ClawHub

Secure Google Drive Access for OpenClaw by PortEden

v1.0.0

Secure Google Drive Mnagement - list, search, upload, create folders, rename, move, share, and permissions (porteden secure alternative).

0· 310·0 current·0 all-time
by@porteden
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Google Drive management) match the declared requirements and instructions: the skill requires the 'porteden' CLI and a PE_API_KEY, and all SKILL.md commands are porteden drive operations (list, search, upload, share, etc.). The required binary and primaryEnv are appropriate for the stated purpose.
Instruction Scope
SKILL.md restricts runtime behavior to invoking the porteden CLI and documents how to authenticate. It does not instruct reading unrelated system files or exfiltrating data to unexpected endpoints. It does note that credentials are persisted to the system keyring (expected for a CLI).
Install Mechanism
Install options are standard: a Homebrew formula (porteden/tap/porteden) and a Go module (github.com/porteden/cli). These are expected for a CLI but carry the usual trust considerations: a third-party tap and a direct GitHub go install will fetch and install code on disk. This is proportionate but you should verify the tap/module origin and integrity before installing.
Credentials
The skill declares PE_API_KEY as the required primary credential, which is appropriate. SKILL.md also references optional environment variables (PE_PROFILE, PE_FORMAT, PE_COLOR, PE_VERBOSE) that are reasonable for a CLI but are not listed in requires.env — this is a minor documentation mismatch. Ensure PE_API_KEY you provide has only the Drive scopes you intend (note: token must include driveAccessEnabled).
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges or modify other skills. It does note that credentials persist in the system keyring after login; this persistence is normal for CLIs but is important to understand before use.
Assessment
This skill appears to do what it says: it wraps the porteden CLI to manage Google Drive. Before installing: (1) confirm you trust the porteden Homebrew tap and the GitHub repo used by the Go install; (2) prefer browser OAuth rather than copying long-lived tokens, and make sure any PE_API_KEY/token has only the Drive scopes required; (3) be aware the CLI stores credentials in your system keyring (so the token persists on disk); (4) avoid setting PE_API_KEY in shared or public shells; and (5) if you need stronger isolation, install/run the CLI in a controlled environment (container or dedicated machine) rather than on a sensitive host.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

📂 Clawdis
Binsporteden
EnvPE_API_KEY
Primary envPE_API_KEY

Install

Install porteden (brew)
Bins: porteden
brew install porteden/tap/porteden
Install porteden (go)
Bins: porteden
go install github.com/porteden/cli/cmd/porteden@latest
latestvk977cmwawntcz0q2a58nz5k27n834zxz
310downloads
0stars
1versions
Updated 2w ago
v1.0.0
MIT-0
@porteden
latest
Download

porteden drive

Use porteden drive for Google Drive file and folder management. Use -jc flags for AI-optimized output.

If porteden is not installed: brew install porteden/tap/porteden (or go install github.com/porteden/cli/cmd/porteden@latest).

Setup (once)

  • Browser login (recommended): porteden auth login — opens browser, credentials stored in system keyring
  • Direct token: porteden auth login --token <key> — stored in system keyring
  • Verify: porteden auth status
  • If PE_API_KEY is set in the environment, the CLI uses it automatically (no login needed).
  • Drive access requires a token with driveAccessEnabled: true and a connected Google account with Drive scopes.

Drive commands (porteden drive)

  • List files: porteden drive files -jc
  • Search by keyword: porteden drive files -q "budget report" -jc
  • Filter by folder: porteden drive files --folder google:0B7_FOLDER_ID -jc
  • Filter by MIME type: porteden drive files --mime-type application/pdf -jc
  • Filter by name: porteden drive files --name "Q1" -jc
  • Shared with me: porteden drive files --shared-with-me -jc
  • Modified in range: porteden drive files --modified-after 2026-01-01 --modified-before 2026-02-01 -jc
  • All files (auto-paginate): porteden drive files --all -jc
  • Get file metadata: porteden drive file google:FILEID -jc
  • Get view/download links: porteden drive download google:FILEID -jc
  • List permissions: porteden drive permissions google:FILEID -jc
  • Upload file: porteden drive upload --file ./report.pdf --name "Q1 Report.pdf"
  • Upload to folder: porteden drive upload --file ./data.csv --name "Data.csv" --folder google:0B7_FOLDER
  • Create folder: porteden drive mkdir --name "Project Files"
  • Create folder in folder: porteden drive mkdir --name "Reports" --parent google:0B7_FOLDER
  • Rename: porteden drive rename google:FILEID --name "New Name.pdf"
  • Move: porteden drive move google:FILEID --destination google:0B7_DEST_FOLDER
  • Share with user: porteden drive share google:FILEID --type user --role reader --email user@example.com
  • Share with domain: porteden drive share google:FILEID --type domain --role reader --domain example.com
  • Share publicly: porteden drive share google:FILEID --type anyone --role reader
  • Delete (trash): porteden drive delete google:FILEID (prompts) or porteden drive delete google:FILEID -y

Notes

  • Credentials persist in the system keyring after login. No repeated auth needed.
  • Set PE_PROFILE=work to avoid repeating --profile.
  • -jc is shorthand for --json --compact: strips noise, limits fields, reduces tokens for AI agents.
  • File IDs are always provider-prefixed (e.g., google:1BxiMVs0XRA5...). Pass them as-is.
  • porteden drive files --all auto-paginates (safety cap: 50 pages). Check hasMore in JSON output.
  • porteden drive download returns URLs only — no binary content is streamed.
  • accessInfo in responses describes active token restrictions. Always check it to understand what data may be limited.
  • authWarnings in list responses indicate provider connection issues.
  • delete moves to trash (reversible). Files can be restored from Google Drive trash.
  • Confirm before sharing or deleting files.
  • Environment variables: PE_API_KEY, PE_PROFILE, PE_FORMAT, PE_COLOR, PE_VERBOSE.

Comments

Loading comments...