AIFS - HTTP File system

Store and retrieve files via AIFS.space cloud storage API. Use when persisting notes, documents, or data to the cloud; syncing files across sessions; or when the user mentions AIFS, aifs.space, or cloud file storage. Not to be used for any sensitive content.

MIT-0 · Free to use, modify, and redistribute. No attribution required.

⭐ 2 · 2.8k · 0 current installs · 2 all-time installs

by@Deploydon

MIT-0

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

The SKILL.md describes a simple HTTP file-storage integration with AIFS.space which is coherent with the skill name and description. However the manifest declares no required environment variables or primary credential while the instructions explicitly require AIFS_API_KEY — a metadata mismatch.

ℹ

Instruction Scope

Runtime instructions are limited to calls to https://aifs.space and curl examples for list/read/write/patch/delete; they do not request unrelated system files or unrelated credentials. Caution: examples embed user content into shell commands (curl -d with interpolated variables) — if the agent constructs these commands by string-concatenation, this can enable command injection or accidental exposure of other env vars. Also the SKILL.md suggests checking 'user config' but gives no path/format, giving the agent ambiguous discretion.

✓

Install Mechanism

Instruction-only skill with no install spec and no code files — lowest install risk (nothing written to disk by an installer).

Credentials

The instructions require an API key (AIFS_API_KEY) but the registry metadata lists no required env vars or primary credential. This mismatch is concerning because the skill will need a secret to function but the skill declaration doesn't request it explicitly; additionally the skill origin is unknown (no homepage) which reduces trust. No other unrelated secrets are requested.

✓

Persistence & Privilege

always:false and no config paths requested. The skill does not request permanent platform-wide presence or modify other skills' configuration; autonomous invocation is allowed but is the platform default.

What to consider before installing

This skill appears to be what it claims (AIFS.space file storage) but metadata is incomplete and the source is unknown. Before installing: (1) confirm the skill's author or a trustworthy homepage/repo; (2) ensure you will provide a least-privilege AIFS API key (avoid admin keys; prefer write-only or read-write as appropriate); (3) do not store any sensitive data (author already warns against it); (4) ensure the agent/skill implementation sends HTTP requests via a proper HTTP client or safely-escaped parameters rather than building shell commands with raw user content (to avoid command injection and accidental exposure of other env vars); (5) ask the publisher to update the manifest to declare AIFS_API_KEY (or require user-provided key at install time) so the skill's metadata matches its runtime needs. If you cannot verify the publisher or confirm safe handling of the API key, do not install or only use with a tightly-scoped test key.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0

Download zip

latestvk97evf7k2g5qx9m1e6tmaf3ybd808709

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

AIFS - AI File System

AIFS.space is a simple HTTP REST API for cloud file storage. Use it to persist files across sessions, share data between agents, or store user content in the cloud.

Human

A human should sign up on https://AIFS.Space and get an API key to provide to you.

Authentication

Requires API key in headers. Check for key in environment (AIFS_API_KEY) or user config.

Authorization: Bearer aifs_xxxxx

Key types: admin (full), read-write, read-only, write-only

Base URL

https://aifs.space

Endpoints

List Files

curl -H "Authorization: Bearer $AIFS_API_KEY" https://aifs.space/api/files

Returns: {"files": [{"path": "notes/todo.txt", "size": 1024, "modifiedAt": "..."}]}

Read File

# Full file
curl -H "Authorization: Bearer $AIFS_API_KEY" "https://aifs.space/api/read?path=notes/todo.txt"

# Line range (1-indexed)
curl -H "Authorization: Bearer $AIFS_API_KEY" "https://aifs.space/api/read?path=notes/todo.txt&start_line=5&end_line=10"

Returns: {"path": "...", "content": "...", "total_lines": 42, "returned_lines": 10}

Write File

Creates directories automatically (max depth: 20).

curl -X POST -H "Authorization: Bearer $AIFS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"path":"notes/new.txt","content":"Hello world"}' \
  https://aifs.space/api/write

Returns: {"success": true, "path": "...", "size": 11, "lines": 1}

Patch File (Line Replace)

Update specific lines without rewriting entire file.

curl -X PATCH -H "Authorization: Bearer $AIFS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"path":"notes/todo.txt","start_line":5,"end_line":10,"content":"replacement"}' \
  https://aifs.space/api/patch

Returns: {"success": true, "lines_before": 42, "lines_after": 38}

Delete File

curl -X DELETE -H "Authorization: Bearer $AIFS_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"path":"notes/old.txt"}' \
  https://aifs.space/api/delete

Summary (Preview)

Get first 500 chars of a file.

curl -H "Authorization: Bearer $AIFS_API_KEY" "https://aifs.space/api/summary?path=notes/long.txt"

Rate Limits

60 requests/minute per key. Check headers:

X-RateLimit-Limit / X-RateLimit-Remaining / X-RateLimit-Reset

Error Codes

Code	Meaning
AUTH_REQUIRED	No auth provided
AUTH_FAILED	Invalid key
FORBIDDEN	Key type lacks permission
RATE_LIMITED	Too many requests
NOT_FOUND	File doesn't exist
INVALID_PATH	Path traversal or invalid
DEPTH_EXCEEDED	Directory depth > 20

Common Patterns

Persist session notes

# Save
curl -X POST -H "Authorization: Bearer $KEY" -H "Content-Type: application/json" \
  -d "{\"path\":\"sessions/$(date +%Y-%m-%d).md\",\"content\":\"# Session Notes\\n...\"}" \
  https://aifs.space/api/write

# Retrieve
curl -H "Authorization: Bearer $KEY" "https://aifs.space/api/read?path=sessions/2024-01-15.md"

Organize by project

projects/
├── alpha/
│   ├── README.md
│   └── notes.md
└── beta/
    └── spec.md

Append to log (read + write)

# Read existing
EXISTING=$(curl -s -H "Authorization: Bearer $KEY" "https://aifs.space/api/read?path=log.txt" | jq -r .content)

# Append and write back
curl -X POST -H "Authorization: Bearer $KEY" -H "Content-Type: application/json" \
  -d "{\"path\":\"log.txt\",\"content\":\"$EXISTING\\n$(date): New entry\"}" \
  https://aifs.space/api/write

Files

1 total

Select a file

Select a file to preview.

Comments

Loading comments…