MH openai-whisper-api
PassAudited by ClawScan on May 1, 2026.
Overview
This skill matches its stated purpose: it sends a chosen audio file to OpenAI for transcription using your API key and saves the result locally.
Before installing, make sure you are comfortable sending selected audio files to OpenAI and using your OpenAI API key for the request. Choose output paths carefully to avoid overwriting local transcript files.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the skill requires an OpenAI API key and may consume paid OpenAI usage.
The script uses the user's OpenAI API key to authorize the transcription request. This is expected for OpenAI API use, but it gives the skill access to the user's OpenAI account quota and billing.
-H "Authorization: Bearer $OPENAI_API_KEY"
Use an API key you control, keep it out of shared files or logs, monitor usage, and rotate the key if it is exposed.
Audio content may include private speech or sensitive information and will leave the local machine for processing by OpenAI.
The selected local audio file is uploaded to OpenAI's transcription endpoint. This is disclosed and purpose-aligned, but it is still an external data transfer.
curl -sS https://api.openai.com/v1/audio/transcriptions ... -F "file=@${in}"Only transcribe files you are comfortable sending to OpenAI, and review OpenAI's data-use policy if the audio is sensitive.