2.5k
GitHub Stars
2
Bundled Files
2 months ago
Catalog Refreshed
3 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill openclaw/skills --skill filesystem-access- _meta.json285 B
- SKILL.md554 B
Overview
This skill provides secure local file read, write, and list operations scoped to the OpenClaw workspace. It enforces workspace-bound access by default to prevent accidental or malicious access to files outside the project directory. Use it when you need controlled file manipulation for logs, reports, scripts, or configuration within the workspace.
How this skill works
The skill accepts relative paths and operates only inside the designated workspace directory, refusing write operations outside that boundary. It supports reading file contents, writing or appending data, and listing directory entries while applying safety checks to avoid path traversal. Operations are logged or validated to reduce risk of modifying critical files inadvertently.
When to use it
- Inspect application logs or debugging output inside the workspace
- Create or update project-specific configuration files safely
- Generate and save Markdown or HTML reports in the workspace
- List files and directories to build inventories or backups
- Store small scripts or assets tied to the current project
Best practices
- Always use relative paths within the workspace and avoid absolute paths
- Prefer targeted reads and writes instead of recursive or bulk deletions
- Validate filenames and user-provided paths to prevent traversal (e.g., no ".." segments)
- Avoid writing to shared configuration or source files unless explicitly permitted
- Keep backups of important files before performing large modifications
Example use cases
- Read the latest application logfile to extract error traces for debugging
- Write a generated README.md or report summary into the docs folder
- List the workspace/data directory to enumerate input files for processing
- Append metrics to a project-specific CSV for later analysis
- Save a temporary script into scripts/ for local execution and later cleanup
FAQ
No. Write operations are blocked outside the configured workspace to prevent unauthorized changes.
How does it prevent path traversal attacks?
The skill validates and normalizes paths, rejecting requests that would escape the workspace (for example paths with ".." that resolve outside the directory).
Is deletion allowed?
Deletion is allowed only within the workspace and should be used cautiously; avoid deleting critical source or configuration files and prefer doing backups first.