Safety Report

Openai Whisper Api

Name: Openai Whisper Api
Rating: 5 (25 reviews)
Author: steipete

@steipete

Transcribe audio via OpenAI Audio Transcriptions API (Whisper).

12,868Downloads

640Installs

25Stars

1Versions

API Integration4,971 CLI & Shell Tools1,805 Video & Audio1,618 Networking & DNS1,102

Security Analysis

high confidence

Clean0.08 risk

The skill's code and runtime instructions match its stated purpose (calling OpenAI's /v1/audio/transcriptions with curl using an OPENAI_API_KEY); nothing in the files indicates unexpected data exfiltration or unrelated privileges.

Feb 11, 20262 files2 concerns

Purpose & Capabilitynote

The skill's name/description (Whisper transcriptions) align with the included script which uses curl to call api.openai.com and uploads an audio file. Minor documentation inconsistency: top-level registry metadata lists no required env/bins, but SKILL.md metadata and the script require curl and OPENAI_API_KEY.

Instruction Scopeok

SKILL.md and scripts/transcribe.sh limit activity to reading the provided audio file, calling OpenAI's transcription endpoint, and writing the transcript to a local path. The script does not read unrelated files or send data to any third-party endpoints other than api.openai.com.

Install Mechanismok

No install spec; the skill is instruction-only with a small included shell script. Nothing is downloaded or written to system locations during install.

Credentialsnote

The only required credential is OPENAI_API_KEY, which is appropriate for this API. Note the SKILL.md suggests storing a key in ~/.clawdbot/clawdbot.json — storing API keys in plaintext files has risk if file permissions are lax. Also callout the mismatch between registry-level 'no required env' and the SKILL.md's declared requirements.

Persistence & Privilegeok

Skill does not request persistent/system-wide privileges, does not set always:true, and does not modify other skills or global agent settings.

Guidance

This skill is coherent for transcribing audio with OpenAI's Speech-to-Text API: it invokes curl to upload a local audio file to https://api.openai.com/v1/audio/transcriptions and requires an OPENAI_API_KEY. Before installing, ensure you (1) are comfortable providing an OpenAI API key (the script will send the audio to OpenAI), (2) have curl available on the host, and (3) if you choose to store the key in ~/.clawdbot/clawdbot.json, protect that file with strict permissions (chmod 600) or prefer environment variables to avoid plaintext storage. Also be aware of a small metadata mismatch in the registry (the top-level metadata omitted the declared requirement for curl and OPENAI_API_KEY in SKILL.md) — make sure the agent runtime will expose OPENAI_API_KEY when you run this skill.

Latest Release

v1.0.0

More by @steipete

Gog

672 stars

Github

267 stars

Weather

229 stars

Frontend Design

186 stars

Openai Whisper

173 stars

Nano Banana Pro

164 stars

Published by @steipete on ClawHub