Quicklrc Transcribe
PassAudited by VirusTotal on May 4, 2026.
Overview
Type: OpenClaw Skill Name: quicklrc-transcribe Version: 1.0.0 The skill is a straightforward wrapper for the QuickLRC API, designed to generate subtitles and lyrics from audio/video URLs. It uses standard curl commands to interact with a legitimate-looking endpoint (quicklrc.com) and requires a specific API key (QUICKLRC_API_KEY). No evidence of data exfiltration, malicious execution, or prompt injection was found in SKILL.md or _meta.json.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone using the configured key can make transcription requests that may spend your QuickLRC credits.
The skill requires a QuickLRC account API key and successful use can consume account credits. This is disclosed and purpose-aligned, but users should treat the key as sensitive and monitor usage.
Set `QUICKLRC_API_KEY` to your API key from https://quicklrc.com/dashboard. ... Cost = audio duration rounded up to the nearest minute.
Use a dedicated API key if possible, keep it out of chat logs and shared files, monitor credit usage, and revoke or rotate the key if it is exposed.
Media URLs and lyrics you provide may be processed by QuickLRC rather than staying local.
The workflow sends the media URL and, optionally, user-provided lyrics to the QuickLRC external API. This data sharing is central to the skill's function and is disclosed.
sends an audio/video URL and gets back a synced subtitle file ... `"lyrics": "Hello world\nThis is line two"`
Only submit URLs and lyrics that you are allowed to share with QuickLRC, and review QuickLRC's privacy and retention terms for sensitive content.