audio-transcribe

SUSPICIOUS: the skill’s core behavior matches its transcription purpose and external LLM use is transparently opt-in, but install trust is weaker than expected because setup depends on a bundled shell script and nonstandard distribution evidence. Scope is mostly proportionate; the main risk is supply-chain trust plus optional external sharing of transcript content during cleanup.

This Bash fragment is a typical dependency/bootstrapper with no clear indicators of credential theft, obfuscation, exfiltration, or backdoor behavior in the shown code. However, it carries meaningful supply-chain and operational risk: it performs unpinned/rolling pip installs and upgrades without hash/signature verification, uses privileged OS package installation (sudo apt-get) when needed, and—most importantly—executes local companion scripts (patch_clustering.py and setup_mimo.sh) without integrity checks. If those local files or upstream dependencies are tampered with, the installer would run attacker-controlled code with the user’s privileges. Review the contents of the executed companion scripts and consider pinning versions/hashes for reproducibility and risk reduction.