Back to skill
Skillv1.0.0
ClawScan security
Fun-ASR speech recognition · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousMar 20, 2026, 11:41 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill appears to implement the advertised FunASR transcription using Aliyun DashScope, but its metadata omits the required DASHSCOPE_API_KEY and the package includes an unrelated permission entry — these inconsistencies merit caution before installing or granting credentials.
- Guidance
- This skill appears to be a small client for Aliyun DashScope ASR and will send any audio you run through it to DashScope's service (wss://dashscope.aliyuncs.com). Before installing or running: 1) Treat DASHSCOPE_API_KEY as a secret — the registry metadata failed to declare it, so do not paste keys into unfamiliar installs. 2) Only use a minimally scoped or ephemeral API key and avoid transcribing sensitive audio. 3) The package includes .claude/settings.local.json permitting WebFetch to bailian.console.aliyun.com (an unrelated Aliyun console domain) — consider removing or reviewing that file if you don't want the skill to request web access. 4) Verify the source/owner since source/homepage are unknown; inspect the dashscope Python package and network endpoints you will be talking to. 5) If you plan to install, run in an isolated environment (virtualenv/container) and confirm the DASHSCOPE API key usage is acceptable.
Review Dimensions
- Purpose & Capability
- concernThe code and SKILL.md implement an Aliyun DashScope-based ASR client (reads an audio file and sends PCM to a DashScope websocket). That matches the skill description. However registry metadata lists no required environment variables while both SKILL.md and the script require DASHSCOPE_API_KEY, an omission that is incoherent.
- Instruction Scope
- okRuntime instructions are limited to installing two Python packages, setting DASHSCOPE_API_KEY, and running scripts/cli.py on an audio file. The script only reads the provided audio file and sends audio frames to DashScope; it does not attempt to read unrelated files, other credentials, or system state.
- Install Mechanism
- okThere is no install spec in the registry (instruction-only), and the SKILL.md instructs pip installing dashscope and librosa. No downloads from arbitrary URLs or archive extraction are present. The only code file is a small CLI script that uses those libraries.
- Credentials
- concernThe script and SKILL.md require DASHSCOPE_API_KEY (used as dashscope.api_key), but the skill's declared required env vars list is empty — this mismatch could mislead users about secret requirements. Also the included .claude/settings.local.json grants WebFetch to bailian.console.aliyun.com which is unrelated to the runtime websocket endpoint (wss://dashscope.aliyuncs.com) and is not explained.
- Persistence & Privilege
- okThe skill is not marked always:true and does not request persistent system-wide privileges. It does not modify other skills' configs. Including a settings.local.json is benign but its allowed WebFetch domain is unexpected.