← Back to Skills Marketplace
tecfancy

NAS File Courier Skill

by Randal · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
313
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install nas-file-courier
Description
Search files on NAS (via rclone + Tailscale) and send to user via messaging API. Triggers on file search, find file, send file, 找文件, 发文件, NAS 查找, 下载文件.
Usage Guidance
This skill generally does what it says (search NAS via rclone+Tailscale and send files), but the published metadata omits important runtime requirements and assumptions. Before installing or running it: 1) Confirm the runtime host has rclone, tailscale CLI, jq, python3, and a configured rclone remote (the skill depends on ~/.config/rclone/rclone.conf for NAS credentials). 2) Verify the rclone remote credentials are stored securely and that you trust the host running the agent (the skill will cause rclone to read those credentials). 3) Understand network exposure: the HTTP fallback starts a temporary rclone HTTP server bound to the Tailscale IP — any device on the same Tailscale mesh could access the link while it’s up. 4) Ask the author to update registry metadata to declare required binaries and config paths, fix the inconsistent temp-path references (/tmp/nas-courier vs /tmp/openclaw/nas-courier), and clarify whether python3 and jq are required. 5) Test with a small, non-sensitive file first to confirm MEDIA: delivery behavior and that cleanup/kill logic reliably terminates the temporary server. If you cannot verify these items or do not control the Tailscale mesh, treat the skill cautiously.
Capability Analysis
Type: OpenClaw Skill Name: nas-file-courier Version: 1.0.0 The skill facilitates NAS file retrieval using rclone and Tailscale, but contains patterns that introduce security risks. Specifically, the instructions in SKILL.md and references/rclone-ops.md for searching files do not include input sanitization, potentially allowing for argument injection if the agent passes unsanitized user keywords to rclone. Furthermore, references/http-temp-link.md describes a fallback mechanism that starts a temporary HTTP server (rclone serve http), which, although restricted to the Tailscale network, increases the local attack surface. These issues represent significant vulnerabilities in the context of an AI agent executing shell commands.
Capability Assessment
Purpose & Capability
The skill's stated purpose (NAS search + deliver via messaging) aligns with the runtime steps. However the package metadata declared no required binaries, env vars, or config paths, while SKILL.md clearly requires rclone, Tailscale (tailscale CLI and tailscale IP), jq, python3 (used for URL encoding), and (for initial setup) sudo. That mismatch is an incoherence: a consumer would legitimately need these binaries and access to rclone configuration to use this skill.
Instruction Scope
The SKILL.md instructions stay within the core purpose (search with rclone, copy to /tmp, deliver via platform MEDIA: lines, verify receipt, and mandatory cleanup). They also define safety rules (don't leak secrets, bind to Tailscale IP). Notable instruction-scope items: it starts a background HTTP server (rclone serve http) bound to the Tailscale IP and sleeps for 10 minutes, uses python3 to URL-encode names, and relies on deliver engine handling MEDIA: lines. The instructions reference rclone config (remotes with credentials) implicitly. There are minor internal inconsistencies (rclone-ops references /tmp/nas-courier/ while SKILL.md references /tmp/openclaw/nas-courier/; SKILL.md demands fuse3 dependency though operations are CLI-based).
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so it writes nothing to disk during install. That is the lowest install risk. The runtime requires external tools to be present, but nothing is installed by the skill itself.
Credentials
The skill declares no required credentials or config paths, yet it depends on an existing rclone remote (which implies ~/.config/rclone/rclone.conf with NAS credentials) and on messaging channels that the platform's deliver engine will use (these require bot tokens maintained elsewhere). The skill will rely on rclone accessing stored NAS credentials; the registry metadata should have declared that dependency and any config path access. The lack of declared config access (and missing required binaries like tailscale, rclone, jq, python3) is disproportionate to the stated metadata.
Persistence & Privilege
always is false, no install spec, and SKILL.md explicitly forbids modifying rclone config or system-wide settings. The skill starts short-lived background processes at runtime (rclone serve http) but requires explicit cleanup steps. No suspicious persistent privileges are requested in the registry metadata.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install nas-file-courier
  3. After installation, invoke the skill by name or use /nas-file-courier
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
nas-file-courier 1.0.0 – Initial Release - Search files on a NAS via rclone over Tailscale based on user keywords, type, or time range. - Deliver files to users through supported messaging APIs (Feishu, Telegram, QQ Bot) using validated native sending methods. - Guides user through file selection, confirmation, and delivery verification to ensure correct receipt. - Implements strict temp file management in `/tmp/openclaw/nas-courier/` with mandatory cleanup after every operation. - Enforces security policies: read-only operations, no sudo, no exposure of credentials or private data, and sends only permitted file types.
Metadata
Slug nas-file-courier
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is NAS File Courier Skill?

Search files on NAS (via rclone + Tailscale) and send to user via messaging API. Triggers on file search, find file, send file, 找文件, 发文件, NAS 查找, 下载文件. It is an AI Agent Skill for Claude Code / OpenClaw, with 313 downloads so far.

How do I install NAS File Courier Skill?

Run "/install nas-file-courier" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is NAS File Courier Skill free?

Yes, NAS File Courier Skill is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does NAS File Courier Skill support?

NAS File Courier Skill is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created NAS File Courier Skill?

It is built and maintained by Randal (@tecfancy); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463556 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259610 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200551 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191226 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190235 · by oswalpalash

💬 Comments