ayrisdev/app-store-optimization
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: remove unsafe file deletion in audio-transcriber cleanup

Browse Source 
Remove cleanup_temp_files() function that was deleting fixed-name files
(metadata.json, transcription.json) without verifying script ownership.

This addresses security concern raised by Codex review:
- Risk: Could delete user's existing files with same names
- Solution: Removed cleanup since no temp JSON files are actually created

Changes:
- Remove cleanup_temp_files() function entirely
- Remove --keep-temp argument (no longer needed)
- Remove all cleanup_temp_files() calls

Fixes #62 (review comment)
This commit is contained in:
Eric Andrade
2026-02-04 18:35:17 -03:00
parent 801c8fa475
commit eb493121d3
1 changed files with 2 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
skills/audio-transcriber/scripts/transcribe.py
View File

@@ -407,24 +407,6 @@ def save_outputs(transcript_text, ata_text, audio_file, output_dir="."):
return str(transcript_path), str(ata_path) if ata_path else None return str(transcript_path), str(ata_path) if ata_path else None
def cleanup_temp_files(output_dir=".", keep_temp=False):
"""Remove arquivos temporários JSON se não for para manter."""
if keep_temp:
return
temp_files = ["metadata.json", "transcription.json"]
removed = []
for filename in temp_files:
filepath = Path(output_dir) / filename
if filepath.exists():
filepath.unlink()
removed.append(filename)
if removed:
console.print(f"[dim]🧹 Removidos arquivos temporários: {', '.join(removed)}[/dim]")
def main(): def main():
"""Função principal.""" """Função principal."""
import argparse import argparse
@@ -434,7 +416,6 @@ def main():
parser.add_argument("--prompt", help="Prompt customizado para processar transcript") parser.add_argument("--prompt", help="Prompt customizado para processar transcript")
parser.add_argument("--model", default="base", help="Modelo Whisper (tiny/base/small/medium/large)") parser.add_argument("--model", default="base", help="Modelo Whisper (tiny/base/small/medium/large)")
parser.add_argument("--output-dir", default=".", help="Diretório de saída") parser.add_argument("--output-dir", default=".", help="Diretório de saída")
parser.add_argument("--keep-temp", action="store_true", help="Manter arquivos temporários JSON")
args = parser.parse_args() args = parser.parse_args()
@@ -470,7 +451,6 @@ def main():
console.print("[dim] Salvando apenas transcript.md...[/dim]") console.print("[dim] Salvando apenas transcript.md...[/dim]")
save_outputs(transcript_text, None, args.audio_file, args.output_dir) save_outputs(transcript_text, None, args.audio_file, args.output_dir)
cleanup_temp_files(args.output_dir, args.keep_temp)
console.print("\n[cyan]💡 Para gerar ata/resumo:[/cyan]") console.print("\n[cyan]💡 Para gerar ata/resumo:[/cyan]")
console.print(" - Instale Claude CLI: pip install claude-cli") console.print(" - Instale Claude CLI: pip install claude-cli")
@@ -485,7 +465,6 @@ def main():
if final_prompt is None: if final_prompt is None:
# Usuário recusou processamento # Usuário recusou processamento
save_outputs(transcript_text, None, args.audio_file, args.output_dir) save_outputs(transcript_text, None, args.audio_file, args.output_dir)
cleanup_temp_files(args.output_dir, args.keep_temp)
return return
# Step 4: Processar com LLM # Step 4: Processar com LLM
@@ -500,9 +479,6 @@ def main():
console.print("\n[cyan]💾 Salvando arquivos...[/cyan]") console.print("\n[cyan]💾 Salvando arquivos...[/cyan]")
save_outputs(transcript_text, ata_text, args.audio_file, args.output_dir) save_outputs(transcript_text, ata_text, args.audio_file, args.output_dir)
# Step 6: Cleanup
cleanup_temp_files(args.output_dir, args.keep_temp)
console.print("\n[bold green]✅ Concluído![/bold green]") console.print("\n[bold green]✅ Concluído![/bold green]")