notice or confirmation mechanism. In a podcast summarizer, users may assume processing is local after transcription, so silent exfiltration to Gemini/OpenAI materially increases privacy and compliance risk.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal