Local Audio2SRT

Security checks across static analysis, malware telemetry, and agentic risk

Overview

The skill mostly matches its Audio2SRT purpose, but it exposes a local transcription server more broadly than described and includes some risky cleanup/troubleshooting instructions.

Install only if you are comfortable running local pip/npm installs and downloading large ML models. Before use, bind the backend to 127.0.0.1 instead of 0.0.0.0, restrict CORS, choose a dedicated empty target directory, avoid the kill -9 troubleshooting commands unless you have verified the process owner, and update vulnerable frontend dependencies.

Publisher note

Local-generate and deploy the Audio2SRT project — a MLX Whisper audio transcription and translation Web GUI for Apple Silicon Macs. Unlike audio2srt-deploy (which clones from Gitee), this skill generates the entire project from embedded templates on the local machine, requiring zero network access for source code. Installs Python and Node.js dependencies, auto-downloads MLX models from ModelScope, and launches both the backend (Python aiohttp, port 8765) and frontend (Vite + React, port 3000). Triggers: 本地生成audio2srt, 本地搭建转录工具, generate Audio2SRT, 生成音频转录项目, local deploy mlx whisper, or any request to create/set up the audio2srt project without cloning from remote.

SkillSpector (5)

By NVIDIA

Description-Behavior Mismatch

Medium

Confidence: 97% confidence
Finding: The package metadata names the frontend project "file-converter-queue", which does not match the declared Audio2SRT skill. This kind of identity mismatch is a supply-chain and review risk because it suggests copied or swapped project scaffolding, making it easier to hide unrelated functionality or mislead operators about what is actually being installed and run.

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The skill says that if the target directory exists and is non-empty, it may be overwritten or cleared and rebuilt, but it does not provide an explicit warning about irreversible data loss. In a file-generation and deployment workflow, this can cause accidental deletion of user files if the chosen path is incorrect or insufficiently confirmed.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The troubleshooting section recommends forcefully killing whatever is listening on ports 3000 and 8765 using kill -9, without warning that these processes may be unrelated to this project. This can terminate legitimate applications, interrupt user work, and cause data loss or corruption because SIGKILL prevents graceful shutdown.

Known Vulnerable Dependency: postcss==8.4.38 — 1 advisory(ies): CVE-2026-41305 (PostCSS has XSS via Unescaped </style> in its CSS Stringify Output)

Low

Category: Supply Chain
Confidence: 84% confidence
Finding: postcss==8.4.38

Known Vulnerable Dependency: vite==5.3.1 — 10 advisory(ies): CVE-2025-32395 (Vite has an `server.fs.deny` bypass with an invalid `request-target`); CVE-2025-31125 (Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query); CVE-2026-39365 (Vite Vulnerable to Path Traversal in Optimized Deps `.map` Handling) +7 more

Low

Category: Supply Chain
Confidence: 91% confidence
Finding: vite==5.3.1

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal