Trust Assessment
transcribe received a trust score of 83/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Unpinned dependency in Dockerfile, Potential Command Injection in CLI wrapper (content missing).
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection in CLI wrapper (content missing) The `SKILL.md` mentions a `scripts/transcribe` bash CLI wrapper that is installed system-wide by `scripts/install.sh`. This wrapper is crucial for how user-provided audio file paths and language arguments are passed to the underlying Docker container. The content of this wrapper script is not provided in the analysis context, preventing a full security assessment. If the wrapper passes user-controlled arguments (e.g., the audio file path) to `docker run` or the Python script inside the container without proper quoting or sanitization, it could lead to command injection, allowing an attacker to execute arbitrary commands on the host system. Provide the full content of the `scripts/transcribe` CLI wrapper for security review. Ensure all user-controlled inputs passed to `docker run` or the Python script are properly quoted (e.g., `"$1"`) to prevent shell metacharacter interpretation. A more robust approach might involve mounting the audio file into the container at a fixed, internal path and passing only that internal path to the Python script, rather than directly passing the user-provided host path. | LLM | scripts/install.sh:48 | |
| MEDIUM | Unpinned dependency in Dockerfile The Dockerfile, generated by `scripts/install.sh`, installs the `faster-whisper` Python package without specifying a version. This can lead to non-deterministic builds and potential security vulnerabilities if a future version introduces breaking changes or malicious code. It also makes it harder to reproduce the exact environment. Pin the `faster-whisper` dependency to a specific, known-good version (e.g., `faster-whisper==0.10.0`) to ensure deterministic builds and mitigate risks from future malicious or vulnerable updates. Regularly review and update pinned dependencies. | LLM | scripts/install.sh:19 |
Scan History
Embed Code
[](https://skillshield.io/report/a27914ea709387a5)
Powered by SkillShield