Back to skill
Skillv1.1.0
ClawScan security
Voice Note Transcriber Cn · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 5, 2026, 11:19 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill appears to be a normal offline/online transcription helper, but there are inconsistencies about required binaries and vague model-download guidance (no trusted sources), which could lead to unexpected network downloads or execution of untrusted binaries.
- Guidance
- This skill looks like a normal transcription helper, but there are two things to confirm before installing or using it: (1) clarify the required binaries — SKILL.md lists ffmpeg and whisper but the registry metadata does not; ensure you or the operator install ffmpeg and a trusted whisper implementation from official sources. (2) the skill refers to downloading offline models but gives no URLs or integrity checks — ask the author for exact model download URLs and checksums, or only use models from trusted vendors (official GitHub releases, vendor CDN). Avoid giving any credentials. If you must try it, run it in a sandboxed environment and verify any downloaded model binaries before use.
- Findings
[no-findings] expected: The regex-based scanner found nothing to analyze because this is an instruction-only skill with no executable code. That absence of findings is expected but not proof of safety; SKILL.md still contains executable expectations (ffmpeg/whisper) and model downloads that the scanner couldn't evaluate.
Review Dimensions
- Purpose & Capability
- concernThe SKILL.md clearly describes a transcription tool (real-time, speaker diarization, denoise, offline models) — that purpose matches the content. However there is an inconsistency: the repository/registry metadata you provided lists no required binaries, while the SKILL.md metadata (YAML header) declares required binaries: [ffmpeg, whisper]. Requiring ffmpeg/whisper is reasonable for this purpose, but the mismatch between the registry-level requirements and the SKILL.md is incoherent and worth clarifying.
- Instruction Scope
- noteThe instructions are high-level and stay within transcription-related activities (preprocessing audio, recognition, speaker labeling, model download). They do not instruct the agent to read unrelated system files or env vars. However the SKILL.md references downloading offline models and switching to offline mode without specifying trusted download URLs or checksums — this vagueness could permit arbitrary network downloads or use of untrusted model files if the agent follows the instructions.
- Install Mechanism
- okThere is no install spec and no code files (instruction-only), which minimizes direct installation risk. That said, the skill expects local binaries (ffmpeg, whisper) but does not provide an install mechanism or verified sources for offline models, so the agent/operator would need to fetch/install those external components manually — a place where risk can be introduced if instructions are followed from untrusted sources.
- Credentials
- noteThe skill does not request any environment variables or credentials (reasonable for a local transcription tool). The only notable requirement is binaries/models. Because offline models are mentioned, the skill implicitly needs disk/network access to store model files — this is proportional to the purpose but should be explicitly declared and tied to verified sources.
- Persistence & Privilege
- okThe skill does not request always:true, does not specify modifying system-wide config, and declares no config paths or credentials. Its privilege/scope is limited to being invoked by the agent when used.