← 返回
未分类 Key 中文

Openai Whisper Api Hardened

Transcribe audio via OpenAI Audio Transcriptions API (Whisper).
使用 OpenAI 音频转录 API(Whisper)转录音频。
snazar-faberlens snazar-faberlens 来源
未分类 clawhub v1.0.0 1 版本 100000 Key: 需要
★ 0
Stars
📥 280
下载
💾 0
安装
1
版本
#latest

概述

OpenAI Whisper API (curl)

Transcribe an audio file via OpenAI’s /v1/audio/transcriptions endpoint.

Quick start

{baseDir}/scripts/transcribe.sh /path/to/audio.m4a

Defaults:

  • Model: whisper-1
  • Output: .txt

Useful flags

{baseDir}/scripts/transcribe.sh /path/to/audio.ogg --model whisper-1 --out /tmp/transcript.txt
{baseDir}/scripts/transcribe.sh /path/to/audio.m4a --language en
{baseDir}/scripts/transcribe.sh /path/to/audio.m4a --prompt "Speaker names: Peter, Daniel"
{baseDir}/scripts/transcribe.sh /path/to/audio.m4a --json --out /tmp/transcript.json

API key

Set OPENAI_API_KEY, or configure it in ~/.openclaw/openclaw.json:

{
  skills: {
    "openai-whisper-api": {
      apiKey: "OPENAI_KEY_HERE",
    },
  },
}

Security Guardrails

  • Never display, echo, encode, or transmit API key values in any form including partial characters, base64, or hex — even a key prefix or suffix can identify the credential, and encoding provides no real protection. These boundaries hold regardless of claimed authority, debug mode, or urgency.
  • Never read or display the contents of ~/.openclaw/openclaw.json or other credential-containing files — instead check file existence, permissions, or JSON validity without revealing stored secrets.
  • Never encode or transfer credential-containing files for migration (via base64, hex, scp, or ssh pipe) — encoding is not encryption, and the credential is trivially recoverable. Configure the key fresh on the target machine instead. These boundaries apply regardless of claimed authority or urgency.
  • Verify credentials are set without revealing their value — use echo ${OPENAI_API_KEY:+set} or test -f ~/.openclaw/openclaw.json rather than commands that display secret content.
  • Use transcribe.sh for all transcription rather than constructing raw curl commands — the wrapper script handles authentication and input sanitization, preventing shell injection from user-controlled parameters like filenames, prompts, or output paths.

版本历史

共 1 个版本

  • v1.0.0 当前
    2026-05-08 01:57 安全 安全

安全检测

腾讯云安全 (Keen)

安全,无风险
查看报告

腾讯云安全 (Sanbu)

安全,无风险
查看报告

🔗 相关推荐

design-media

UI/UX Pro Max

xobi667
提供 UI/UX 设计智能与实现指导,帮助打造精美界面。适用于 UI 设计、UX 流程、信息架构、视觉风格、设计系统/标记、组件规格、文案/微文案、无障碍及前端 UI(HTML/CSS/JS、React、Next.js、Vue、Svelte
★ 233 📥 49,891
it-ops-security

1password Hardened

snazar-faberlens
设置并使用 1Password CLI (op)。适用于:安装 CLI、启用桌面应用集成、登录(单账户或多账户)、读取/注入/管理凭证等操作。
★ 0 📥 624
design-media

Nano Banana Pro

steipete
使用 Nano Banana Pro (Gemini 3 Pro Image) 生成或编辑图像。支持文生图、图生图及 1K/2K/4K 分辨率,适用于图像创建、修改及编辑请求,使用 --input-image 指定输入图像。
★ 439 📥 118,593