plaud-transcript-export

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches transcript and summary data from official Plaud API endpoints (api.plaud.ai) and associated signed S3 URLs. This behavior is consistent with the skill's stated purpose of exporting user data.
  • [COMMAND_EXECUTION]: The skill utilizes a local Python script (scripts/export_plaud.py) to manage API communication and local file operations. The script is well-structured and uses only standard library components.
  • [CREDENTIALS_UNSAFE]: Although the skill interacts with sensitive workspace tokens and cookies, it follows security best practices by instructing users to provide these via environment variables or interactive shell input rather than hardcoding them. It also includes specific safety rules against committing secrets to version control.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 04:34 AM
Security Audit — agent-trust-hub — plaud-transcript-export