Back to skill

Security audit

HN Podcast Transcribe

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: it downloads podcast episodes, transcribes them locally, and stores a searchable archive on disk.

Install this only if you are comfortable downloading media from the chosen RSS feed and keeping audio, metadata, transcripts, Whisper models, and a search index on your machine. Use trusted feeds, set --limit for large feeds, use --no-download when you only want metadata, and enable the cron example only if you want recurring automated processing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill advertises and operationalizes network access, shell execution, environment-variable usage, and filesystem read/write behavior, but it does not declare permissions. That mismatch weakens user and platform trust boundaries because a caller may invoke the skill without realizing it can download remote content, execute local commands, and persist data. In this context, those capabilities are partly expected for podcast ingestion, but the lack of explicit declaration still creates avoidable security and consent risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.