Trust Assessment
transcribee received a trust score of 73/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via User Input.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Potential Command Injection via User Input The skill's usage examples demonstrate direct execution of the `transcribee` command with user-provided URLs and file paths. The explicit warning to 'Always quote URLs containing & or special characters' strongly suggests that these inputs are passed to a shell for execution. If the `transcribee` tool or its underlying implementation does not properly sanitize or escape user-supplied arguments before shell execution, an attacker could inject arbitrary shell commands by crafting malicious URLs or file paths. This could lead to remote code execution on the host system. Ensure that all user-provided inputs (URLs, file paths) are rigorously validated, sanitized, and properly escaped before being passed to any shell command. Ideally, use a secure method for executing external commands, such as `subprocess.run()` with `shell=False` and passing arguments as a list, rather than constructing a single shell string. Implement robust input validation to restrict inputs to expected formats (e.g., valid URLs, existing file paths). | LLM | SKILL.md:16 |
Scan History
Embed Code
[](https://skillshield.io/report/62000ee8faf948b7)
Powered by SkillShield