← Back to Skills Marketplace
erayai

Ftp Client

by erayai · GitHub ↗ · v0.1.0 · MIT-0
cross-platform ⚠ suspicious
318
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install ftp-client
Description
FTP/FTPS client skill. Connect to FTP servers and perform file operations (list, upload, download, delete, move, copy, mkdir, read). Supports FTP and FTPS (e...
README (SKILL.md)

FTP Client

Full-featured FTP/FTPS client skill for OpenClaw. Connect to remote FTP servers and manage files directly.

Environment Variable

Set FTP_CONNECTION in the OpenClaw skill management panel. Format (comma-separated, last 3 fields optional):

host:port,username,password,active/passive,ftp/ftps,explicit/implicit

Examples:

ftp.example.com:21,myuser,mypassword
ftp.example.com:21,myuser,mypassword,passive
ftp.example.com:990,myuser,mypassword,passive,ftps,implicit

Field definitions:

  • Field 1 (required): host:port — FTP server address and port
  • Field 2 (required): username — FTP login username
  • Field 3 (required): password — FTP login password
  • Field 4 (optional): active or passive — connection mode (default: passive)
  • Field 5 (optional): ftp or ftps — protocol (default: ftp)
  • Field 6 (optional): explicit or implicit — TLS mode for FTPS (default: not used; only meaningful when field 5 is ftps)

Note: If your password contains commas, replace them with %2C (URL-encoded). The parser will decode it.

List directory

node {baseDir}/scripts/list.mjs
node {baseDir}/scripts/list.mjs "/remote/path"
node {baseDir}/scripts/list.mjs "/" --long

Options:

  • --long or -l: Show detailed file info (size, date, permissions)

Download file

node {baseDir}/scripts/download.mjs "/remote/file.txt"
node {baseDir}/scripts/download.mjs "/remote/file.txt" --out "/local/path/file.txt"
node {baseDir}/scripts/download.mjs "/remote/dir" --dir

Options:

  • --out \x3Cpath> or -o \x3Cpath>: Local destination path (default: temp directory)
  • --dir or -d: Download entire directory recursively

Upload file

node {baseDir}/scripts/upload.mjs "/local/file.txt"
node {baseDir}/scripts/upload.mjs "/local/file.txt" --to "/remote/path/file.txt"
node {baseDir}/scripts/upload.mjs "/local/dir" --dir --to "/remote/dir"

Options:

  • --to \x3Cpath> or -t \x3Cpath>: Remote destination path (default: FTP root /)
  • --dir or -d: Upload entire directory recursively

Delete file or directory

node {baseDir}/scripts/delete.mjs "/remote/file.txt"
node {baseDir}/scripts/delete.mjs "/remote/dir" --dir

Options:

  • --dir or -d: Remove directory recursively (including all contents)

Move / Rename

node {baseDir}/scripts/move.mjs "/remote/old-name.txt" "/remote/new-name.txt"
node {baseDir}/scripts/move.mjs "/remote/file.txt" "/remote/subdir/file.txt"

Copy file

node {baseDir}/scripts/copy.mjs "/remote/source.txt" "/remote/dest.txt"

FTP protocol does not natively support copy. This downloads the file to a temp location and re-uploads it.

Create directory

node {baseDir}/scripts/mkdir.mjs "/remote/new-dir"
node {baseDir}/scripts/mkdir.mjs "/remote/path/to/deep/dir"

Creates the directory and all intermediate directories as needed.

Read file content

node {baseDir}/scripts/read.mjs "/remote/file.txt"
node {baseDir}/scripts/read.mjs "/remote/file.txt" --encoding utf8

Options:

  • --encoding \x3Cenc>: File encoding (default: utf8). Supports: utf8, ascii, latin1, base64

File info (size, date)

node {baseDir}/scripts/info.mjs "/remote/file.txt"

Returns file size and last modification date.

