Back to skill

Security audit

Speech is Cheap Transcribe

Security checks across malware telemetry and agentic risk

Overview

This ASR skill appears to do what it says: send user-chosen audio or media URLs to a third-party transcription API, with no evidence of hidden or unrelated behavior.

Install only if you are comfortable sending selected audio files or media URLs to Speech is Cheap for transcription. Avoid using it for confidential, regulated, or third-party recordings unless you have permission and understand the provider's retention and privacy terms.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly supports uploading local audio files and notes that it sends them to a third-party upload endpoint, but it does not present a clear privacy/security warning before encouraging use. In an agent context, this can cause users or automated workflows to transmit sensitive local recordings off-device without informed consent, especially because the surrounding language emphasizes convenience and automation.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The manifest declares an API credential requirement (SIC_API_KEY) for a transcription skill that necessarily sends audio or requests to an external service, but it does not provide any user-facing disclosure about external transmission, credential handling, or privacy implications. This creates a real security and privacy transparency issue because users may unknowingly provide sensitive audio and API credentials to a third-party service without informed consent.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script uploads a local audio file to a third-party service using curl, but its help text and runtime behavior do not clearly warn the user that file contents are being transmitted off-host. In an agent-skill context, this can lead to inadvertent disclosure of sensitive recordings or regulated data if users assume processing is local.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The URL-based transcription path sends a user-supplied media URL and associated processing options to an external API without clearly disclosing that this is a remote service interaction. Even though only the URL may be sent rather than a direct file upload, the action can expose sensitive resource locations and trigger third-party access to private media.

External Transmission

Medium
Category
Data Exfiltration
Content
}
EOF
)
            curl -s -X POST "$API_BASE/jobs/" \
                -H "Authorization: Bearer $SIC_API_KEY" \
                -H "Content-Type: application/json" \
                -d "$JSON_DATA"
Confidence
84% confidence
Finding
curl -s -X POST "$API_BASE/jobs/" \ -H "Authorization: Bearer $SIC_API_KEY" \ -H "Content-Type: application/json" \ -d

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.