Cloudflare Whisper Worker
Security checks across malware telemetry and agentic risk
Overview
The skill appears to do what it says—send a chosen audio file to a Cloudflare Worker for transcription—but users should know it uploads audio and uses a bearer token.
This skill is reasonable for its stated purpose if you trust the Cloudflare Worker endpoint. Before using it, confirm the audio file is appropriate to upload, keep WHISPER_WORKER_TOKEN secret, avoid custom URLs unless trusted, and ensure required local tools such as curl and jq are available.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private or sensitive speech in the audio file will leave the local machine and be processed by the configured worker.
The skill clearly sends the selected audio file to an external Cloudflare Worker endpoint for transcription.
Base URL: `https://lotfi-whisper-worker.medtouradmin.workers.dev` - Route: `POST /transcribe` - Body: raw audio bytes (`--data-binary @file`)
Use this only with audio you are allowed to send to that endpoint, and review the worker/operator’s privacy and retention expectations before uploading sensitive recordings.
Anyone who obtains the token may be able to use the transcription endpoint as that user or account.
The script requires a bearer token from the environment and sends it as API authorization, which is expected for this endpoint but is still credential handling.
if [[ -z "${WHISPER_WORKER_TOKEN:-}" ]]; then
echo "Error: WHISPER_WORKER_TOKEN is not set"
...
-H "authorization: Bearer $WHISPER_WORKER_TOKEN"Keep the token secret, avoid pasting it into shared logs or chats, rotate it if exposed, and verify the destination URL before sending requests.
A mistaken or untrusted custom URL could receive the user’s audio and API token.
The helper permits a caller-provided URL; if used, that URL receives both the audio bytes and the bearer token.
URL="${2:-https://lotfi-whisper-worker.medtouradmin.workers.dev/transcribe}"
...
curl -sS -X POST "$URL" \
-H "authorization: Bearer $WHISPER_WORKER_TOKEN" \
--data-binary "@$FILE"Prefer the default endpoint unless intentionally using a trusted replacement, and have the agent ask before using any non-default URL.
Users or automated installers may not be warned up front that they need a token and local CLI tools to run the helper script.
The registry metadata does not declare setup prerequisites even though the artifacts document a required token and the script uses command-line tools. This affects user/install-time clarity, not observed malicious behavior.
Required binaries (all must exist): none Required env vars: none Primary credential: none
Update metadata to declare the WHISPER_WORKER_TOKEN requirement and relevant helper-tool dependencies such as curl and jq.