← Back to Skills Marketplace
99
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install upload-file
Description
MUST be used for any browser file upload task. Provides reliable, step-by-step automation for uploading files via agent-browser CLI. Includes strict executio...
Usage Guidance
This skill appears to implement browser file uploads, but don't install blindy. Check and fix the obvious mismatches first: ensure 'agent-browser' is available on the agent PATH (the skill assumes it but metadata doesn't declare it), and note SKILL.md references 'scripts/upload_file.py' while the included file is 'scripts/upload.py' — that will break the recommended Python usage. Confirm whether OPENCLAW_WORKSPACE is used in your environment (the script will read it if present) or adjust the code to avoid implicitly reading an undocumented env var. Be aware that the skill takes page snapshots during verification/fallback; snapshots can include sensitive page content (file names, form data). If you will use this on pages with confidential data, require explicit approval or remove automatic snapshots. Finally, test the skill in a safe sandbox first, review logs for unexpected output, and only grant agent autonomous use if you trust it to run these commands and handle snapshots.
Capability Analysis
Type: OpenClaw Skill
Name: upload-file
Version: 1.0.0
The skill bundle provides a legitimate utility for automating file uploads to web pages using the agent-browser CLI. The Python script (scripts/upload.py) and instructions (SKILL.md) follow a logical, step-by-step process for opening a URL, identifying upload elements, and verifying success. No evidence of data exfiltration, unauthorized command execution, or malicious prompt injection was found.
Capability Assessment
Purpose & Capability
The skill's name, description, SKILL.md and included Python script all target browser file uploads via the agent-browser CLI — that's coherent. However, the package metadata lists no required binaries while both the instructions and the script rely on an 'agent-browser' binary being on PATH. Also SKILL.md references 'scripts/upload_file.py' but the provided file is 'scripts/upload.py' (filename mismatch) which will break the recommended Python mode.
Instruction Scope
SKILL.md gives concrete step-by-step agent-browser commands (open, wait, find, upload, snapshot) which are in-scope for upload tasks. But the instructions/implementation call 'agent-browser snapshot' several times (fallback and verification). Snapshots capture page content and could include sensitive data (file names, page text, form fields). The skill instructs snapshots on failures and during verification by default, increasing risk of unintended data capture.
Install Mechanism
No install spec (instruction-only plus a script) — low installation risk because nothing is downloaded or written by an installer. The included script will run externally; there is no package fetching or archive extraction.
Credentials
The metadata declares no required env vars, but the script reads OPENCLAW_WORKSPACE (with a default) to resolve 'workspace/...' paths. That environment variable is not documented in requires.env. The script also prints command lines and resolved paths to stdout; that may leak file paths or workspace locations into logs. No credentials are requested, but the undeclared env usage and potential log exposure are disproportionate to what the metadata claims.
Persistence & Privilege
always is false and the skill does not request or perform system-wide persistent changes. It does not modify other skills or agent config. Autonomous invocation remains possible (default) but is not a unique risk here.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install upload-file - After installation, invoke the skill by name or use
/upload-file - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
browser-file-upload v1.0.0 – Initial release
- Provides robust, step-by-step automation for uploading files to web pages using agent-browser CLI.
- Enforces a strict state-machine execution protocol to maximize reliability and error handling.
- Includes a standardized upload pipeline: open page, wait, trigger file input, upload, and verify.
- Supports fallback strategies and path normalization for diverse upload scenarios.
- Recommends Python script mode as the most stable method, with CLI command alternatives.
Metadata
Frequently Asked Questions
What is upload-file?
MUST be used for any browser file upload task. Provides reliable, step-by-step automation for uploading files via agent-browser CLI. Includes strict executio... It is an AI Agent Skill for Claude Code / OpenClaw, with 99 downloads so far.
How do I install upload-file?
Run "/install upload-file" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is upload-file free?
Yes, upload-file is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does upload-file support?
upload-file is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created upload-file?
It is built and maintained by m1ss-cell (@m1ss-cell); the current version is v1.0.0.
More Skills