The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The script scripts/transcribe.py implements a bootstrap mechanism that automatically executes pip install at runtime to install external dependencies such as openai-whisper, anthropic, and pyannote-audio. This behavior introduces supply chain risks by installing and executing third-party code without user-verified hash or version pinning.
[COMMAND_EXECUTION]: The skill uses subprocess.run() to execute shell commands for creating virtual environments, installing packages, and invoking ffprobe for media metadata extraction. Additionally, it uses os.execv() for process replacement to switch execution to the virtual environment's Python interpreter.
[EXTERNAL_DOWNLOADS]: The skill automatically downloads large binary model files (up to 1.5GB) from external repositories (HuggingFace and OpenAI) during its first execution or when specific models are requested.
[DATA_EXFILTRATION]: When the --punctuate feature is used, the skill sends the full transcribed text of local media files to the Anthropic API (claude-haiku-4-5-20251001). This involves transmitting potentially sensitive local data to an external service.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8).
Ingestion points: Local audio and video files processed in scripts/transcribe.py.
Boundary markers: The prompt used in the punctuate_with_claude function lacks robust delimiters or specific instructions to ignore embedded commands within the transcribed text.
Capability inventory: The skill has access to shell commands, process manipulation, and network operations.
Sanitization: No sanitization is performed on the transcribed text before it is passed to the language model for punctuation processing.

media-transcriber