CleanApp Report Submission
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill mostly does what it says, but users should review it because an API token is sent to a configurable URL and the documented privacy defaults for location/media are stronger than the code actually enforces.
Install only if you intend to submit reports to CleanApp. Before live use, keep CLEANAPP_API_TOKEN in a secret store, leave the base URL at the official CleanApp HTTPS endpoint unless you deliberately use a trusted test endpoint, run --dry-run to inspect payloads, and explicitly use --no-media and --approx-location or --no-location when the report may contain private media or precise location data.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the skill can submit reports into CleanApp rather than only preparing or previewing them.
The tool posts user-provided report items to a server endpoint, which is the stated purpose but is still an external state-changing action.
url = args.base_url.rstrip("/") + "/v1/reports:bulkIngest" ... status, body = post_json(url, token, payload, timeout_sec=args.timeout)Use --dry-run first, review the JSON payload, and only run live submission when the user intends to create reports.
If the base URL is changed by mistake or by an unsafe agent instruction, the API token and report payload could be sent to the wrong server.
A caller or environment variable can change the base URL, and the CleanApp bearer token is then attached to that destination without visible host or HTTPS validation.
ap.add_argument("--base-url", default=os.environ.get("CLEANAPP_BASE_URL", "https://live.cleanapp.io"), ...)
req.add_header("authorization", f"Bearer {token}")Validate or allowlist CleanApp HTTPS hosts before attaching the bearer token, and require explicit user confirmation whenever the base URL is not the default CleanApp endpoint.
A user may believe media metadata is excluded and locations are approximate by default, while a normal bulk submission can send exact coordinates or media URLs from the input file.
The bulk ingest code only drops media when --no-media is supplied and only rounds coordinates when --approx-location is supplied, so precise location and media metadata can be sent by default if present in the input.
"data_handling": "Submits text + optional approximate location. No media by default. Supports dry-run."
Make --no-media and approximate-location behavior the actual default, or update the manifest and examples to clearly state that users must opt into those protections.
Users may underestimate that installing the skill includes executable Python and shell helpers.
The registry-level install description does not fully reflect that the package includes runnable code, although the code is provided and reviewable in the artifacts.
Install specifications: No install spec — this is an instruction-only skill. Code file presence: 10 code file(s)
Publish registry metadata that declares the runnable entrypoint, required token, and network capability, and remove duplicate or inconsistent package copies where possible.