transcribe

The skill description presents a coherent, multi-stage local transcription pipeline with optional external LLM correction. The primary security considerations arise from external data flows: (1) sending transcripts to an external LLM service (Claude/Anthropic) when llm_correction is enabled, and (2) downloading/using third-party ML models from HuggingFace. These are expected for enhanced accuracy but introduce privacy and data-flow risks typical of such architectures. No hardcoded secrets are evident; credentials are sourced per documentation from environment or a local .env file, which is acceptable if properly isolated and access-controlled. The overall footprint is aligned with the stated purpose but carries notable data-exposure risk due to external API interactions and model downloads. Treat as SUSPICIOUS rather than benign, because external data flows and transitive dependencies introduce surface-area for leakage or abuse if misconfigured or compromised.