ClawHub

Tmpfiles Upload

Upload files (images, PDFs, documents) to tmpfiles.org and send download links via messaging platforms. Use when: (1) User asks to send screenshots/files via...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 98 · 0 current installs · 0 all-time installs
by@turbos7
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (temporary file uploads and link sharing) matches the runtime instructions which POST files to tmpfiles.org and return a download link. There are no unrelated credentials, binaries, or install steps requested.
Instruction Scope
Instructions explicitly tell the agent to capture screenshots (macOS /usr/sbin/screencapture) and upload arbitrary files to an external public service. Capturing the screen and uploading user files is within the stated purpose, but it may expose sensitive on-screen content and assumes the agent/environment should be allowed to run a screencapture command. The SKILL.md also shows sending the link via a Feishu message but does not document how Feishu auth is obtained (this is likely handled by the agent platform).
Install Mechanism
This is an instruction-only skill with no install spec (lower risk). It uses python3 and the requests library in examples but does not provide installation steps for requests; the environment may not have requests installed. No external download URLs or archive extraction are used.
Credentials
No environment variables or credentials are requested by the skill, which is proportionate. The main privacy/credential consideration is that files are POSTed to a public third-party service (tmpfiles.org) and links are publicly accessible while active—so do not use for sensitive data.
Persistence & Privilege
The skill does not request persistent presence (always=false) and does not modify other skills or system-wide settings. Autonomous invocation is permitted by platform default but not combined with other concerning privileges.
Assessment
This skill appears to do what it claims: take screenshots or read files, upload them to tmpfiles.org, and share the resulting link. Before installing, consider: (1) Privacy — tmpfiles.org links are public and files expire quickly (~1 hour), so avoid uploading sensitive content. (2) Platform differences — the SKILL.md shows macOS 'screencapture' and Python+requests usage; ensure your agent runtime supports those or provide alternative commands. (3) Dependencies — the examples use the 'requests' Python package but no install instructions are provided. (4) Messaging auth — the example assumes the agent/platform can send Feishu messages; verify that Feishu credentials are managed by the platform and not exposed by this skill. If you need safer behavior, request explicit confirmation before capturing screens and add guidance to avoid uploading sensitive files.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk9703qf41z2b8z7cxhdqq50qrs832kbj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

tmpfiles.org File Upload

Upload files to tmpfiles.org (temporary file hosting) and get a download link.

When to Use

  • Sending screenshots to Feishu when direct upload fails
  • Sharing files temporarily (links expire after ~1 hour)
  • Quick file sharing without authentication

Upload Script

import requests

def upload_to_tmpfiles(file_path):
    """Upload file to tmpfiles.org and return download URL"""
    with open(file_path, 'rb') as f:
        r = requests.post('https://tmpfiles.org/api/v1/upload', files={'file': f})
        data = r.json()
        if data.get('status') == 'success':
            # Replace org/ with org/dl/ for direct download
            return data['data']['url'].replace('org/', 'org/dl/')
        raise Exception(f"Upload failed: {data}")

Usage in OpenClaw

Step 1: Capture screenshot (if needed)

/usr/sbin/screencapture -x ~/Desktop/screenshot.png

Step 2: Upload to tmpfiles.org

python3 -c "
import requests
with open('/path/to/file.png', 'rb') as f:
    r = requests.post('https://tmpfiles.org/api/v1/upload', files={'file': f})
    d = r.json()
    if d.get('status') == 'success':
        print(d['data']['url'].replace('org/', 'org/dl/'))
"

Step 3: Send link via message

{
  "action": "send",
  "channel": "feishu",
  "message": "文件链接:https://tmpfiles.org/dl/xxx",
  "target": "user_id"
}

Notes

  • Links expire after ~1 hour
  • Max file size: ~100MB
  • Files are publicly accessible while active
  • Not suitable for sensitive/permanent storage

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…