Back to skill
Skillv0.1.1
ClawScan security
CleanApp Report Submission · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 15, 2026, 10:20 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The package and runtime instructions are consistent with a simple client for submitting quarantined reports to CleanApp; the only notable issue is an inconsistency in the registry metadata vs. the package manifest and SKILL.md about the required secret.
- Guidance
- This package appears to do exactly what it says: build JSON report payloads and POST them to CleanApp. Before installing or running it, consider the following: - Expect to provide one secret: CLEANAPP_API_TOKEN (a Fetcher API key). Store it as a secret in your platform rather than pasting into chat or logs. The manifest and SKILL.md require it even though the top-level registry note omitted it. - Test using --dry-run first to confirm payload shape and that approximate-location / no-media options behave as you expect. - Use a low-privilege / quarantine fetcher key for initial testing and rotate/revoke it after use. Don’t use a production/promoted key until you’ve validated behavior. - Review the included scripts (ingest.py and scripts/submit_report.sh) yourself — they are small and readable; there is no remote fetching or obfuscated code in the package. - If you plan to run this in an automated agent, ensure the token is scoped and monitored (rate limits, quotas, and ability to revoke). The only real issue is the metadata mismatch about required env vars (packaging error). If that is corrected, the skill is internally coherent.
Review Dimensions
- Purpose & Capability
- noteName, description, SKILL.md, and code all align: the skill submits problem reports to CleanApp's /v1/reports:bulkIngest. The code only makes HTTPS calls to the declared base URL and manipulates user-provided JSON payloads. Minor packaging inconsistency: the top-level registry metadata in the provided bundle claims 'Required env vars: none' and 'Primary credential: none', but the package manifest and SKILL.md declare CLEANAPP_API_TOKEN as a required secret. This appears to be a packaging/metadata error rather than functional misalignment.
- Instruction Scope
- okSKILL.md and scripts restrict behavior to building payloads, applying optional location/media redaction, and POSTing to CleanApp. There is a true dry-run mode that prints payload without network. The runtime instructions do not request reading unrelated system files or contacting other endpoints.
- Install Mechanism
- okNo remote downloads or install spec; this is an instruction+script package with all referenced scripts included. No dynamic fetching of remote scripts or execution of code from arbitrary URLs.
- Credentials
- noteRuntime code and SKILL.md require only a single bearer token (CLEANAPP_API_TOKEN) and optionally CLEANAPP_BASE_URL plus non-sensitive agent metadata env vars. That credential is proportionate to the described purpose. However, the registry-level 'Requirements' block provided to the evaluator lists no required env vars, while manifest.json and SKILL.md declare CLEANAPP_API_TOKEN — this mismatch should be resolved (manifest/SKILL.md are correct for runtime behavior).
- Persistence & Privilege
- okThe skill does not request 'always: true' or any elevated platform privileges, does not modify other skills, and does not persist arbitrary tokens to other config locations. It performs standard client-side HTTP calls only when invoked.