video-stt
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill mostly matches its video transcription purpose, but its shell wrapper can turn crafted options into local Python code execution and it installs dependencies at runtime.
Review before installing or running. Prefer the Python helper over the shell wrapper, avoid passing untrusted -o/-m/-f values, install dependencies manually from trusted sources, and do not set cloud API keys for this version because cloud mode is not implemented.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A crafted option value could run arbitrary Python commands under the user's account instead of only transcribing a video.
MODEL, FORMAT, and OUTPUT_FILE are populated from command-line arguments and interpolated into Python source code inside python3 -c without escaping or validation.
python3 -c "... model = whisper.load_model('$MODEL') ... if '$FORMAT' == 'json': ... with open('$OUTPUT_FILE', 'w') ..."Avoid using the shell wrapper with untrusted option values until it is fixed. The publisher should call a Python script with argv parameters, validate allowed model/format values, and avoid building executable code from strings.
Running the skill may change the local environment and download third-party code, which is expected for transcription tooling but should be explicit and reviewed.
The Python helper can install Homebrew packages and an unpinned Python package at runtime, while the registry metadata lists no required binaries or install spec.
subprocess.run(["brew", "install", cmd], check=False) ... subprocess.run(["uv", "pip", "install", "whisper"], check=True)
Review and install dependencies yourself, prefer pinned package names/versions, and consider disabling automatic package installation in the helper.
Users may expect cloud transcription or set API keys unnecessarily, even though the provided shell implementation only supports local transcription.
The interface advertises cloud API mode but the implementation exits as not implemented.
echo " --api Use cloud API" ... echo "Cloud API mode not implemented yet"
Do not provide cloud API credentials unless the implementation is updated and reviewed; treat cloud support as unavailable in this version.