Is javicasper/transcribe safe?

https://github.com/openclaw/skills/tree/main/skills/javicasper/transcribe

87
SAFE

This audio transcription skill appears functionally legitimate but has a critical installation flaw - it's missing the required CLI script that the installer attempts to copy. The skill uses Docker for isolation which is a good security practice, though it requires sudo privileges for system installation.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 60/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 85/100 · 5%

Findings (6)

HIGH Missing required CLI script -35

The install script attempts to copy 'scripts/transcribe' to /usr/local/bin/transcribe, but this file is not included in the skill package. This will cause installation to fail.

MEDIUM Requires sudo privileges -3

The installation script uses sudo to copy files to system directories, requiring elevated privileges which poses a security risk.

MEDIUM Docker container operations -2

The skill builds and manages Docker containers, which involves system-level operations that could potentially be abused.

LOW Canary file access attempts -10

Monitoring detected access attempts to sensitive files during installation, though no data was actually read or exfiltrated.

LOW Potential for sensitive audio processing -15

As a transcription tool, this skill could potentially process sensitive audio content if provided by users.

INFO Standard skill description -5

The skill description is straightforward and does not contain obvious prompt injection attempts, though any skill description has minimal influence potential.