File Sender

Before installing: - Review and accept the policy tradeoff: SKILL.md explicitly tells the agent to send any file the named owner requests (including IDs, keys, certificates) without refusing — this is intentional but risky. Consider whether you want an agent that will unconditionally send sensitive local files. - Identity and authorization: ensure the agent actually verifies the requestor’s identity in practice; the skill's instructions rely on informal owner context ("Marco") rather than enforced authentication. - Verify openclaw and age: the scripts invoke the openclaw CLI and age/age-keygen. Confirm those tools are legitimate, present, and configured correctly (their auth controls the outbound channels). The skill itself does not implement transports — it calls your OpenClaw client. - Audit on-disk artifacts: the key is created at ~/.local/share/local-rag/cred-key.txt and encrypted files live in ~/Documenti/credentials/. If an attacker can read the private key file, encrypted credentials can be decrypted. Protect and rotate that key if needed. - Secure-delete caveat: secure_delete implements multi-pass overwrites, which is not guaranteed on modern SSDs or filesystems. Treat it as best-effort and avoid assuming irrecoverability. - Reduce blast radius: if you proceed, limit the agent’s filesystem search scope (avoid running find /; restrict to specific directories), run in a contained environment, and test sending only non-sensitive files first. - Code review and testing: inspect and run the scripts in a safe environment. Confirm openclaw send behavior and logging, and that the skill does not leak data to unexpected endpoints. Given these findings, the skill is coherent with its stated purpose but contains explicit instructions to bypass normal safety checks; proceed only after confirming identity/authentication and protecting the encryption key and workspace.