Faster Whisper

This skill is classified as suspicious due to its broad capabilities, which include downloading content from arbitrary URLs via `yt-dlp`, executing `ffmpeg` for audio/video processing and subtitle burning, and performing self-updates of its core dependency. While these actions are plausibly aligned with the stated purpose of a comprehensive transcription tool, they grant significant access to the network and local file system. The `SKILL.md` agent guidance does not contain any malicious prompt injection attempts, and the `setup.sh` and `scripts/transcribe.py` files implement these powerful features using `subprocess.run()` with argument lists, which mitigates direct shell injection vulnerabilities. However, the inherent power of these operations, even when used for legitimate purposes, elevates the risk profile beyond a purely benign classification.