Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Transcribe
v1.0.2Transcribe audio files to text using local Whisper (Docker). Use when receiving voice messages, audio files (.mp3, .m4a, .ogg, .wav, .webm), or when asked to transcribe audio content.
⭐ 2· 3k·34 current·35 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims local Docker-based transcription with faster-whisper, which matches the code that builds a Docker image running a transcription script. However the metadata declares no required binaries or privileges even though the installer uses docker and sudo; SKILL.md mentions a scripts/transcribe CLI wrapper but that file is not present in the bundle. These mismatches suggest sloppy packaging or omitted files.
Instruction Scope
SKILL.md stays within transcription scope (save attachment, run transcribe, include transcription). The install script, however, instructs building a Docker image, pre-downloading a model (network access), and copying a CLI into /usr/local/bin using sudo. The copy targets a file ($SCRIPT_DIR/transcribe) that is not included, so the install will fail or behave unexpectedly if a different file is present.
Install Mechanism
Installation is via an included install.sh that builds a Docker image from python:3.11-slim and pip-installs faster-whisper, then pre-downloads the model inside the image. Pulling base images and packages is expected but requires network access; the script also performs sudo cp to /usr/local/bin. The combination of building images, downloading models, and using sudo is higher-risk than an instruction-only skill and is not documented in the declared requirements.
Credentials
The skill requests no environment variables or credentials, which is appropriate for a local transcription tool. That said, it implicitly requires access to Docker and permission to run sudo/copy into system PATH, which are privileged capabilities not reflected in the metadata.
Persistence & Privilege
The installer modifies the system by adding a CLI to /usr/local/bin and creates a local Docker image and (potentially large) cached model inside that image. Although the skill is not marked always:true and does not autonomously request extra privileges, the installation requires elevated privileges (sudo) and persists artifacts on the host.
What to consider before installing
This skill likely does what it says (local transcription with faster-whisper) but the packaging is inconsistent and the installer requires admin privileges and Docker which the registry metadata does not declare. Before installing: 1) Ask the publisher for the missing scripts/transcribe wrapper or request a corrected package (install.sh copies a file that isn't included). 2) Inspect the Dockerfile (it's embedded in install.sh) and the generated transcribe.py to confirm no unexpected network endpoints or commands. 3) Run the build in an isolated environment (VM or disposable host) because the build downloads Python packages and a model (potentially large). 4) Prefer running the Docker build and installation steps manually rather than running install.sh with sudo; avoid blindly granting sudo. 5) If you cannot verify the missing wrapper, treat the package as incomplete and do not run it on production systems.Like a lobster shell, security has layers — review code before you run it.
latestvk97bgfkagtn668704ms2qnk2ts803f3r
License
MIT-0
Free to use, modify, and redistribute. No attribution required.