Dropbox Kb Auto
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: dropbox-kb-auto Version: 1.2.0 The OpenClaw AgentSkills skill bundle 'dropbox-kb-auto' is classified as benign. The skill's purpose is to sync Dropbox files, extract text, and index them into the local OpenClaw knowledge base. All network calls are directed to legitimate Dropbox API endpoints for file metadata and content. File system operations are confined to the OpenClaw workspace and temporary directories. Credentials are handled securely via `~/.openclaw/.env`. The `install.sh` and `setup.sh` scripts perform standard dependency installation and interactive configuration. While `dropbox-sync.py` uses `subprocess.run` for OCR tools (`pdftoppm`, `tesseract`), the arguments are carefully constructed from internal variables, mitigating shell injection risks. The `SKILL.md` instructions are clear and do not contain any prompt injection attempts or instructions for unauthorized actions. There is no evidence of intentional harmful behavior such as data exfiltration, unauthorized persistence, or remote code execution.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If installed and configured, the skill can read Dropbox files within its configured scan scope and continue using the refresh token until it is revoked.
The skill requires a persistent Dropbox refresh token with read access to Dropbox file metadata and content. That access is central to the skill, but it is broad and the registry metadata says there is no primary credential or required environment variable.
Choose **Scoped access** → **Full Dropbox** ... Enable: `files.metadata.read`, `files.content.read` ... `DROPBOX_FULL_REFRESH_TOKEN=your_refresh_token`
Use the narrowest Dropbox app/access model possible, grant read-only permissions only, protect the .env file, and revoke the token if you stop using the skill.
Private Dropbox files may become searchable or reusable by the agent, and more folders than intended could be indexed if the effective configuration is not what the user expects.
The script stores extracted Dropbox content in persistent OpenClaw memory and shows hard-coded scan/skip paths. This conflicts with the documentation's config.json-based scoping, making it unclear whether user-edited scope controls are actually honored.
OUTPUT_DIR = OPENCLAW_HOME / "workspace/memory/knowledge/dropbox" FOLDERS = ["/Documents", "/Work", "/Research"] SKIP_PATHS = ["/Archive", "/Backups", "/Photos"]
Before running, inspect the actual dropbox-sync.py values, start with a narrow test folder, verify generated memory files, and manually remove the memory/progress/cursor files if you want to stop retaining indexed content.
Dropbox indexing can continue on a schedule after installation until the cron job is removed or disabled.
The installer can create a recurring background sync job. It is prompted and purpose-aligned, but it creates ongoing automated activity.
read -p "Create cron job for automatic syncing? [Y/n]: " create_cron ... openclaw cron create ... --message "cd $SCRIPT_DIR && python3 dropbox-sync.py"
Choose no during setup if you only want manual syncing, and review or delete the OpenClaw cron job when no longer needed.
Running setup changes the local system and depends on package repositories at install time.
The setup process installs system and Python dependencies without pinned versions. These installs are expected for OCR and document parsing, but they expand the trusted supply chain.
sudo apt-get update sudo apt-get install -y tesseract-ocr ... poppler-utils python3-pip ... pip3 install --user pypdf openpyxl python-pptx python-docx
Review the installer first, consider a virtual environment, pin package versions where possible, and avoid running privileged package installs unless you trust the sources.