OpenAI Whisper API (curl)

Name: openai-whisper-api
Author: steipete

Share on X Share on LinkedIn Share on Bluesky

70High

The skill is vulnerable to command injection via unsanitized prompt arguments and arbitrary file writes, risking system compromise and data corruption.

ThreatsCI SM CS BC S HITL

Behavior Analysis

Description verified — behavior matches claim

Claims to do

OpenAI Whisper API (curl): Transcribe an audio file via OpenAI’s `/v1/audio/transcriptions` endpoint.

Actually does

This skill executes a `transcribe.sh` script, which uses `curl` to send a user-provided audio file to OpenAI's `/v1/audio/transcriptions` endpoint. It requires an `OPENAI_API_KEY` for authentication and supports specifying the model, output format, language, and a prompt.

Threat Analysis

AI Agent Traps ↗Scanned 4/15/2026

Content InjectionPerceptionclean

Semantic ManipulationReasoningclean

Cognitive StateMemory & Learningclean

Behavioural ControlAction2 findings

SystemicMulti-Agent Dynamicsclean

Human-in-the-LoopHuman Overseerclean

Skill Info

Namesteipete/openai-whisper-api

Registryclawhub

Version1.0.0

PURLpkg:clawhub/steipete/openai-whisper-api@1.0.0

Stars47

Downloads21,200

Installs1,111

Source

Repository ↗

SHA-2564cd90ed4d059...

SHA-1d5b8ae2dd8eb...

MD54d3da6ed2ef2...

TLSH0b11dd346d90...

Size1,093 bytes

Install

This skill has been flagged as potentially malicious. Review the findings below before installing.

OpenClawDocs

https://clawhub.ai/steipete/openai-whisper-api

21,200 downloads1,111 installs

ClawHubDocs

openclaw skills install steipete/openai-whisper-api

Assessments (1)

AI Agent Traps ↗

Potential Command Injection via Script Argumentshighcommand execution

The skill executes a local shell script (`transcribe.sh`) with user-controlled arguments, including a `--prompt` string. If the script does not properly sanitize these inputs before using them in shell commands, it could lead to arbitrary command injection.

80% confidenceline 27

{baseDir}/scripts/transcribe.sh /path/to/audio.m4a --prompt "Speaker names: Peter, Daniel"

Arbitrary File Write Capabilitymediumresource abuse

The skill allows specifying an arbitrary output file path via the `--out` flag. This capability could be abused to write or overwrite files in sensitive system locations, potentially leading to data corruption or further compromise.

70% confidenceline 25

{baseDir}/scripts/transcribe.sh /path/to/audio.ogg --model whisper-1 --out /tmp/transcript.txt

Badge

Markdown

[![Mondoo Skill Check](https://mondoo.com/ai-agent-security/api/badge/clawhub/steipete/openai-whisper-api.svg)](https://mondoo.com/ai-agent-security/skills/clawhub/steipete/openai-whisper-api)

HTML

<a href="https://mondoo.com/ai-agent-security/skills/clawhub/steipete/openai-whisper-api"><img src="https://mondoo.com/ai-agent-security/api/badge/clawhub/steipete/openai-whisper-api.svg" alt="Mondoo Skill Check" /></a>

Image URL

https://mondoo.com/ai-agent-security/api/badge/clawhub/steipete/openai-whisper-api.svg

Secure your AI agents

Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.

Continuous scanning of skills across all registries
Policy enforcement before skills reach your agents
Integration with your existing security workflow