yap
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill is a straightforward macOS speech-to-text wrapper, with only the normal caution that it installs and runs a third-party command-line tool.
This appears safe and purpose-aligned for transcribing audio or video files on macOS. Before installing, make sure you are comfortable installing the third-party yap Homebrew package, and only transcribe files you intend the local tool to process.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the skill means installing and running an external command-line program on the user’s Mac.
The skill depends on installing a third-party Homebrew formula. This is coherent with a CLI transcription tool, but users should trust the package source before installing it.
brew | formula: finnvoor/tools/yap | creates binaries: yap
Review the Homebrew formula or upstream project if desired, and install only if you trust the maintainer/source.