acestep-lyrics-transcription
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill mostly matches its transcription purpose, but its credential setup can expose API keys in logs and its inline Python path handling could run unexpected code with crafted paths.
Review or patch before use. Do not paste a production OpenAI/ElevenLabs key into this workflow unless config --set is changed to mask secrets; use a low-quota key and rotate it if exposed. Verify the configured provider/api_url, and avoid sensitive audio or crafted filenames/output paths until path handling is fixed.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An OpenAI or ElevenLabs key could appear in the conversation, terminal output, or logs. Anyone with access to that output could reuse the key and potentially consume quota or create charges.
The documented setup sets openai.api_key or elevenlabs.api_key through this config function; echoing $value will print the full API key to terminal or agent logs instead of masking it.
mv "$tmp_file" "$CONFIG_FILE"; echo "Set $key = $value"
Patch the script to mask secrets when setting api_key fields, use a secure prompt or environment-based credential flow, declare the credential requirement in metadata, and rotate any key that was exposed.
A maliciously crafted filename or output path in a project could make the agent run unexpected local code during transcription or format conversion.
File paths are interpolated directly into Python source code passed to python -c. A crafted output path containing quotes or Python syntax could break out of the string and cause unintended Python execution.
$PYTHON_CMD -c "... with open('$json_file', 'r', encoding='utf-8') ... with open('$output_file', 'w', encoding='utf-8') ..."Pass paths as Python argv values, JSON-quote or otherwise safely escape them, and validate/normalize user-supplied output paths before invoking Python.
The audio content leaves the local machine and provider billing, retention, and privacy terms may apply.
The script uploads the selected audio file and sends the provider API key to the configured API endpoint. This is expected for a transcription integration, but it is sensitive behavior users should notice.
-X POST "${api_url}/audio/transcriptions" ... -H "Authorization: Bearer ${api_key}" ... -F "file=@${audio_file}"Use only trusted provider endpoints, verify api_url/provider settings, and avoid sending audio that you are not comfortable sharing with the selected transcription service.
Installation or first use may fail unexpectedly, and users may not realize from the registry metadata that a paid or quota-limited API key is needed.
The registry metadata under-declares requirements: SKILL.md and the script require curl, jq, Python, and an OpenAI or ElevenLabs API key.
Required binaries (all must exist): none; Required env vars: none; Primary credential: none
Declare the required local tools and provider credential contract in metadata so users can make an informed install decision.