← 返回 Skills 市场
erayai

Ftp Client Php

作者 erayai · GitHub ↗ · v0.1.0 · MIT-0
cross-platform ⚠ suspicious
278
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install ftp-client-php
功能描述
FTP/FTPS file manager via PHP proxy. Supports list, upload, download, delete, move, copy, mkdir, read, write. Works behind NAT/firewalls (e.g. HuggingFace) b...
使用说明 (SKILL.md)

FTP Client (PHP Proxy)

Full-featured FTP/FTPS client skill for OpenClaw. Routes all FTP operations through an HTTP PHP proxy server, so it works even when direct FTP connections are blocked (e.g. HuggingFace Spaces, serverless environments). Click to deploy ftp-php-proxy.

Architecture

OpenClaw ──HTTP──▶ PHP Proxy Server (api.php) ──FTP──▶ FTP Server

Environment Variable

Set FTP_PHP_CONFIG in the OpenClaw skill management panel. JSON format:

{"ftp_php_domain":"https://your-server.com/api.php","ftp_php_apikey":"","ftp_client_host":"ftp.example.com","ftp_client_port":"21","ftp_client_username":"user","ftp_client_password":"pass","ftp_client_connect_mode":"passive","ftp_client_protocol":"ftps","ftp_client_encrypt_mode":"explicit"}

Field definitions:

  • ftp_php_domain (required): Full URL of the PHP proxy api.php endpoint
  • ftp_php_apikey (optional): API key for the PHP proxy, empty string = no auth
  • ftp_client_host (required): FTP server hostname
  • ftp_client_port (optional): FTP server port, default 21
  • ftp_client_username (required): FTP login username
  • ftp_client_password (required): FTP login password
  • ftp_client_connect_mode (optional): active or passive, default passive
  • ftp_client_protocol (optional): ftp or ftps, default ftp
  • ftp_client_encrypt_mode (optional): explicit or implicit, only meaningful when protocol is ftps

Example (alwaysdata FTPS):

{"ftp_php_domain":"https://your-server.com/api.php","ftp_php_apikey":"","ftp_client_host":"ftp.example.com","ftp_client_port":"21","ftp_client_username":"user","ftp_client_password":"pass","ftp_client_connect_mode":"passive","ftp_client_protocol":"ftps","ftp_client_encrypt_mode":"explicit"}

List directory

node {baseDir}/scripts/list.mjs
node {baseDir}/scripts/list.mjs "/remote/path"
node {baseDir}/scripts/list.mjs "/" --detailed

Options:

  • --detailed or -l: Show detailed file info (size, date, permissions, type)

Download file

node {baseDir}/scripts/download.mjs "/remote/file.txt"
node {baseDir}/scripts/download.mjs "/remote/file.txt" --out "/local/save/path.txt"

Options:

  • --out \x3Cpath> or -o \x3Cpath>: Local save path (default: system temp directory)

Upload file

node {baseDir}/scripts/upload.mjs "/local/file.txt" --to "/remote/path/file.txt"

Options:

  • --to \x3Cpath> or -t \x3Cpath>: Remote destination path (required)

Write text content to remote file

node {baseDir}/scripts/write.mjs "/remote/file.txt" "file content here"
node {baseDir}/scripts/write.mjs "/remote/file.txt" --stdin \x3C local_file.txt

Read file content

node {baseDir}/scripts/read.mjs "/remote/file.txt"

Delete file or directory

node {baseDir}/scripts/delete.mjs "/remote/file.txt"
node {baseDir}/scripts/delete.mjs "/remote/dir" --dir

Options:

  • --dir or -d: Remove directory recursively

Move / Rename

node {baseDir}/scripts/move.mjs "/remote/old.txt" "/remote/new.txt"

Copy file

node {baseDir}/scripts/copy.mjs "/remote/source.txt" "/remote/dest.txt"

Create directory

node {baseDir}/scripts/mkdir.mjs "/remote/new-dir"

File info

node {baseDir}/scripts/info.mjs "/remote/file.txt"

