openai-whisper-api
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The script transmits audio data to OpenAI's official API (
https://api.openai.com/v1/audio/transcriptions). This is a well-known and trusted service endpoint required for the skill's stated purpose. - [COMMAND_EXECUTION]: The skill executes
curlfor API requests andmkdirto manage output directories. Both commands are used within the expected scope of audio transcription and utilize shell quoting to handle user-provided paths safely. - [CREDENTIALS_UNSAFE]: Authentication is handled via an
OPENAI_API_KEYenvironment variable. The skill does not contain hardcoded secrets and follows the recommended approach for managing API credentials.
Audit Metadata