← Back to Skills Marketplace
erayai

Ftp Client Php

by erayai · GitHub ↗ · v0.1.0 · MIT-0
cross-platform ⚠ suspicious
278
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install ftp-client-php
Description
FTP/FTPS file manager via PHP proxy. Supports list, upload, download, delete, move, copy, mkdir, read, write. Works behind NAT/firewalls (e.g. HuggingFace) b...
README (SKILL.md)

FTP Client (PHP Proxy)

Full-featured FTP/FTPS client skill for OpenClaw. Routes all FTP operations through an HTTP PHP proxy server, so it works even when direct FTP connections are blocked (e.g. HuggingFace Spaces, serverless environments). Click to deploy ftp-php-proxy.

Architecture

OpenClaw ──HTTP──▶ PHP Proxy Server (api.php) ──FTP──▶ FTP Server

Environment Variable

Set FTP_PHP_CONFIG in the OpenClaw skill management panel. JSON format:

{"ftp_php_domain":"https://your-server.com/api.php","ftp_php_apikey":"","ftp_client_host":"ftp.example.com","ftp_client_port":"21","ftp_client_username":"user","ftp_client_password":"pass","ftp_client_connect_mode":"passive","ftp_client_protocol":"ftps","ftp_client_encrypt_mode":"explicit"}

Field definitions:

  • ftp_php_domain (required): Full URL of the PHP proxy api.php endpoint
  • ftp_php_apikey (optional): API key for the PHP proxy, empty string = no auth
  • ftp_client_host (required): FTP server hostname
  • ftp_client_port (optional): FTP server port, default 21
  • ftp_client_username (required): FTP login username
  • ftp_client_password (required): FTP login password
  • ftp_client_connect_mode (optional): active or passive, default passive
  • ftp_client_protocol (optional): ftp or ftps, default ftp
  • ftp_client_encrypt_mode (optional): explicit or implicit, only meaningful when protocol is ftps

Example (alwaysdata FTPS):

{"ftp_php_domain":"https://your-server.com/api.php","ftp_php_apikey":"","ftp_client_host":"ftp.example.com","ftp_client_port":"21","ftp_client_username":"user","ftp_client_password":"pass","ftp_client_connect_mode":"passive","ftp_client_protocol":"ftps","ftp_client_encrypt_mode":"explicit"}

List directory

node {baseDir}/scripts/list.mjs
node {baseDir}/scripts/list.mjs "/remote/path"
node {baseDir}/scripts/list.mjs "/" --detailed

Options:

  • --detailed or -l: Show detailed file info (size, date, permissions, type)

Download file

node {baseDir}/scripts/download.mjs "/remote/file.txt"
node {baseDir}/scripts/download.mjs "/remote/file.txt" --out "/local/save/path.txt"

Options:

  • --out \x3Cpath> or -o \x3Cpath>: Local save path (default: system temp directory)

Upload file

node {baseDir}/scripts/upload.mjs "/local/file.txt" --to "/remote/path/file.txt"

Options:

  • --to \x3Cpath> or -t \x3Cpath>: Remote destination path (required)

Write text content to remote file

node {baseDir}/scripts/write.mjs "/remote/file.txt" "file content here"
node {baseDir}/scripts/write.mjs "/remote/file.txt" --stdin \x3C local_file.txt

Read file content

node {baseDir}/scripts/read.mjs "/remote/file.txt"

Delete file or directory

node {baseDir}/scripts/delete.mjs "/remote/file.txt"
node {baseDir}/scripts/delete.mjs "/remote/dir" --dir

Options:

  • --dir or -d: Remove directory recursively

Move / Rename

node {baseDir}/scripts/move.mjs "/remote/old.txt" "/remote/new.txt"

Copy file

node {baseDir}/scripts/copy.mjs "/remote/source.txt" "/remote/dest.txt"

Create directory

node {baseDir}/scripts/mkdir.mjs "/remote/new-dir"

File info

node {baseDir}/scripts/info.mjs "/remote/file.txt"

Notes

  • All FTP operations are proxied through your PHP server via HTTP.
  • Upload works by sending file as base64 to the PHP proxy.
  • Download retrieves base64 content from the PHP proxy and saves locally.
  • Large files are supported but limited by PHP server's upload_max_filesize and memory_limit.
  • Set FTP_PHP_CONFIG env var as a single-line JSON string.
Usage Guidance
This skill appears to do what it says: it runs Node scripts that call a PHP proxy you specify and will send your FTP username/password and file contents to that proxy. Before installing: (1) only use a php proxy URL you control or fully trust — do not point to a third-party endpoint you don't administer, (2) if possible set and require ftp_php_apikey and host controls on the proxy, (3) host the PHP proxy on HTTPS with a valid certificate (the client currently allows self-signed certs by default), (4) review the PHP proxy server code (the project links to a proxy repo) so you know how it stores/uses credentials and files, (5) avoid putting long-lived secrets into shared agent environments and consider rotating credentials after use, and (6) be aware uploads read arbitrary local paths and downloads write to local disk — run with least privilege and avoid using it from multi-tenant or untrusted runtimes.
Capability Analysis
Type: OpenClaw Skill Name: ftp-client-php Version: 0.1.0 The skill implements an FTP client that routes all operations and credentials through a remote PHP proxy. While it functions as described, it contains a significant security vulnerability in `scripts/ftp-api.mjs` by setting `rejectUnauthorized: false` for all HTTP/HTTPS requests, which disables SSL certificate validation and exposes sensitive FTP credentials to Man-in-the-Middle (MITM) attacks. The architecture inherently requires users to transmit full FTP credentials to a remote HTTP endpoint, which is a high-risk pattern even if not explicitly malicious.
Capability Assessment
Purpose & Capability
Name/description, required binary (node), and the single required env var (FTP_PHP_CONFIG) are consistent with a Node-based FTP client that proxies operations through a PHP HTTP endpoint. The env JSON fields (ftp_php_domain, ftp_client_host, ftp_client_username/password, etc.) are exactly what this proxy-based design needs.
Instruction Scope
Runtime instructions and included scripts stay within the described scope (list, upload, download, read, write, delete, move, copy, mkdir). However, the runtime will: (1) read local files for uploads and --stdin content, (2) write downloaded files to local disk, and (3) transmit FTP credentials and file contents to the configured ftp_php_domain. The client also sets HTTPS option rejectUnauthorized: false (accepts self-signed certs), which reduces TLS protections if used with untrusted endpoints.
Install Mechanism
There is no packaged install step; code files are included and require only Node to run. No external downloads or installers are invoked. This is low-risk from an install mechanism standpoint (nothing fetched/executed from arbitrary URLs).
Credentials
Only one environment variable is required (FTP_PHP_CONFIG) and it contains the FTP server credentials, proxy URL, and optional API key — which are necessary for the skill to operate. That is proportionate, but it means sensitive credentials and file contents will be stored in the skill environment and sent to the configured PHP proxy, so you must trust the proxy endpoint/operator.
Persistence & Privilege
The skill is not forced-always, does not request elevated platform privileges, and does not alter other skills or global agent config. Autonomous invocation is allowed (platform default) but not combined with any suspicious persistent privileges.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install ftp-client-php
  3. After installation, invoke the skill by name or use /ftp-client-php
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial release of ftp-client-php – an FTP/FTPS manager via a PHP HTTP proxy. - List, upload, download, delete, move, copy, mkdir, read, and write files and directories on remote FTP/FTPS servers. - Operates behind NAT/firewalls by routing all operations through a PHP proxy. - Supports both FTP and FTPS (explicit/implicit) connections and passive/active modes. - Easy CLI commands for all major file operations. - Requires FTP connection info in a JSON environment variable (`FTP_PHP_CONFIG`). - Works where direct FTP is blocked (e.g. HuggingFace, serverless).
Metadata
Slug ftp-client-php
Version 0.1.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Ftp Client Php?

FTP/FTPS file manager via PHP proxy. Supports list, upload, download, delete, move, copy, mkdir, read, write. Works behind NAT/firewalls (e.g. HuggingFace) b... It is an AI Agent Skill for Claude Code / OpenClaw, with 278 downloads so far.

How do I install Ftp Client Php?

Run "/install ftp-client-php" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Ftp Client Php free?

Yes, Ftp Client Php is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Ftp Client Php support?

Ftp Client Php is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Ftp Client Php?

It is built and maintained by erayai (@erayai); the current version is v0.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments