Back to skill

Security audit

Transcribe

Security checks across malware telemetry and agentic risk

Overview

This looks like a local audio transcription skill, but its installer is incomplete and tries to make a privileged system-wide install.

Review this version before installing. Do not run the installer system-wide until the missing scripts/transcribe wrapper is supplied and reviewed, or adapt it to install in a user-local path. If you proceed, expect Docker to download external dependencies and verify the language setting before relying on transcripts.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The activation text is broad enough to trigger on general audio-related requests, not only explicit user intent to transcribe. That can cause the agent to save attachments and invoke local shell/Docker tooling on files opportunistically, expanding the attack surface and enabling unintended processing of untrusted content.

Natural-Language Policy Violations

Medium
Confidence
80% confidence
Finding
Forcing Spanish as the default language without user opt-in can silently produce incorrect transcriptions, especially for non-Spanish audio. While not a direct code-execution issue, it can degrade integrity of outputs and lead the agent to present inaccurate content as if it were authoritative.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.