📦 File Upload to Local Workspace — 本地文件上传
v3.0.1通过网页把文件一键上传到本地工作区,智能鉴权、安全落盘,中文文件名友好,方便后续 AI 分析与管理。
0· 340·1 当前·1 累计
by @chengwang86下载技能包
最后更新
2026/4/22
安全扫描
OpenClaw
可疑
medium confidenceThe skill mostly aligns with a local file-upload purpose but includes capabilities and defaults (systemd install, reading gateway config, skill-pack zipping, permissive network/CORS defaults) that could expose local secrets or other workspace files if installed with default settings — review networking, auth, and the systemd/service installation before using.
评估建议
Key points to consider before installing:
- Networking exposure: The Node server binds by default without an explicit loopback bind and sets Access-Control-Allow-Origin: *. If the host has an exposed IP or is on a shared network, the upload UI and APIs could be reachable from other machines. Restrict binding to 127.0.0.1, add firewall rules, or run inside a container if you intend local-only use.
- Authentication: The installer and server read your OpenClaw config (~/.openclaw/openclaw.json) t...详细分析 ▾
⚠ 用途与能力
Name/description = local web upload for AI analysis. The code and installer match that purpose (serve upload page, store files, authenticate). However the server also enumerates the workspace/skills directory and can package (zip) skill directories for download — a capability not highlighted in the skill description. That allows the service to read and serve other installed skills' files. Also the server binds to the default node listener (no explicit loopback) and uses permissive CORS, which can expose the service to networks by default despite docs claiming 'not automatically exposed to the public'. These extras go beyond a minimal local upload helper and increase exposure.
ℹ 指令范围
SKILL.md explicitly instructs reading the OpenClaw config (~/.openclaw/openclaw.json) and tells the agent and user how to retrieve the gateway token/password (cat/grep). That is consistent with needing to validate/upload requests, but it means the skill (and install script) will access a sensitive local config file. The AI reply templates correctly tell the assistant not to disclose tokens, but the instructions also show commands that, when executed by a user or agent, will reveal secret values — so users should avoid pasting tokens into external chat and restrict who runs the install.
ℹ 安装机制
No external downloads or obscure URLs — the bundle is self-contained. The install.sh copies files into the user's workspace and (if /etc/systemd/system exists and the script runs with permission) creates a system-wide systemd service enabling and starting the server (Restart=always). Creating a systemd unit and starting it requires elevated privileges and gives the skill persistent presence. That is reasonable for a long-running service but is impactful and should be reviewed pre-install.
ℹ 凭证需求
The registry metadata lists no required env vars or credentials, but SKILL.md and install.sh use optional envs (UPLOAD_PORT, WORKSPACE) and the installer reads gateway token/password from ~/.openclaw/openclaw.json. Reading the gateway auth value is justified for validating uploads, but the installer also attempts to extract token/password and places it into the systemd Environment (GATEWAY_AUTH_VALUE). The server code, however, reads the token from the config file at runtime (minor inconsistency). Overall the requested access (local config file and workspace write) is proportionate to the stated function, but it's sensitive (it touches auth tokens and other skills' directories).
ℹ 持久化与权限
The installer will create/enable a systemd service (openclaw-upload.service) and start it with Restart=always, giving the skill persistent execution across reboots. always:false is set in the skill metadata, so it's not force-included globally, but the systemd install means the skill will persist on the host once installed. This is understandable for a server but increases blast radius and requires administrative review.
⚠ src/upload-server.js:200
Shell command execution detected (child_process).
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv3.0.12026/3/10
### v3.0.1 - Updated `clawhub.json` configuration. - Made changes to `src/upload-server.js`. - No user-facing features documented; minor internal adjustments/maintenance.
● 可疑
安装命令
点击复制官方npx clawhub@latest install file-upload-to-local-workspace
镜像加速npx clawhub@latest install file-upload-to-local-workspace --registry https://cn.longxiaskill.com