← Back to Skills Marketplace
1872
Downloads
2
Stars
18
Active Installs
2
Versions
Install in OpenClaw
/install cloud-storage
Description
Manage files across cloud providers with authentication, cost awareness, and multi-provider operations.
README (SKILL.md)
When to Use
User needs to upload, download, sync, or manage files across cloud storage providers. Agent handles multi-provider operations with cost awareness.
Quick Reference
| Topic | File |
|---|---|
| Provider-specific patterns | providers.md |
| Authentication setup | auth.md |
| Cost calculation | costs.md |
Scope
This skill covers operational cloud storage tasks across providers:
- S3, GCS, Azure Blob, Backblaze B2, Cloudflare R2
- Google Drive, Dropbox, OneDrive, iCloud
For storage architecture decisions, see storage skill.
For S3-specific deep patterns, see s3 skill.
Critical Rules
- Verify operations completed — API 200 ≠ success; check file exists with correct size/checksum
- Calculate ALL costs before large transfers — egress fees often exceed storage costs; check
costs.md - Never delete without backup verification — confirm backup exists AND is restorable before removing source
- Handle partial failures — long operations fail mid-way; implement checkpoints and resume logic
- Rate limits vary wildly — Google 750GB/day upload, Dropbox batch limits, S3 3500 PUT/s per prefix
Authentication Traps
- OAuth tokens expire — refresh before long operations, not during
- Service account ≠ user account — different quotas, permissions, audit trails
- Wrong region/endpoint — S3 bucket in
eu-west-1won't work withs3.amazonaws.com - MFA required — some operations need session tokens, plan for interactive auth
Multi-Provider Gotchas
| Concept | Translates differently |
|---|---|
| Shared folder | Drive "Shared with me" ≠ Dropbox "Team Folders" ≠ OneDrive "SharePoint" |
| File ID | Drive uses IDs; Dropbox uses paths; S3 uses keys |
| Versioning | S3 explicit enable; Drive automatic; Dropbox 180 days |
| Permissions | S3 ACLs + policies; Drive roles; Dropbox link-based |
Before Any Bulk Operation
- Estimated time calculated (size ÷ bandwidth)
- Rate limits checked for both source AND destination
- Cost estimate including egress + API calls
- Checkpoint/resume strategy for failures
- Verification method defined (checksum, count, spot-check)
Usage Guidance
This skill is functionally coherent for multi‑cloud file operations, but exercise caution before providing credentials. Key points: (1) The skill text explicitly uses and suggests storing highly sensitive secrets (AWS keys, GCP JSON, Azure client secrets, OAuth refresh tokens) but the registry entry declares no required envs or provenance—ask the author how credentials are expected to be provided and stored. (2) Prefer using least-privilege service accounts/app-specific keys and short-lived or instance role credentials rather than long-lived root keys. (3) Confirm where refresh tokens or stored credentials would be kept and who/what can access them. (4) Because this is instruction-only (no install), no code will be written by the skill itself, but if you allow the agent to act autonomously it can call provider APIs using any credentials you provide—restrict autonomous invocation if you are uncomfortable. (5) If you need higher assurance, request the skill’s source/homepage or a signed provenance, or run the agent in a restricted environment with only ephemeral credentials and audit logging enabled.
Capability Analysis
Type: OpenClaw Skill
Name: cloud-storage
Version: 1.0.1
The OpenClaw AgentSkills skill bundle for 'cloud-storage' is classified as benign. The `SKILL.md` and supporting documentation (`auth.md`, `costs.md`, `providers.md`) provide comprehensive instructions and best practices for managing cloud storage, including critical security advice regarding authentication, cost awareness, and operational safety. While `auth.md` details how to handle sensitive credentials (e.g., AWS access keys, Google service account keys) via environment variables or CLI commands, it does so in an educational context, explicitly warning about security traps like using root account keys or handling service account keys. There is no evidence of prompt injection, data exfiltration, malicious execution, persistence mechanisms, or obfuscation. The content is entirely aligned with the stated purpose of managing cloud files securely and efficiently.
Capability Assessment
Purpose & Capability
The name/description match the content: auth, cost, and provider patterns for S3, GCS, Azure, Backblaze, R2, Drive/Dropbox/OneDrive are all covered. Including consumer providers (Google Drive, Dropbox, OneDrive) is reasonable. The mention of iCloud correctly notes there is no public file API. Overall capability is coherent with purpose.
Instruction Scope
The runtime instructions (auth.md, providers.md) explicitly reference reading and setting environment variables (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, GOOGLE_APPLICATION_CREDENTIALS, AZURE_CLIENT_SECRET, etc.), local credential files (~/.aws/credentials, /path/to/key.json), CLI logins (gcloud, az, aws implicit metadata), and storing refresh tokens. The skill manifest lists no required env vars or config paths—SKILL.md therefore accesses sensitive credentials/configuration without declaring them. The instructions do not direct data to unexpected external endpoints beyond the cloud providers, but they do instruct behaviors (storing refresh tokens) that affect sensitive data handling and persistence decisions.
Install Mechanism
Instruction-only skill with no install spec and no code files. This lowers risk from arbitrary code downloads or installation artifacts.
Credentials
The credentials and secrets referenced are directly relevant to cloud storage management (AWS keys, GCP service account JSON, Azure service principal, OAuth refresh tokens). That is proportionate to the stated purpose. However: (1) many different credential types are discussed (broad surface area), (2) the skill does not declare or require any environment variables or a primary credential in its registry metadata, and (3) instructions mention storing refresh tokens without describing secure storage—these are sensitive choices the user should control.
Persistence & Privilege
always:false and no install steps mean the skill does not request forced persistence. As an instruction-only skill it will only act when invoked (or when the agent is allowed to call it). There is no evidence it tries to modify other skills or system-wide agent settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install cloud-storage - After installation, invoke the skill by name or use
/cloud-storage - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
Added When to Use section for consistency
v1.0.0
Initial release
Metadata
Frequently Asked Questions
What is Cloud Storage?
Manage files across cloud providers with authentication, cost awareness, and multi-provider operations. It is an AI Agent Skill for Claude Code / OpenClaw, with 1872 downloads so far.
How do I install Cloud Storage?
Run "/install cloud-storage" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Cloud Storage free?
Yes, Cloud Storage is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Cloud Storage support?
Cloud Storage is cross-platform and runs anywhere OpenClaw / Claude Code is available (linux, darwin, win32).
Who created Cloud Storage?
It is built and maintained by Iván (@ivangdavila); the current version is v1.0.1.
More Skills