ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

file-sender

v1.0.0

File Sender — Packages workspace files and delivers them to the user with a description. Use when: - You've generated deliverable files (code projects, image...

0· 17·0 current·0 all-time
by@whyhit2005
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The script's behavior (ZIP workspace files under /home/node/workspace, persist to .file-outbox, POST lightweight metadata to a Manager endpoint) is coherent with the 'file-sender' description. However, the registry metadata at the top reports 'Required env vars: none' while both SKILL.md metadata and the script require OPENCLAW_INSTANCE_NAME, OPENCLAW_MANAGER_URL, and OPENCLAW_FILE_PUSH_TOKEN — this mismatch is unexpected.
Instruction Scope
SKILL.md and the included send-files.sh keep scope to packaging files under /home/node/workspace, block .file-outbox, and only send a metadata POST (not file contents). The script enforces path checks, a 500MB ZIP limit, and persists files locally prior to notifying the Manager.
Install Mechanism
Instruction-only skill with a single shell script and no install spec; it requires standard binaries (curl, zip) which matches the declared requirements in SKILL.md. No external downloads or archive extraction are present.
!
Credentials
The script requires an instance-specific token (OPENCLAW_FILE_PUSH_TOKEN) and a Manager URL (OPENCLAW_MANAGER_URL) to notify the Manager and allow the Manager to pull the file. Those environment variables are appropriate for the task, but the registry-level metadata claims there are no required env vars and lists no primary credential — this inconsistency is concerning. Verify the provenance and scope of OPENCLAW_FILE_PUSH_TOKEN (it should be instance-scoped and not a global Agent key).
Persistence & Privilege
The skill does not request persistent/always-on privileges, does not modify other skills or system-wide settings, and only writes files to its own .file-outbox under the workspace. 'always' is false and autonomous invocation defaults are unchanged.
What to consider before installing
This skill's behavior (zipping workspace files and notifying a Manager) looks consistent and not overtly malicious, but the package metadata is inconsistent: the registry says 'no required env vars' while the script and SKILL.md require OPENCLAW_INSTANCE_NAME, OPENCLAW_MANAGER_URL, and OPENCLAW_FILE_PUSH_TOKEN. Before installing, ask the publisher or registry maintainer to correct the metadata. Confirm that OPENCLAW_FILE_PUSH_TOKEN is indeed instance-scoped (not a global agent key) and understand how the Manager will 'pull' files from the agent (ensure that mechanism is trusted). Also review your workspace contents to avoid accidentally packaging sensitive files, and test the script in a safe/non-production environment first.

Like a lobster shell, security has layers — review code before you run it.

latestvk9796f9m6zrwf4w04zp6mnj6ps842kkg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binscurl, zip

SKILL.md

File Sender

Packages workspace files into a ZIP, generates a companion description file, and notifies the Manager to deliver them to the user. Files are persisted locally to .file-outbox/ first — even if notification fails, the files are safe.

All required environment variables are injected automatically by the Manager at instance creation. No manual configuration needed.

Core Workflow

Step 1: Compose a Description

Before running the script, write a concise description of what you generated. This description will be saved as a .txt file alongside the ZIP in .file-outbox/, serving as a human-readable summary for the user.

The description should include:

  • What files/project were generated
  • The main purpose of the files
  • How to use them (brief instructions)

Good example:

Snake game project (snake_game)
Contains: index.html, style.css, game.js
Usage: Open index.html in a browser to play the game

Bad example:

files

Step 2: Package and Send

Pass the source path and the description text to the script:

bash scripts/send-files.sh \
  "/home/node/workspace/snake_game" \
  "Snake game project with index.html, style.css, game.js. Open index.html in browser to play."

The script will:

  1. Validate the path — Only allows files under /home/node/workspace/, blocks symlink traversal
  2. Create a ZIP — Single file zip, directory zip -r, 500MB limit
  3. Write description — Saves the description text as {file_id}.txt in .file-outbox/
  4. Persist locally — Both ZIP and TXT are stored in .file-outbox/ (safe on disk)
  5. Notify Manager — Sends a lightweight POST with metadata only (no file body)
  6. Manager pulls — Manager's background task pulls the ZIP from the Agent and forwards it

Core design: After step 4, files are safely on disk. Steps 5-6 failing does NOT lose the files. The Manager retries automatically — the user will always receive the files eventually.

Step 3: Confirm the Result

The script outputs the result. Even if notification fails, the files are safely persisted locally. The system will retry delivery automatically.

Quick Examples

# Send a single file
bash scripts/send-files.sh \
  "/home/node/workspace/report.pdf" \
  "Monthly sales report for March 2026, includes charts and summary tables."

# Send an entire directory (auto-recursive ZIP)
bash scripts/send-files.sh \
  "/home/node/workspace/my_project" \
  "Complete Python project with requirements.txt and README.md. Run: pip install -r requirements.txt && python main.py"

Sending Multiple Non-Adjacent Files

Collect them into a temporary directory first:

mkdir -p /tmp/delivery
cp /home/node/workspace/report.pdf /tmp/delivery/
cp /home/node/workspace/data.csv /tmp/delivery/
bash scripts/send-files.sh "/tmp/delivery" "Analysis report + raw data CSV"

What Gets Saved in .file-outbox/

For each delivery, two files are created:

.file-outbox/
├── 20260401120000_a1b2c3d4.zip   # The packaged files
└── 20260401120000_a1b2c3d4.txt   # The description text (human-readable)

The .txt file contains the exact description you provided, serving as a persistent record of what was sent and why.

When to Trigger

ScenarioTrigger?
Created a complete project/application✅ Yes
Generated documents/reports/data files✅ Yes
User asks to "send files"✅ Yes
Only explaining code / answering questions❌ No
Modifying system config files❌ No
Tiny single-line changes❌ No

Output Examples

Success:

📦 Packaging files...
   File ID: 20260401120000_a1b2c3d4 | Size: 156KB
📤 Notifying Manager...
✅ Notification sent! Files will be delivered to the user automatically.

Notification failure (files still safe):

⚠️  Cannot connect to Manager. Files are safely stored locally.
   The system will retry automatically — the user will receive the files.

Limits

LimitValue
Max file size500MB (after ZIP)
Source path scope/home/node/workspace/ only
Cannot send.file-outbox/ directory itself

Environment Requirements

  • OPENCLAW_INSTANCE_NAME — Instance name (auto-injected by Manager)
  • OPENCLAW_MANAGER_URL — File Push service URL (auto-injected by Manager)
  • OPENCLAW_FILE_PUSH_TOKEN — Instance-specific push token (auto-injected by Manager)
  • curl and zip commands must be available in PATH

Files

3 total
Select a file
Select a file to preview.

Comments

Loading comments…