Back to skill
Skillv0.0.1
ClawScan security
autoglmasr · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 3, 2026, 3:36 AM
- Verdict
- suspicious
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The SKILL.md describes a reasonable ASR MCP wrapper, but it requires an external API key and runtime installs (npx + ffmpeg) that are not reflected in the registry metadata — verify the npm package/repo and be careful with sending audio and keys to the third-party endpoint.
- Guidance
- Before installing or invoking this skill: (1) Verify the upstream project and npm package (the SKILL.md references a GitHub repo and expects 'npx autoglm-asr-mcp'); confirm the package name, maintainers, and that the code is trustworthy. (2) Understand that you must provide AUTOGLM_ASR_API_KEY and that audio files will be uploaded to open.bigmodel.cn — avoid sending sensitive audio or use a scoped/test API key. (3) Expect runtime downloads via npx and that ffmpeg must be installed; consider running in an isolated or sandboxed environment. (4) If you require stricter control, prefer a self-hosted/local ASR or vendor-reviewed package, and update the skill registry metadata to declare required env vars/binaries before trusting it.
Review Dimensions
- Purpose & Capability
- noteThe skill's stated purpose (long-audio ASR, chunking, concurrency, timestamps using GLM-ASR-2512) matches the instructions and examples (split on silence, concurrent HTTP calls to open.bigmodel.cn). However the registry metadata lists no required environment variables or binaries while the SKILL.md clearly requires ffmpeg and an AUTOGLM_ASR_API_KEY; that metadata mismatch is an incoherence.
- Instruction Scope
- concernThe instructions tell the agent to read local audio files (absolute paths), run 'npx autoglm-asr-mcp' (which will fetch and execute code from npm at runtime), and use an API key to POST audio to https://open.bigmodel.cn. Reading local audio is expected for ASR, but the guidance to fetch/execute remote npm code and to use an API key (not declared in registry) increases risk and scope beyond what the registry claims.
- Install Mechanism
- concernThere is no install spec in the registry, yet the SKILL.md relies on 'npx autoglm-asr-mcp' (dynamic download/execute from npm) and on installing ffmpeg. Dynamically pulling an npm package at runtime is an implicit install step not captured in metadata and has higher risk than a pure instruction-only skill.
- Credentials
- noteThe environment variables listed in SKILL.md (AUTOGLM_ASR_API_KEY, API_BASE, model, concurrency, timeouts, etc.) are proportionate to an ASR client. But the registry declares none of these; importantly the API key will be sent to an external third-party (open.bigmodel.cn), which is a privacy and credential-exposure consideration the user should weigh.
- Persistence & Privilege
- okThe skill is not 'always: true', has no declared install hooks or config path modifications in the registry, and does not ask to modify other skills or system-wide agent settings. Autonomous invocation is allowed by default but is not in itself a new privilege here.