whisper-transcribe-summarize
PassAudited by ClawScan on May 11, 2026.
Overview
This is a coherent local Whisper transcription helper; the main cautions are that setup downloads third-party packages/models and the tool writes transcript files to disk.
This skill appears safe for its stated purpose. Before installing, be comfortable with installing openai-whisper and downloading Whisper models, and choose transcript output paths carefully because generated files remain on your machine and may contain sensitive information.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the dependency or downloading models may contact external package/model sources and modify the local Python environment or cache.
The skill relies on an unpinned third-party Python package and model downloads. This is expected for a Whisper-based local transcription tool, but it is still a supply-chain and setup consideration.
`openai-whisper`(未安装时执行 `python3 -m pip install -U openai-whisper`) ... `python3 scripts/download_whisper_model.py medium` ... 模型下载到 ~/.cache/whisper。
Install from a trusted Python environment, consider pinning/verifying openai-whisper, and download models only from expected sources.
A mistaken output path could replace an existing text file, and transcript files may contain sensitive content from the media.
The script writes transcription output to either a default path or a user-specified path. This is required for the skill, but a chosen path could overwrite an existing writable file.
parser.add_argument("--output", default=None, help="输出 txt 路径") ... with open(output_path, "w", encoding="utf-8") as f:Use a deliberate output location, avoid important existing filenames, and protect or delete generated transcripts if the source media is sensitive.