Trust Assessment
assemblyai-transcriber received a trust score of 43/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 4 findings: 1 critical, 1 high, 2 medium, and 0 low severity. Key findings include Missing required field: name, Suspicious import: urllib.request, Potential data exfiltration: file read + network send.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Arbitrary Local File Read and Exfiltration The skill's `transcribe.py` script directly uses user-provided input (`sys.argv[1]`) as a file path. If `os.path.exists()` returns true, the script opens and reads the content of this arbitrary file (`f.read()`) and then uploads it to the AssemblyAI API. This allows a malicious user to specify paths to sensitive local files (e.g., `/etc/passwd`, `~/.ssh/id_rsa`, `/proc/self/environ`) and have their contents exfiltrated to a third-party service (AssemblyAI). This constitutes a severe data exfiltration vulnerability and an excessive permission issue, as the skill can read any file accessible to the user running the agent. Implement strict validation and sanitization for user-provided file paths. Instead of directly using `sys.argv[1]` as a file path, consider the following: 1. **Restrict File Access:** Limit file operations to a specific, isolated directory (e.g., a temporary upload directory) and validate that the provided path is within this allowed scope. 2. **Secure File Upload:** If the skill is intended to process user-provided files, implement a secure file upload mechanism that does not expose direct file system access to the user. The user should upload the file content, not provide a path for the agent to read. 3. **User Confirmation:** For sensitive operations like reading local files, require explicit user confirmation before proceeding. Specifically, modify the `upload_file` and `transcribe` functions to ensure `file_path` is safe and authorized before opening. | LLM | scripts/transcribe.py:96 | |
| HIGH | Potential data exfiltration: file read + network send Function 'upload_file' reads files and sends data over the network. This may indicate data exfiltration. Review this function to ensure file contents are not being sent to external servers. | Static | skills/xenofex7/assemblyai-transcriber/scripts/transcribe.py:71 | |
| MEDIUM | Missing required field: name The 'name' field is required for claude_code skills but is missing from frontmatter. Add a 'name' field to the SKILL.md frontmatter. | Static | skills/xenofex7/assemblyai-transcriber/SKILL.md:1 | |
| MEDIUM | Suspicious import: urllib.request Import of 'urllib.request' detected. This module provides network or low-level system access. Verify this import is necessary. Network and system modules in skill code may indicate data exfiltration. | Static | skills/xenofex7/assemblyai-transcriber/scripts/transcribe.py:11 |
Scan History
Embed Code
[](https://skillshield.io/report/6de0626e1b01d78f)
Powered by SkillShield