ClawHub

Stdio Skill

Stdin/stdout file inbox/outbox bridge for passing files to/from Clawdbot using an MCP stdio server. Use when you want a simple filesystem-backed dropbox: accept files into an inbox, move to tmp for processing, and emit deliverables to an outbox (or a specified path).

MIT-0 · Free to use, modify, and redistribute. No attribution required.
1 · 1.4k · 10 current installs · 10 all-time installs
by@SafaTinaztepe
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The code implements a filesystem-backed inbox/tmp/outbox as described. However the SKILL.md and metadata do not declare that this is a Node.js program or that a CLI helper (mcporter) is expected. The package expects to be run with Node (shebang) and SKILL.md shows commands using 'mcporter', so the manifest's 'required binaries: none' is incorrect.
!
Instruction Scope
The runtime instructions and tool methods stay within the stated domain (list/read/write/move/delete within stdio/{inbox,tmp,outbox}). BUT the 'stdio_paths' tool returns the resolved ROOT (repo root) and the absolute box paths, which leaks repository filesystem layout. Also the implementation follows symlinks: if a file in a box is a symlink that points outside the box, read/write/rename operations will follow it, meaning the claim 'operations are restricted to the three directories above' is not strictly enforced against symlink-based escapes.
Install Mechanism
There is no install spec (instruction-only), which is low-risk. However the skill includes an executable Node script and SKILL.md implies use of 'mcporter' — both are runtime requirements that are not declared. Consumers must have Node.js (and likely mcporter) available to run the server.
Credentials
The skill does not request environment variables, secrets, or config paths. The requested permissions are limited to creating/using stdio/{inbox,tmp,outbox} under the repository root.
Persistence & Privilege
always:false and no claims to modify other skills or global agent settings. The server creates and uses only repo-local directories and does not request persistent privileged presence beyond that.
What to consider before installing
This skill largely does what it says — a tiny MCP stdio server that reads/writes files under repo/stdio. Before installing or running it: - Expect to need Node.js (the script is a Node program) and probably the 'mcporter' helper referenced in SKILL.md; the skill metadata didn't declare these. - The stdio_paths tool returns absolute paths including the repository root; that leaks filesystem layout. If you don't want that disclosed, remove or modify that tool. - The implementation does not prevent symlink escapes: a symlink placed inside a box could cause reads/writes to operate on files outside stdio/. If you plan to run this in an environment with untrusted users dropping files, run it in a sandbox / with a dedicated, minimal-permission account, or ensure boxes are on a filesystem that disallows/filters symlinks. - Run the script in an isolated repository or container and review/modify server.js if you need stricter guarantees (e.g., never returning ROOT, lstat checks to forbid symlinks, or using openat-like APIs where available). - If you need a production-grade dropbox, prefer a thoroughly audited implementation; this one is simple and convenient but has the above operational caveats.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97a42h5dg06910qcb4eq4hfa980n9nx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

stdio-skill

Implement and use a local MCP stdio server that provides a simple inbox/outbox workflow backed by directories on disk.

Paths (workspace-relative):

  • stdio/inbox/ — user drops inputs here
  • stdio/tmp/ — scratch area (move/copy inputs here for processing)
  • stdio/outbox/ — put deliverables here for pickup

Start the MCP server (via mcporter)

This repo config should include an MCP server named stdio-skill.

  • List tools:
    • mcporter list stdio-skill --schema --timeout 120000 --json

Tooling model

Prefer:

  1. stdio-skill.stdio_list to see what’s waiting.
  2. stdio-skill.stdio_read (base64) to pull file contents.
  3. stdio-skill.stdio_move to move an item to tmp once you’ve claimed it.
  4. Write outputs with stdio-skill.stdio_write (base64) into outbox unless the user provided an explicit destination path.

No deprecated aliases: use the stdio_* tools only.

Notes

  • This skill is intentionally dumb/simple: it does not interpret file formats.
  • It is safe-by-default: operations are restricted to the three directories above.
  • For large files: prefer passing by path + moving files, not embedding giant base64 blobs in chat.

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…