Reversal — Agent Input Reliability Layer
PassAudited by ClawScan on May 11, 2026.
Overview
This appears to be a disclosed document and URL parsing integration, but it relies on external code/services and can process user-selected local files.
Install only if you trust the external Reversal repository and service. Prefer the local setup for sensitive documents, keep API keys protected, and ask the agent to parse only specific files or URLs you intend to share.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the MCP server could execute code from an external repository and package dependencies.
The skill tells users to install and run external code that is not included in the reviewed artifact set. This is disclosed and central to the skill, but users must trust that repository and its dependencies.
git clone https://github.com/Etytabs/REVERSAL ... pip install -r requirements.txt ... pip install -e .
Review the repository and dependency files, use a virtual environment or container, and pin trusted versions before installing.
API keys could allow access to paid or private provider services if exposed or misused.
The skill discloses use of provider credentials for optional image parsing and remote Reversal API access. These credentials are expected for the stated integrations, but they are sensitive.
Set `ANTHROPIC_API_KEY` only if you need image/dashboard screenshot parsing ... "Authorization": "Bearer sk-rev-YOUR_KEY"
Store keys in a secrets manager or environment-specific config, avoid committing them, and revoke or rotate them if exposed.
Content submitted for parsing may be processed by a third-party service rather than staying fully local.
The HTTP MCP configuration sends requests to a remote Reversal service. This is disclosed and purpose-aligned, but it creates an external data boundary for parsed URLs or documents.
"transport": "http", "url": "https://api.reversal.dev/v1/mcp", "headers": { "Authorization": "Bearer sk-rev-YOUR_KEY" }Use the local stdio option for sensitive files when possible, and review the provider’s privacy, retention, and access-control terms before sending confidential content.
Parsed content might be stored temporarily or persistently depending on the external implementation.
The security section mentions caching parsed JSON. This appears intended as safe implementation detail, but the artifact does not describe cache retention or isolation.
JSON-only Redis cache — no pickle, no RCE surface
Check cache retention settings and avoid submitting highly sensitive documents unless storage behavior is understood.
If used carelessly, the agent could process a local file that contains private information.
The described tools can read or upload local files by path. That is aligned with document parsing, but it should remain limited to files the user intends to process.
Input: source — URL (https://…) or file path (/path/to/file.pdf) ... upload_file(file_path)
Give the agent explicit file paths and avoid broad instructions such as parsing entire folders or unknown local files.