Codex Auth Cleaner
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill appears to do the advertised cleanup, but it needs a CPA admin key and can disable or delete Codex authentication files, including on a recurring schedule.
Use this only if you operate the CPA instance and intentionally want automated cleanup of Codex auth files. Protect config.json, use the narrowest admin key possible, verify the CPA URL, test status/check before delete or clean, and avoid monitor/cron until you are comfortable with the deletion behavior.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing and configuring the skill grants it admin-level access to CPA auth-file management; anyone who can read the config file may also obtain that key.
The skill requires and persists a privileged CPA admin key, while the supplied metadata lists no primary credential or required config path. That key authorizes the management operations performed by the script.
Run setup wizard to configure CPA URL and admin key... Config saved to `config.json`
Use a least-privilege CPA key if available, restrict permissions on config.json, prefer localhost or HTTPS CPA URLs, and ensure the registry metadata clearly declares the required admin credential.
A wrong configuration, bad quota signal, or unintended invocation could disable or remove usable authentication files.
The script directly patches auth-file status and deletes auth files through the CPA management API. This is aligned with the stated purpose, but it is a destructive action with account/auth impact.
payload = {"name": file_id, "disabled": True}
resp = api_patch("/v0/management/auth-files/status", payload)
...
resp = api_delete("/v0/management/auth-files", params={"name": file_id})Run status/check first, keep backups or an export of auth files, add an explicit dry-run or confirmation step for deletion, and review reports before enabling automatic cleanup.
If enabled, the skill may continue periodically checking, disabling, and deleting auth files without a fresh user decision each time.
The skill documents recurring/background operation. This is disclosed and purpose-aligned, but it means the cleanup authority can keep running after setup.
python3 scripts/codex_cleaner.py monitor -i 300 ... For periodic monitoring, run `clean --report` via HEARTBEAT or cron
Only enable monitor/cron/HEARTBEAT after testing manual runs, document how to stop it, and review logs or reports regularly.
Users have limited ability to verify the publisher or compare the included script against an upstream project.
The artifacts do not provide an upstream source or homepage for provenance verification. There are no third-party install dependencies shown, so this is a provenance note rather than a standalone concern.
Source: unknown Homepage: none No install spec — this is an instruction-only skill.
Review the included script locally before use and install only from a publisher you trust.