speech-to-text

SUSPICIOUS: the core transcription purpose matches the capability, but the skill’s trust model is broader than necessary because it requires a vendor CLI with login, remote job execution, same-org curl|sh-style installation, and transitive skill-install guidance. The behavior is coherent for an inference platform skill, but it carries medium supply-chain and credential-forwarding risk rather than looking outright malicious.