Notes

  • Requires node and uses the basic-ftp npm package (auto-installed via package.json).
  • Set FTP_CONNECTION env var before use.
  • Passive mode is recommended for most NAT/firewall scenarios.
  • For FTPS, the skill supports both explicit (port 21 typical) and implicit (port 990 typical) TLS.
  • Large file transfers show progress output.
Usage Guidance
This skill appears to do what it says: it's an FTP/FTPS client implemented as Node scripts. Before installing, consider the following: - FTP_CONNECTION contains your FTP server host, user, and password; treat it as a secret and only set it for servers you trust. Use short-lived or limited-permission accounts where possible. - The scripts can read arbitrary local files (for upload or copy) and write to temporary directories; do not run the skill with commands that reference sensitive local paths unless you trust the target server and the invocation context. - FTPS TLS verification is disabled by default (rejectUnauthorized: false) to allow self-signed certs; if you require strict certificate validation, modify createFtpClient to enable verification. - There's a package.json dependency (basic-ftp) but no explicit install step in the registry metadata — ensure the runtime environment has dependencies installed (npm install) before running the scripts. - If you will allow autonomous agent invocation, remember the agent could perform FTP operations automatically using the provided FTP_CONNECTION; consider limiting autonomous use or providing credentials with minimal permissions. If you need higher assurance, request the packager to add an explicit install step, enable strict FTPS verification, and consider an option to restrict allowed local paths for uploads.
Capability Analysis
Type: OpenClaw Skill Name: ftp-client Version: 0.1.0 The skill implements a functional FTP/FTPS client but contains a security vulnerability in `scripts/ftp-utils.mjs` where it explicitly disables SSL certificate verification (`rejectUnauthorized: false`). This configuration exposes FTPS connections to Man-in-the-Middle (MITM) attacks. While the code aligns with its stated purpose of file management and uses the legitimate `basic-ftp` library, the intentional bypass of security defaults is a high-risk flaw.
Capability Assessment
Purpose & Capability
Name/description, required binary (node), primary env var (FTP_CONNECTION), package.json dependency (basic-ftp), and provided scripts all align with an FTP/FTPS client that lists, uploads, downloads, deletes, moves, copies, and reads files.
Instruction Scope
SKILL.md and the scripts instruct the agent to run node scripts that will access the network (FTP servers) and local filesystem (uploads, downloads, temp files). This is expected for an FTP client, but it means the skill can read arbitrary local paths when asked (and upload them to the configured FTP server) and will write temporary files during copy/download operations — consider this an exfiltration risk if untrusted commands or prompts are used.
Install Mechanism
No explicit install spec is provided in the registry metadata despite a package.json listing basic-ftp as a dependency; SKILL.md states basic-ftp is auto-installed via package.json. That is reasonable but inconsistent: the platform or operator must ensure dependencies are installed (npm install) prior to running the scripts. No remote download URLs or obscure installers are used.
Credentials
Only FTP_CONNECTION is required and it is used as expected to supply host, port, username, and password. That is proportionate. Two cautions: (1) credentials are passed in a single env var — protect it like any secret; (2) the code sets rejectUnauthorized: false for FTPS by default, allowing self-signed certificates which weakens TLS security (this is sometimes necessary for legacy FTP servers but is a security tradeoff).
Persistence & Privilege
Skill does not request permanent presence (always: false), does not modify other skills or system-wide configs, and uses only the declared env var. Normal privilege profile for a user-invocable FTP client.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install ftp-client
  3. After installation, invoke the skill by name or use /ftp-client
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial release of ftp-client — a full-featured FTP/FTPS client skill. - Connect to remote FTP servers using FTP or FTPS (explicit/implicit TLS) with flexible config. - List, upload, download, delete, move, copy, and create directories on FTP servers. - Supports both file and recursive directory operations. - Provides progress reporting for large file transfers. - Includes commands for file info and reading file content. - Requires setting the FTP_CONNECTION environment variable.
Metadata
Slug ftp-client
Version 0.1.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Ftp Client?

FTP/FTPS client skill. Connect to FTP servers and perform file operations (list, upload, download, delete, move, copy, mkdir, read). Supports FTP and FTPS (e... It is an AI Agent Skill for Claude Code / OpenClaw, with 318 downloads so far.

How do I install Ftp Client?

Run "/install ftp-client" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Ftp Client free?

Yes, Ftp Client is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Ftp Client support?

Ftp Client is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Ftp Client?

It is built and maintained by erayai (@erayai); the current version is v0.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments