Expanso log-sanitize
ReviewAudited by ClawScan on May 10, 2026.
Overview
The log sanitizer appears purpose-aligned, but its MCP mode opens an unauthenticated HTTP endpoint on all network interfaces while handling sensitive log data.
Use CLI mode for the safest local-only behavior. If you start MCP mode, bind it to localhost or protect it with authentication and firewall rules, and avoid the cloud deployment path unless you have verified the remote pipeline and understand where logs will be processed.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If MCP mode is started on a networked machine, other hosts may be able to reach the sanitizer endpoint, and sensitive log content could be sent over an unexpectedly exposed HTTP service.
The MCP/HTTP mode listens on all network interfaces and accepts log payloads, but the artifact does not show authentication, TLS, origin checks, or a localhost-only default.
address: "0.0.0.0:${PORT:-8080}" ... path: /sanitize ... allowed_verbs: [POST]Bind the MCP server to 127.0.0.1 by default, document the exposure clearly, and require authentication/TLS if remote access is intended.
A user who deploys from that URL is trusting the current remote content, which may differ from the artifact reviewed here.
The cloud deployment example references a remote pipeline URL rather than the bundled reviewed file, with no pin, checksum, or version lock shown.
expanso-cli job deploy https://skills.expanso.io/log-sanitize/pipeline-cli.yaml
Prefer deploying the included local pipeline file or provide a pinned version/checksum and clear provenance for the remote URL.
Users handling secrets may assume every usage mode is purely local when some documented modes involve network exposure or cloud deployment.
This privacy claim is accurate for the local CLI pipeline, but the artifact set also documents MCP HTTP serving and optional Expanso Cloud deployment, so users could overgeneralize the local-only assurance.
This skill runs **entirely locally** without any API calls.
Clarify that only CLI/local pipeline execution is local-only, and separately document the security implications of MCP and cloud modes.