← Back to Skills Marketplace
246
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install scratch-file-writer
Description
Safely write or append text content to files ONLY in /home/alfred/.openclaw/workspace/scratch. Creates backups before overwriting ({filename}.bak, .bak.1, et...
Usage Guidance
This skill is not clearly malicious, but it has inconsistencies and a small risk of being misused. Before installing or enabling autonomous use: (1) reconcile allowed extensions (SKILL.md lists .txt/.md/.log/.json; references/safety.md also includes .py — decide whether .py is allowed and update docs and code accordingly); (2) update scripts/backup_file.sh so it enforces the same base_dir restriction (reject or canonicalize paths outside /home/alfred/.openclaw/workspace/scratch) and produce backup filenames that match the documented pattern (e.g., file.bak, file.bak.1); (3) ensure any content passed into shell fallbacks is safely escaped or avoided — prefer the agent's native 'write' tool over generating echo/>> shell commands; (4) test edge cases (no extension, many dots, symlinks, absolute path attempts, ../ attempts) to confirm sanitization works end-to-end; (5) if you enable autonomous invocation, limit or monitor the agent's ability to call 'exec' or the backup script until the above fixes are applied. If you want, I can produce a corrected backup script and a stricter path-validation snippet to replace the bundled script.
Capability Analysis
Type: OpenClaw Skill
Name: scratch-file-writer
Version: 1.0.0
The 'scratch-file-writer' skill is a utility designed to manage text files within a restricted workspace directory (/home/alfred/.openclaw/workspace/scratch). It includes robust safety instructions in SKILL.md and references/safety.md, such as path sanitization to prevent directory traversal (rejecting '../' and absolute paths), extension whitelisting, and mandatory user confirmation for overwrites. The bundled script scripts/backup_file.sh performs standard file operations for versioning backups and contains no malicious logic or network activity.
Capability Assessment
Purpose & Capability
The skill claims to be limited to /home/alfred/.openclaw/workspace/scratch and to text files only, which is reasonable. However, the bundled script (scripts/backup_file.sh) and references/safety.md introduce inconsistencies: safety.md allows .py files while SKILL.md's Quick Start list does not, and the bash backup script accepts an arbitrary FULL_PATH and will operate on any path it is given. That means the code included with the skill does not itself enforce the declared directory restriction, creating a plausible path for misuse if the agent or a user passes an absolute or outside-scratch path to the script. These mismatches are disproportionate to the simple 'scratch file writer' purpose.
Instruction Scope
SKILL.md contains clear runtime instructions (sanitize relative paths, confirm overwrites, create backups, limit size, allowed extensions). It sensibly requires confirmations and size limits. Two concerns: (1) fallback instructions suggest constructing shell commands like echo "[content]" > [full_path], which can be unsafe if content is not escaped and could lead to shell interpretation or accidental execution; (2) the included backup script's behavior (cp using the provided FULL_PATH) is not constrained by the same sanitization rules described in the instructions, so if the agent calls it incorrectly it can act outside stated scope.
Install Mechanism
No install spec (instruction-only with a small bundled script). This is low-risk from an installation perspective because nothing is downloaded or written at install time.
Credentials
The skill requests no environment variables, credentials, or special config paths — appropriate for a local file-writing helper. It does rely on agent tools ('read', 'write', 'exec') which are normal for skills that manipulate files; those capabilities should be reviewed in the agent environment but are not disproportionate to the stated purpose.
Persistence & Privilege
always is false and the skill does not request permanent/privileged presence. It does not attempt to modify other skills or system-wide agent settings. Autonomous invocation is allowed by default; this is normal but consider the other flagged issues before enabling autonomous use.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install scratch-file-writer - After installation, invoke the skill by name or use
/scratch-file-writer - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial version for scratch writes
Metadata
Frequently Asked Questions
What is File Writer?
Safely write or append text content to files ONLY in /home/alfred/.openclaw/workspace/scratch. Creates backups before overwriting ({filename}.bak, .bak.1, et... It is an AI Agent Skill for Claude Code / OpenClaw, with 246 downloads so far.
How do I install File Writer?
Run "/install scratch-file-writer" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is File Writer free?
Yes, File Writer is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does File Writer support?
File Writer is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created File Writer?
It is built and maintained by Nagilem (@nagilem); the current version is v1.0.0.
More Skills