ClawHub

Workspace Files

v1.0.1

Work safely with files inside the OpenClaw workspace sandbox. Use for listing directories, reading text files, writing text files, and searching files by nam...

0· 475·3 current·3 all-time
by@ecosincronia
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description promise file operations inside a workspace sandbox and the included script implements list, read, write, and search operations restricted to a single sandbox root. Required resources (none) match the described functionality.
Instruction Scope
SKILL.md instructs the agent to operate only on relative paths inside the workspace, and the script enforces that by resolving paths and rejecting anything that canonicalizes outside the SANDBOX_ROOT. The commands do not access environment variables, network endpoints, or other system paths.
Install Mechanism
No install spec; the skill is instruction-only with a bundled shell script. Nothing is downloaded or installed from external sources.
Credentials
The skill declares no environment variables, credentials, or config paths. It operates only on the hardcoded sandbox path and does not request secrets or unrelated access.
Persistence & Privilege
always is false and the skill does not modify other skills or system-wide configuration. It reads and writes only inside the declared sandbox path.
Assessment
This skill appears to do exactly what it says: list, read, write, and search text files inside a sandbox. Before installing, confirm the hardcoded SANDBOX_ROOT (/home/cmart/.openclaw/workspace) is the intended workspace on your agent — if your agent uses a different home or user, the path may not exist or could point to another user's files. The script uses realpath to canonicalize and rejects paths that resolve outside the sandbox, which prevents typical path-traversal escapes; still, review whether you want an agent able to write files under that directory. No credentials or network access are requested.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f302ta3bff3rb1mxpsfv9k982mpng

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments