openai-whisper-api
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/transcribe.shexecutes thecurlcommand to interact with the OpenAI API. It uses standard bash argument parsing and employs double-quoting for variables to prevent basic shell injection vulnerabilities. - [EXTERNAL_DOWNLOADS]: The script initiates network connections to
api.openai.com. This is the official and well-known domain for OpenAI's API services, which is consistent with the skill's stated purpose of audio transcription. - [CREDENTIALS_UNSAFE]: The skill requires an
OPENAI_API_KEYenvironment variable. The script correctly checks for its presence before attempting to execute the transcription request. This is the standard method for authenticating with this service.
Audit Metadata