transcribe-video

This skill implements a straightforward workflow to extract audio, upload it to AWS S3, run AWS Transcribe, download subtitle and JSON outputs, and clean up. There is no evidence of malicious network destinations, obfuscated payloads, or backdoors. Primary risks are operational and privilege-related: the documentation requests overly-broad AWS permissions (s3:*), temporary buckets are created with predictable names and without explicit ACL/encryption instructions, and shell command interpolation could be unsafe with untrusted inputs. These issues increase the potential impact if credentials or inputs are compromised, but they do not indicate intentional malicious behavior in the code fragment itself. Recommend narrowing IAM permissions, using randomized/unpredictable bucket names with proper ACLs/encryption, validating/sanitizing any external inputs, and adding explicit error handling for creation and cleanup steps.