ClawHub

Expiring Local Fileshare

v1.0.2

Lets OpenClaw safely share single files from its local workspace via expiring, tokenized HTTP links (local-network/VPN only). Hours are configurable (default...

0· 731·3 current·3 all-time
byThomas J. Radman@tradmangh
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The files (share-file.js and share.sh), SKILL.md, and METADATA all implement a single-file, tokenized, time-limited HTTP share restricted to private IP ranges and the workspace by default. The required binaries (node, bash, lsof) and declared filesystem/network permissions are coherent with the stated purpose. Minor metadata inconsistency: the top-level registry metadata lists only node as required, while METADATA.json lists node, bash, and lsof.
Instruction Scope
Runtime instructions are narrowly scoped to starting a local HTTP server to serve one file and to stopping it. The server logs the generated link to /tmp/share-<port>.log and share.sh prints a path relative to the workspace (or the full path if the file is outside workspace). The skill supports an explicit override (FILESHARE_ALLOW_ANY_PATH=1) to allow arbitrary paths — this weakens the default guard and should not be set lightly. The server listens on 0.0.0.0 but enforces client IP checks at the application layer; network topology could affect exposure (e.g., certain NATs/VPN setups or IPv6 peers).
Install Mechanism
This is instruction-only with included scripts; there is no remote download or archive extraction. Nothing in the install path writes external binaries or fetches code at runtime, so install risk is low.
Credentials
No credentials are requested. Optional env vars are reasonable (OPENCLAW_WORKSPACE and FILESHARE_ALLOW_ANY_PATH). FILESHARE_ALLOW_ANY_PATH is a powerful override and can enable sharing arbitrary local files; its existence should be treated as a conscious risk/configuration choice. METADATA declares filesystem/network permissions which match the functionality.
Persistence & Privilege
always:false and no background service by default — the skill runs only when invoked and spawns ephemeral servers. It does not modify other skills or system-wide agent settings. The ability to run background node processes is expected for its purpose.
Assessment
This skill appears to do what it says: start a short-lived local HTTP server that serves a single file to devices on the private network using a random token. Before installing/using it: (1) avoid setting FILESHARE_ALLOW_ANY_PATH=1 unless you fully trust the environment — that override allows sharing any file; (2) be aware the server listens on 0.0.0.0 and enforces access by checking client IPs in-app — network topology or VPN setups can affect who can reach the server; (3) the generated link and some metadata are written to /tmp/share-<port>.log and the share script may print absolute paths if the file is outside the workspace — treat those logs as sensitive and remove them after use; (4) use one-time links for sensitive files and keep validity short; (5) if you need stronger guarantees, run the skill in an isolated container or VM and audit network exposure. Overall the skill is coherent with its purpose, but follow the above precautions.

Like a lobster shell, security has layers — review code before you run it.

latestvk971kg2f5n0xw4qb4e3dfdnkg181a9tn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📤 Clawdis
Binsnode

Comments