ClawHub

Codex Auth Cleaner

v1.0.3

Monitor and clean invalid codex auth files from CPA (Codex Provider Agent). Checks quota status, disables 401 files, double-verifies before deletion. Use whe...

0· 351·0 current·0 all-time
byJupiterWen@geekjair
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill is described as a CPA codex auth-file cleaner and the included script implements exactly that (fetching auth files, disabling 401s, double-verifying, deleting). However the registry metadata declares no required environment variables or primary credential, while the SKILL.md and the script require CPA_URL and CPA_KEY (or a saved config) — this is an incoherence between what the skill says it needs and what it actually needs to operate.
Instruction Scope
The SKILL.md instructions and shipped script focus on enumerating, checking, disabling, and deleting auth files and on periodic monitoring. The script only references CPA management endpoints and local config; it does not attempt to read unrelated system files. The instructions do suggest running periodic jobs and sending the stdout report via a 'message' tool; that behavior is expected but depends on the operator to implement safe delivery.
Install Mechanism
No install spec is provided and the skill is instruction-only with a single Python script using only the stdlib. There is no network-based installer or third-party package pull in the manifest.
!
Credentials
The script legitimately needs an admin-level CPA key and CPA URL to modify and delete auth files, but these required credentials are not declared in the registry metadata (requires.env/primary credential). The config.json and setup wizard also reference notification settings (telegram/discord chat id) but do not declare or explain how messaging credentials (e.g., bot token) are provided, making notification behavior unclear.
Persistence & Privilege
always:false and the skill does not request system-wide privileges. It writes a local config.json in the skill directory (normal). It does perform destructive actions against the CPA (disable/delete); this is an expected capability for a cleanup tool but requires admin rights on the CPA.
What to consider before installing
This skill is coherent in purpose — it contacts a Codex Provider Agent (CPA) management API and can disable or delete auth files — but there are important mismatches and risks you should consider before installing: - Missing metadata: The package metadata does not declare the required CPA_URL and CPA_KEY, yet the script needs them (via env vars or config.json). Expect to provide an admin key; ensure the registry omission isn't hiding additional secret requirements. - Destructive operations: The tool can permanently delete auth files on the CPA. Test with the status/check commands first and run against a staging instance. Back up or export current auth-file state before running delete/clean in production. - Principle of least privilege: Use a scoped admin key where possible. If the CPA supports a role that can only disable (not delete), prefer that for routine monitoring and only use a full-admin key when you intentionally run deletion. - Config file security: config.json will contain the admin key. Ensure the file is stored with restrictive permissions and verify where it will be saved (the skill directory under ~/.nanobot/workspace in examples). - Notifications unclear: The config includes Telegram/Discord settings but does not show where a bot token or webhook is supplied. Inspect the remainder of the script to confirm how notifications are sent and whether any additional secrets are required. - Review & auditing: Because the script performs network calls and deletions, review the full script (including the truncated portion) to confirm there are no unexpected external endpoints, no hidden logging/exfiltration, and that the delete logic matches your expectations (e.g., only deletes items confirmed by the double verification). If you want to proceed safely: (1) run the script in 'status' and 'check' modes against a test CPA instance, (2) inspect the complete source to confirm notification code and external endpoints, (3) restrict the CPA key used, and (4) ensure secure storage/rotation of the admin key. If you can provide the remainder of the script (truncated portion), I can re-evaluate and reduce uncertainty.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dr2p7sv5jszb0dhwgz5gv1h81xnmz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments