Recite
ReviewAudited by ClawScan on May 10, 2026.
Overview
Recite mostly matches its receipt-bookkeeping purpose, but it uploads financial documents to an external API while using misleading local-only wording and has unsafe filename handling.
Install only if you trust recite.rivra.dev with your receipt and invoice contents. Run it on a copy or backup of receipt folders until the filename sanitization is fixed, review long_term_memory.md before use, and protect the Recite API key.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malformed or manipulated extracted date could cause a receipt to be moved or misplaced outside the folder the user intended to process.
The destination path uses the API-extracted date without sanitizing path separators, absolute paths, or checking that the final path remains inside the target directory.
date = row_data.get('date', 'UnknownDate')
vendor = str(row_data.get('vendor', 'UnknownVendor')).replace('/', '-').replace('\\', '-')
new_name = f"{date}_{vendor}{ext}"
new_path = os.path.join(target_dir, new_name)
...
os.rename(file_path, new_path)Sanitize every filename component, reject slashes and absolute paths, normalize the destination path, and verify it stays inside the selected receipt folder before renaming.
A user may believe receipt contents stay local when the documents are actually uploaded to a third-party API for extraction.
This privacy framing is incomplete because the implementation sends receipt/PDF contents to recite.rivra.dev for scanning, even though the resulting CSV ledger is stored locally.
- **Local-First:** Keeps your financial data on your machine.
Revise the documentation to clearly say that receipt files are uploaded to the Recite API, and require explicit user consent before processing sensitive financial documents.
Receipt details such as vendors, totals, card information, addresses, or tax-related purchases may be shared with the external provider.
The script uploads the full selected receipt image or PDF to the Recite provider API. This is central to the skill's purpose, but the files may contain sensitive financial data.
encoded_string = base64.b64encode(image_file.read()).decode('utf-8')
...
response = requests.post(f"{BASE_URL}/scan", headers=headers, json=payload, timeout=30)Use the skill only if you trust the Recite service with these documents, and avoid processing receipts containing information you do not want sent to that provider.
Anyone with access to the configured API key may be able to use the user's Recite account or quota.
The skill reads a Recite API key from local configuration or the environment and uses it as a bearer token. This is expected for the integration, but it is still account-authorizing credential use.
CONFIG_PATH = os.path.expanduser("~/.config/recite/config.json")
...
return os.environ.get("RECITE_API_KEY")
...
"Authorization": f"Bearer {api_key}"Store the API key securely, use a revocable/limited key if available, and remove it from the environment or config file when no longer needed.
Changes to the memory file could alter how the agent handles receipts, categories, alerts, or file movements in future runs.
The skill intentionally supports persistent workflow instructions. This is disclosed and purpose-aligned, but persistent instructions can affect later processing if edited unexpectedly.
Modify `skills/recite/long_term_memory.md` to add persistent instructions for the agent. The agent will always read this file before processing.
Keep long_term_memory.md under user control, review it before processing important receipts, and avoid placing broad or unsafe file-operation instructions in it.