← Back to Skills Marketplace
000sonic

Local File Manager 1.0.0

by 000Sonic · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
81
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install local-file-manager-1-0-0
Description
Read, write, append, and list local files in the session's working directory. Use when you need to persist output to disk, read input files, or manipulate fi...
README (SKILL.md)

Local File Manager Skill

This skill provides safe file I/O operations within the session's cwd. It is designed for roles that need to store outputs locally (no cloud sync).

Capabilities

  • Read file: Get contents of a text file
  • Write file: Create or overwrite a file
  • Append file: Add content to existing file
  • List files: Directory listing with filtering
  • Delete file: Remove a file (with safety checks)
  • Copy/Move: Simple file operations

When to Use

Role needs to:

  • Save generated code/analysis to disk
  • Read input documents (PDFs, text, etc.)
  • Append logs or results
  • Create output files in Markdown/JSON/CSV

Usage

# Read a file
file-manager --action read --path output.md

# Write content (from stdin or --content)
file-manager --action write --path result.json --content '{"status":"done"}'

# Append to file
file-manager --action append --path log.txt --content "Job completed at $(date)"

# List files in directory
file-manager --action list --dir . --pattern "*.md"

# Create directory
file-manager --action mkdir --dir reports

# Delete file (with confirmation)
file-manager --action delete --path old_file.txt

Safety

  • Sandboxed to cwd: Cannot access files outside session's working directory
  • Protected files: Cannot delete files starting with . or in ../
  • Size limit: Max file size 10MB (configurable)
  • Dry-run support: --dry-run shows what would happen

Integration with Roles

In role config, enable this skill:

plugins:
  allow:
    - local-file-manager
    - doc-parser

Then in the role's system prompt, guide usage:

When you finish analysis, write the result to a file:
  file-manager --action write --path summary.md --content "$YOUR_MARKDOWN"

Examples

Researcher saving analysis:

file-manager --action write --path analysis_$(date +%Y%m%d).md \
  --content "# Analysis\
\
## Summary\
..."

Developer saving code:

file-manager --action write --path src/main.py --content "$CODE"

Automation appending log:

file-manager --action append --path /var/log/automation.log \
  --content "[$(date)] Task completed\
"

Error Handling

  • If file doesn't exist for read: returns error code 1
  • If path is outside cwd: denied
  • If write fails (permission): returns error
  • All errors logged to ~/.openclaw/logs/file-manager.log

Configuration

Environment variables:

  • FILE_MANAGER_MAX_SIZE: Max file size in bytes (default 10485760)
  • FILE_MANAGER_LOG: Path to operation log (default ~/.openclaw/logs/file-manager.log)
  • FILE_MANAGER_DRY_RUN: Set to "1" to only simulate operations
Usage Guidance
Do not install or enable this skill until the maintainers fix the inconsistencies and the shell-injection risk. Specific items to ask or require: 1) Fix index.ts to execute the bundled script via a relative path (no hard-coded /Users/nico path) and/or use an argv array API (spawn with args) instead of building a single shell command string so user content cannot inject shell commands. 2) Make skill.json accurate (remove nonexistent Python requirements or include the promised Python files), and align permissions with actual paths used (logs, workspace). 3) Implement and document enforcement of FILE_MANAGER_MAX_SIZE in the runtime. 4) Decide and document whether logs are written to home and declare that in permissions; allow configuring log path. 5) Remove misleading examples that suggest writing to absolute system paths unless explicitly allowed. If you must use it before fixes, run the skill in a tightly confined sandbox with no access to sensitive files and monitor what files it writes; treat it as untrusted code.
Capability Analysis
Type: OpenClaw Skill Name: local-file-manager-1-0-0 Version: 1.0.0 The skill contains a critical command injection vulnerability in index.ts. The code uses child_process.exec to execute a shell script, joining user-controlled inputs (path, content, pattern) into a shell command string without sanitization, allowing an attacker or a malicious prompt to execute arbitrary commands on the host. Additionally, index.ts contains a hardcoded absolute path (/Users/nico/...) which indicates poor development practices or a non-portable environment configuration.
Capability Assessment
Purpose & Capability
The stated purpose (file read/write within session cwd) mostly matches the code's operations, but the package metadata is inconsistent: skill.json declares Python entrypoints and dependencies and points 'main' at non-existent Python scripts, while the package actually includes a TypeScript entry and a bash script. _meta.json ownerId differs from the registry owner. These mismatches make it unclear which files are authoritative and why Python is required.
Instruction Scope
SKILL.md promises sandboxing to the session cwd, a 10MB size limit, and use of certain env vars. The runtime pieces conflict: the bash script logs to ~/.openclaw/logs (outside cwd), there is no enforcement of FILE_MANAGER_MAX_SIZE in the shell script, and the README examples include absolute paths (e.g., /var/log/automation.log) that contradict the 'sandboxed to cwd' claim. The TypeScript launcher builds a shell command by joining raw args without quoting/escaping, allowing user-supplied content to inject arbitrary shell commands.
Install Mechanism
There is no install spec (instruction-only style), which is lower risk. However, index.ts executes an absolute script path hard-coded to /Users/nico/.openclaw/... instead of the included relative path scripts/file_manager.sh. That absolute path is unusual and brittle — on some hosts it may inadvertantly execute a different script at that location or fail to run the bundled script.
Credentials
The skill declares no required environment variables yet SKILL.md documents FILE_MANAGER_MAX_SIZE, FILE_MANAGER_LOG and FILE_MANAGER_DRY_RUN and the script reads FILE_MANAGER_LOG; those env vars are not declared. skill.json restricts file permissions to ~/.openclaw/workspace/** but the script writes logs to $HOME/.openclaw/logs by default, a path outside the stated permissions. This mismatch means the skill will access locations not reflected in its declared permissions.
Persistence & Privilege
The skill is not force-enabled (always:false) and can be user-invoked or invoked autonomously (default). It writes to a persistent log file under the user's home (~/.openclaw/logs/file-manager.log) which gives it a footprint outside the session cwd. That behavior is not inherently malicious but is inconsistent with 'no cloud sync' / 'sandboxed to cwd' messaging and should be considered by users.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install local-file-manager-1-0-0
  3. After installation, invoke the skill by name or use /local-file-manager-1-0-0
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of local-file-manager skill. - Provides safe file I/O (read, write, append, list, delete, copy/move) within the session's working directory. - Supports text, JSON, CSV, and Markdown formats. - Enforces safety: sandboxed to cwd, protected files, and size limits. - Includes dry-run mode for simulated operations. - Logs all errors and supports environment-based configuration. - Designed for roles needing local file persistence and manipulation.
Metadata
Slug local-file-manager-1-0-0
Version 1.0.0
License MIT-0
All-time Installs 1
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is Local File Manager 1.0.0?

Read, write, append, and list local files in the session's working directory. Use when you need to persist output to disk, read input files, or manipulate fi... It is an AI Agent Skill for Claude Code / OpenClaw, with 81 downloads so far.

How do I install Local File Manager 1.0.0?

Run "/install local-file-manager-1-0-0" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Local File Manager 1.0.0 free?

Yes, Local File Manager 1.0.0 is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Local File Manager 1.0.0 support?

Local File Manager 1.0.0 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Local File Manager 1.0.0?

It is built and maintained by 000Sonic (@000sonic); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463942 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259883 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200739 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191401 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190375 · by oswalpalash

💬 Comments