Skillv1.1.0

ClawScan security

AssemblyAI Transcriber · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 11, 2026, 4:09 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and required environment variable align with a transcription integration for AssemblyAI; nothing in the bundle indicates intentional misdirection or hidden exfiltration.
Guidance: This skill appears to do exactly what it says: it uploads audio to AssemblyAI and returns a transcript with speaker labels. Before installing, note the following: (1) audio is sent to a third-party service (AssemblyAI) — do not use it for highly sensitive audio unless you accept that external processing will occur; (2) store your API key securely (environment variable or ~/.assemblyai_config.json). The script looks for a config file in home and cwd and also in an unusual high-level ancestor path which may resolve to the filesystem root — make sure you know which file the script will read so your key isn't accidentally read from an unexpected location; (3) README mentions Telegram support but the shipped code does not implement it (this is likely a documentation mismatch, not hidden functionality); (4) the script reads whole files into memory before upload — avoid very large files to prevent resource issues. If you need explicit assurances, ask the author for i) confirmation of the config-path behavior and ii) an explicit privacy/data-retention statement from their AssemblyAI account settings or usage policy.

Review Dimensions

Purpose & Capability: okName/description ask for AssemblyAI transcription with diarization and the code calls AssemblyAI's /upload and /transcript endpoints and requires ASSEMBLYAI_API_KEY — this is coherent. One minor mismatch: README mentions 'Telegram Support' but no Telegram code is present.
Instruction Scope: noteSKILL.md instructs use of an API key and running the provided script, which stays within the stated purpose. The script does check for a config file in multiple locations (home, cwd) which is expected, but also checks Path(__file__).parent.parent.parent.parent / '.assemblyai_config.json' (a high-level ancestor path that can resolve to the filesystem root on typical layouts) — odd but not clearly malicious. The script uploads audio (local or by URL) to AssemblyAI as expected; it does not attempt to read other unrelated files or system secrets.
Install Mechanism: okNo install spec included (instruction-only with a small Python script). Nothing is downloaded or written to disk at install time by the skill bundle itself.
Credentials: noteOnly ASSEMBLYAI_API_KEY is required, which is proportionate. The code also supports reading a config file from several locations (home, cwd, and an unusual high-level ancestor path); users should be aware where they place their API key so it isn't read from an unexpected location.
Persistence & Privilege: okSkill is not always-enabled and does not request elevated or persistent platform privileges. It does not modify other skills or system-wide settings.