← Back to Skills Marketplace
74
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install ssh-filemanager
Description
Manage files on remote machines over Tailscale SSH (Tailnet). Use this skill when the user needs to list, read, write, delete, move, copy, search, chmod, pus...
Usage Guidance
This skill appears to do what it says (remote file management over SSH), but check a few things before enabling it: 1) Ensure the runtime has ssh, scp, and python3 available — the registry metadata omits these requirements. 2) Be aware the scripts use StrictHostKeyChecking=accept-new (they will auto-accept new host keys), which eases first-time connections but can increase MITM risk on initial contact. 3) The SKILL.md promises path-sanitization and a fallback when remote Python is missing, but the code only escapes single quotes and does not prevent '..' traversal or implement a fallback — treat user-supplied paths carefully and always confirm destructive operations. 4) Because the agent will execute SSH/SCP commands using whatever SSH identity it has access to, only enable this skill if you trust the agent's environment and the set of reachable Tailnet hosts. If you want higher assurance, run the scripts in a restricted environment or manually review and test them on a non-production node first.
Capability Analysis
Type: OpenClaw Skill
Name: ssh-filemanager
Version: 1.0.0
The skill provides remote file management capabilities over Tailscale SSH but contains significant security vulnerabilities, primarily shell and Python injection risks. In `scripts/ssh_file_manager.py`, the `chmod` action directly interpolates the `--mode` argument into a shell command without any sanitization or escaping, allowing for arbitrary command execution on the remote host. Additionally, the `action_list` and `action_stat` functions are vulnerable to Python code injection because they interpolate the path into a remote Python script using double quotes without escaping double-quote characters. While the tool's stated purpose is legitimate administration, these implementation flaws pose a high risk of exploitation.
Capability Assessment
Purpose & Capability
Name/description match the included scripts: both ssh_file_manager.py and ssh_tunnel.py implement remote file ops over SSH/SCP. However, the registry metadata declares no required binaries, while the skill clearly depends on system 'ssh', 'scp', and 'python3' being present; that omission is an incoherence you should fix/verify before installing.
Instruction Scope
SKILL.md instructs the agent to run the included helper scripts and to enforce safety rules (ask for confirmation on destructive ops, path sanitization, and a fallback when remote Python is missing). The actual scripts do not implement path traversal protection (they only escape single quotes) nor do they implement an explicit 'do not traverse above /' check or an automatic fallback when remote Python is missing. In short: operational safety is documented but not enforced by the code.
Install Mechanism
There is no install spec (instruction-only), which is low-risk. The package nonetheless includes two executable Python scripts that the agent will invoke from disk; ensure the runtime will run these local files and that you trust their contents (we reviewed them here).
Credentials
The skill requests no environment variables or credentials, which is proportional to its stated purpose. It relies on existing SSH auth (keys/agent/authorized access) provided by the environment — expected for an SSH-based tool.
Persistence & Privilege
always is false and the skill is user-invocable. Autonomous invocation is allowed (platform default) but not combined with elevated persistence. Nothing in the package attempts to modify other skills or global agent configuration.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install ssh-filemanager - After installation, invoke the skill by name or use
/ssh-filemanager - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of Tailnet SSH File Manager.
- Enables file management on remote machines over Tailscale SSH (Tailnet) from OpenClaw Gateway to OpenClaw Nodes.
- Supports listing, reading, writing, deleting, moving, copying, searching, permission changes, and file transfers via ssh/scp/sftp.
- Automatically switches to scp for files larger than 3KB or binary data, addressing OpenClaw invoke payload limits.
- Includes safety checks: always confirm destructive actions, enforce path sanitization, and provide connection diagnostics.
- Handles common edge cases such as offline hosts, permission errors, and missing dependencies.
Metadata
Frequently Asked Questions
What is ssh_file_manager?
Manage files on remote machines over Tailscale SSH (Tailnet). Use this skill when the user needs to list, read, write, delete, move, copy, search, chmod, pus... It is an AI Agent Skill for Claude Code / OpenClaw, with 74 downloads so far.
How do I install ssh_file_manager?
Run "/install ssh-filemanager" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is ssh_file_manager free?
Yes, ssh_file_manager is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does ssh_file_manager support?
ssh_file_manager is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created ssh_file_manager?
It is built and maintained by XEON0v0 (@xeon0v0); the current version is v1.0.0.
More Skills