Notes

  • All FTP operations are proxied through your PHP server via HTTP.
  • Upload works by sending file as base64 to the PHP proxy.
  • Download retrieves base64 content from the PHP proxy and saves locally.
  • Large files are supported but limited by PHP server's upload_max_filesize and memory_limit.
  • Set FTP_PHP_CONFIG env var as a single-line JSON string.
安全使用建议
This skill appears to do what it says: it runs Node scripts that call a PHP proxy you specify and will send your FTP username/password and file contents to that proxy. Before installing: (1) only use a php proxy URL you control or fully trust — do not point to a third-party endpoint you don't administer, (2) if possible set and require ftp_php_apikey and host controls on the proxy, (3) host the PHP proxy on HTTPS with a valid certificate (the client currently allows self-signed certs by default), (4) review the PHP proxy server code (the project links to a proxy repo) so you know how it stores/uses credentials and files, (5) avoid putting long-lived secrets into shared agent environments and consider rotating credentials after use, and (6) be aware uploads read arbitrary local paths and downloads write to local disk — run with least privilege and avoid using it from multi-tenant or untrusted runtimes.
功能分析
Type: OpenClaw Skill Name: ftp-client-php Version: 0.1.0 The skill implements an FTP client that routes all operations and credentials through a remote PHP proxy. While it functions as described, it contains a significant security vulnerability in `scripts/ftp-api.mjs` by setting `rejectUnauthorized: false` for all HTTP/HTTPS requests, which disables SSL certificate validation and exposes sensitive FTP credentials to Man-in-the-Middle (MITM) attacks. The architecture inherently requires users to transmit full FTP credentials to a remote HTTP endpoint, which is a high-risk pattern even if not explicitly malicious.
能力评估
Purpose & Capability
Name/description, required binary (node), and the single required env var (FTP_PHP_CONFIG) are consistent with a Node-based FTP client that proxies operations through a PHP HTTP endpoint. The env JSON fields (ftp_php_domain, ftp_client_host, ftp_client_username/password, etc.) are exactly what this proxy-based design needs.
Instruction Scope
Runtime instructions and included scripts stay within the described scope (list, upload, download, read, write, delete, move, copy, mkdir). However, the runtime will: (1) read local files for uploads and --stdin content, (2) write downloaded files to local disk, and (3) transmit FTP credentials and file contents to the configured ftp_php_domain. The client also sets HTTPS option rejectUnauthorized: false (accepts self-signed certs), which reduces TLS protections if used with untrusted endpoints.
Install Mechanism
There is no packaged install step; code files are included and require only Node to run. No external downloads or installers are invoked. This is low-risk from an install mechanism standpoint (nothing fetched/executed from arbitrary URLs).
Credentials
Only one environment variable is required (FTP_PHP_CONFIG) and it contains the FTP server credentials, proxy URL, and optional API key — which are necessary for the skill to operate. That is proportionate, but it means sensitive credentials and file contents will be stored in the skill environment and sent to the configured PHP proxy, so you must trust the proxy endpoint/operator.
Persistence & Privilege
The skill is not forced-always, does not request elevated platform privileges, and does not alter other skills or global agent config. Autonomous invocation is allowed (platform default) but not combined with any suspicious persistent privileges.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install ftp-client-php
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /ftp-client-php 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.0
Initial release of ftp-client-php – an FTP/FTPS manager via a PHP HTTP proxy. - List, upload, download, delete, move, copy, mkdir, read, and write files and directories on remote FTP/FTPS servers. - Operates behind NAT/firewalls by routing all operations through a PHP proxy. - Supports both FTP and FTPS (explicit/implicit) connections and passive/active modes. - Easy CLI commands for all major file operations. - Requires FTP connection info in a JSON environment variable (`FTP_PHP_CONFIG`). - Works where direct FTP is blocked (e.g. HuggingFace, serverless).
元数据
Slug ftp-client-php
版本 0.1.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Ftp Client Php 是什么?

FTP/FTPS file manager via PHP proxy. Supports list, upload, download, delete, move, copy, mkdir, read, write. Works behind NAT/firewalls (e.g. HuggingFace) b... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 278 次。

如何安装 Ftp Client Php?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install ftp-client-php」即可一键安装,无需额外配置。

Ftp Client Php 是免费的吗?

是的,Ftp Client Php 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Ftp Client Php 支持哪些平台?

Ftp Client Php 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Ftp Client Php?

由 erayai(@erayai)开发并维护,当前版本 v0.1.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论