← 返回 Skills 市场
1947
总下载
1
收藏
14
当前安装
1
版本数
在 OpenClaw 中安装
/install filesystem-access
功能描述
安全的本地文件读/写/列表能力,默认只在 OpenClaw workspace 目录内工作。
使用说明 (SKILL.md)
使用建议
- 当你需要查看、编辑或列出工作区内的文件时使用本技能。
- 仅访问相对路径或工作区子目录,避免越权访问用户其他目录。
- 典型场景:查看日志、生成 Markdown 报告、保存脚本或配置文件。
安全约束
- 禁止在 workspace 之外执行写入操作。
- 避免删除用户重要文件,如配置、源码或系统文件。
安全使用建议
This skill is essentially a set of rules rather than an enforced sandbox. Before installing, verify how your OpenClaw runtime enforces 'workspace-only' file access (OS chroot/namespace, process-level sandbox, or an API that only exposes workspace paths). Ask the platform owner: does the agent process actually get prevented from reading/writing outside the workspace? If not, treat this as having full filesystem access and only enable it when you trust the agent and logs/auditing. Consider: 1) testing with a harmless file outside the workspace to confirm enforcement, 2) limiting autonomous invocation or requiring manual approval for file operations, 3) ensuring audit logs capture file reads/writes, and 4) avoiding giving this skill access if you must protect secrets or system files.
功能分析
Type: OpenClaw Skill
Name: filesystem-access
Version: 1.0.0
The skill bundle contains only metadata and descriptive instructions for filesystem access within a restricted workspace. There is no executable code or malicious prompt injection present; the instructions in SKILL.md explicitly emphasize safety constraints and restricted access to the OpenClaw workspace.
能力评估
Purpose & Capability
The name/description promise a safe, workspace-only file read/write/list capability. However, the skill requests no OS-level sandboxing, config paths, or credentials that would technically limit access to a workspace. For an actual workspace-only file-access feature, one would expect either platform-level enforcement details or instructions referencing a specific sandboxed API or path—those are missing.
Instruction Scope
SKILL.md contains policy-style guidance (use relative paths, do not write outside workspace) but no concrete, constrained commands or checks. That makes safe behavior advisory rather than enforced: an agent could ignore the guidance and access arbitrary files unless the runtime enforces limits.
Install Mechanism
No install spec and no code files are present. That minimizes supply-chain/code-execution risk because nothing is downloaded or installed by the skill itself.
Credentials
The skill requests no environment variables, credentials, or config paths. There are no disproportionate secret requests.
Persistence & Privilege
The skill is default-autonomous-invocable (platform default). While 'always: true' is not set, the combination of autonomous invocation and non-enforced, advisory constraints increases the risk that the agent could access files outside the workspace without explicit user approval.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install filesystem-access - 安装完成后,直接呼叫该 Skill 的名称或使用
/filesystem-access触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
filesystem-access 1.0.0
- 初始发布,提供安全的本地文件读、写、列表功能。
- 默认仅在 OpenClaw workspace 目录内运行,限制对其他目录的访问。
- 加强安全约束,禁止跨目录写入和误删重要文件。
- 适用于查看日志、生成报告及管理工作区内脚本与配置文件。
元数据
常见问题
Filesystem Access 是什么?
安全的本地文件读/写/列表能力,默认只在 OpenClaw workspace 目录内工作。 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1947 次。
如何安装 Filesystem Access?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install filesystem-access」即可一键安装,无需额外配置。
Filesystem Access 是免费的吗?
是的,Filesystem Access 完全免费(开源免费),可自由下载、安装和使用。
Filesystem Access 支持哪些平台?
Filesystem Access 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Filesystem Access?
由 bukas(@huanz)开发并维护,当前版本 v1.0.0。
推荐 Skills