Transcribe

Security checks across malware telemetry and agentic risk

Overview

The skill appears intended for local audio transcription, but its installer is incomplete and tries to install a missing, unreviewable command into a system-wide path with sudo.

Read the installer before running it. Do not install this version system-wide until the missing scripts/transcribe wrapper is supplied and reviewed, or change the install to a user-local path. If you proceed, expect Docker to fetch external Python/model dependencies during build and verify the language setting before relying on transcripts.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 81% confidence
Finding: The skill documentation indicates shell-based execution via installation and CLI commands, but no explicit permissions are declared. This creates a transparency and governance gap: an agent may invoke shell-capable behavior without clear authorization boundaries, increasing the risk of unintended command execution or unsafe handling of untrusted file paths.

Natural-Language Policy Violations

Medium

Confidence: 84% confidence
Finding: Defaulting to Spanish without user opt-in can cause silent mis-transcription of audio in other languages, which may lead to incorrect output being treated as authoritative. In workflows involving legal, medical, or operational audio, this can create integrity and safety issues because the user may not realize the language assumption was applied.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal