← Back to Skills Marketplace
houssameddinemaatallah

File Manager Secure

by houssam-eddine · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
149
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install file-manager-secure
Description
Perform safe file operations with path validation, dry-run previews, recoverable trash deletes, batch confirmations, and audit logging to prevent data loss.
README (SKILL.md)

File Manager Secure

name: file-manager-secure description: Safe file operations with validation, dry-run mode, and trash recovery. Alternative to dangerous rm/mv/cp commands.

File Manager Secure

Overview

Secure file management with data loss prevention:

  • Dry-run mode — Preview all operations before execution
  • Trash/recycle — Recoverable deletion instead of permanent rm
  • Path validation — Prevent traversal attacks and forbidden paths
  • Batch confirmation — Review file list before bulk operations
  • Operation logging — Complete audit trail

Security Model

Layer 1: Path Sanitization

def validate_path(path: str) -> Path:
    # Resolve to absolute
    full_path = Path(path).resolve()
    
    # Check forbidden patterns
    FORBIDDEN_PATTERNS = [
        r"\.\.",           # Parent directory traversal
        r"~/.ssh",
        r"~/.gnupg",
        r"~/.aws",
        r"~/.docker",
        r"~/.kube",
        r"\.env",
        r"secret",
        r"token",
        r"credential",
        r"/etc/passwd",
        r"/etc/shadow",
        r"C:\\Windows\\System32",
        r"REGISTRY\\",
    ]
    
    # Must be within workspace or explicit allowlist
    WORKSPACE = Path.home() / ".openclaw" / "workspace"
    ALLOWED_DIRS = [WORKSPACE, Path.home() / "Downloads", Path.home() / "Documents"]
    
    for allowed in ALLOWED_DIRS:
        try:
            full_path.relative_to(allowed)
            return full_path
        except ValueError:
            continue
    
    raise PermissionError(f"Path {path} is outside allowed directories")

Layer 2: Operation Dry-Run

@dataclass
class FileOperation:
    op: str  # 'copy', 'move', 'delete', 'rename'
    source: Path
    dest: Optional[Path]
    size: int
    confirm_required: bool

# All operations return preview first
operations = plan_operations(files, action='delete')
show_preview(operations)  # User reviews
execute_with_confirmation(operations)  # Only after OK

Layer 3: Trash Recovery

TRASH_DIR = WORKSPACE / ".trash"

def safe_delete(path: Path):
    # Move to trash with metadata
    trash_entry = TRASH_DIR / f"{timestamp}_{path.name}"
    metadata = {
        "original_path": str(path),
        "deleted_at": timestamp,
        "size": path.stat().st_size,
    }
    shutil.move(path, trash_entry)
    save_metadata(trash_entry, metadata)
    # Auto-cleanup after 30 days

Layer 4: Bulk Protection

MAX_BULK_OPERATIONS = 50  # Require confirmation above this
MAX_TOTAL_SIZE = 100 * 1024 * 1024  # 100MB limit

# For large operations, require explicit --force flag

Capabilities

1. List Directory

# Safe ls with filters
file-secure list /path/to/dir --type *.csv --sort size --reverse

2. Search Files

# Content and name search
file-secure search "pattern" --in=/path --type=md --content  # Search in content
file-secure search "dataset*" --in=/path --type=csv            # Search by name

3. Copy Files (Dry-run first)

file-secure copy source.csv backup/          # Preview mode
file-secure copy source.csv backup/ --exec   # Execute after preview
file-secure copy *.csv backup/ --exec       # Bulk with confirmation

4. Move Files (Dry-run first)

file-secure move old/ processed/ --exec
file-secure move *.tmp trash/ --exec        # Safe to trash, recoverable

5. Delete Files → Trash (Recoverable)

file-secure delete old.csv                   # Move to trash
file-secure delete *.log --older-than=30d    # Delete old files
file-secure restore old.csv                  # Restore from trash
file-secure empty-trash                      # Permanent delete (with warning)

6. Analyze Directory

file-secure analyze datasets/               # Size by type, largest files
file-secure analyze datasets/ --duplicates  # Find duplicates

7. Backup/Restore

file-secure backup important.csv
file-secure restore important.csv.bak

Workflow

Safe Delete Process

  1. Scan — Find matching files
  2. Preview — Show list with sizes and total
  3. Confirm — User reviews and approves
  4. Trash — Move to recoverable trash
  5. Log — Record operation
  6. Verify — Confirm files moved

Safe Copy/Move Process

  1. Dry-run — Show source → dest mapping
  2. Conflict check — Detect overwrites
  3. Confirm — User approves
  4. Execute — Perform operations
  5. Verify — Check results

Resources

scripts/

  • file_manager.py — Main operations with safety layers
  • path_validator.py — Path sanitization
  • trash_manager.py — Trash operations and recovery
  • operation_planner.py — Dry-run and batch planning

references/

  • security_model.md — Complete security architecture
  • recovery_guide.md — How to restore deleted files
Usage Guidance
Before installing, verify these points: 1) The package lists additional modules and reference docs in SKILL.md but only ships scripts/file_manager.py — ask the publisher for the missing files or an explanation (single-file consolidation). 2) Confirm how the CLI is exposed: SKILL.md shows a file-secure command but there is no wrapper/entrypoint in the manifest; you may need to run the Python script directly. 3) Check the default WORKSPACE path and whether OPENCLAW_WORKSPACE is set in your environment — do NOT set OPENCLAW_WORKSPACE to a system or home directory containing sensitive data unless you trust the code. 4) Test the skill in a sandboxed environment (or with a temporary, isolated workspace) to confirm behavior, especially search (it reads file contents up to 1MB) and restore/empty-trash functionality. 5) If you rely on the Downloads/Documents behavior shown in SKILL.md, request clarification or updated code — currently the code restricts operations to the workspace only. 6) If you need higher assurance, have someone with code-review skills inspect the full file_manager.py implementation (and request the missing referenced modules) to ensure there is no hidden I/O or external communication.
Capability Analysis
Type: OpenClaw Skill Name: file-manager-secure Version: 1.0.0 The skill bundle provides a secure file management interface with robust path validation, workspace restriction, and a trash-based deletion system. It explicitly blocks access to sensitive directories (e.g., .ssh, .aws) and files containing secrets or credentials via the `validate_path` function in `scripts/file_manager.py`. The implementation strictly adheres to the security model described in `SKILL.md` and lacks any indicators of malicious intent or data exfiltration.
Capability Assessment
Purpose & Capability
Name and description (safe file operations with dry-run, trash, path validation) align with the code in scripts/file_manager.py, which implements validation, dry-run planning, trash, logging, and search. However, SKILL.md lists additional helper modules (path_validator.py, trash_manager.py, operation_planner.py) and resources that are not present in the package — the implementation is a single monolithic script. Also SKILL.md advertises allowed dirs (Downloads, Documents) but the shipped code's ALLOWED_DIRS is limited to the workspace only. These mismatches are unexplained and reduce confidence that the package is complete and consistent.
Instruction Scope
SKILL.md provides CLI-style usage examples (file-secure ...) but no CLI wrapper or entrypoint is present in the manifest; only a Python script is bundled. The SKILL.md describes working in Downloads/Documents, yet the code enforces only a workspace directory. The code will read file contents (up to 1MB) when performing content search and will log operations to a log file under the workspace. There are no instructions or code that transmit data externally, but the mismatch between SKILL.md and shipped code means the runtime behavior an agent will follow may differ from documentation; the agent may not have the CLI described without additional code.
Install Mechanism
There is no install spec and no external downloads; the code is bundled with the skill. This is the lowest-risk install mechanism (nothing fetched from arbitrary URLs).
Credentials
The skill declares no required environment variables or credentials. The code does, however, honor an optional OPENCLAW_WORKSPACE env var to set WORKSPACE (defaulting to ~/.openclaw/workspace). That env var is not documented in requires.env. If an operator or environment sets OPENCLAW_WORKSPACE to a sensitive location, the skill's allowed-directory checks and operations would apply relative to that location — so the env var is a powerful knob. No other credentials or unrelated envs are requested.
Persistence & Privilege
The skill is not forced-always; model invocation is allowed (default). It writes logs, trash, and backups inside its own WORKSPACE paths only. It does not request system-wide configuration changes or other skills' secrets.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install file-manager-secure
  3. After installation, invoke the skill by name or use /file-manager-secure
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial release of file-manager-secure: a safe file management tool. - Supports dry-run mode to preview operations before execution. - Deletes files by moving them to a recoverable trash rather than permanent removal. - Validates file paths to prevent traversal attacks and restricts access to certain directories. - Requires user confirmation for bulk or large operations. - Logs all operations for auditability and provides advanced search, backup, and restore features.
Metadata
Slug file-manager-secure
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is File Manager Secure?

Perform safe file operations with path validation, dry-run previews, recoverable trash deletes, batch confirmations, and audit logging to prevent data loss. It is an AI Agent Skill for Claude Code / OpenClaw, with 149 downloads so far.

How do I install File Manager Secure?

Run "/install file-manager-secure" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is File Manager Secure free?

Yes, File Manager Secure is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does File Manager Secure support?

File Manager Secure is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created File Manager Secure?

It is built and maintained by houssam-eddine (@houssameddinemaatallah); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments