dropbox

Enables management of Dropbox files through a Swift-native CLI, utilizing OAuth 2.0 for secure authentication and file operations.

Install this skill

or

0/100

Security score

The dropbox skill was audited on Feb 27, 2026 and we found 22 security issues across 4 threat categories, including 10 high-severity. Review the findings below before installing.

Categories Tested

Security Issues

medium line 227

Template literal with variable interpolation in command context

SourceSKILL.md

227

```json

medium line 251

Template literal with variable interpolation in command context

SourceSKILL.md

251

```json

medium line 39

Access to hidden dotfiles in home directory

SourceSKILL.md

39	6. Fall back to `~/.dropbook/auth.json` if Keychain unavailable

low line 311

Access to hidden dotfiles in home directory

SourceSKILL.md

311	mkdir -p ~/.config/rclone

low line 312

Access to hidden dotfiles in home directory

SourceSKILL.md

312	cat > ~/.config/rclone/rclone.conf << 'EOF'

high line 7

Access to system keychain/keyring

SourceSKILL.md

7	Manage Dropbox files via MCP server and CLI. Swift-native implementation using SwiftyDropbox SDK with OAuth 2.0 PKCE and secure Keychain token storage.

high line 22

Access to system keychain/keyring

SourceSKILL.md

22	#### Option 1: OAuth Login with Keychain (Recommended)

high line 24

Access to system keychain/keyring

SourceSKILL.md

24	Use the interactive OAuth flow with secure Keychain storage:

high line 38

Access to system keychain/keyring

SourceSKILL.md

38	5. Save tokens to macOS Keychain (hardware-backed encryption)

high line 39

Access to system keychain/keyring

SourceSKILL.md

39	6. Fall back to `~/.dropbook/auth.json` if Keychain unavailable

high line 45

Access to system keychain/keyring

SourceSKILL.md

45	- Keychain storage with `kSecAttrAccessibleWhenUnlocked`

high line 60

Access to system keychain/keyring

SourceSKILL.md

60	Clear stored tokens from both Keychain and file storage:

medium line 201

Access to system keychain/keyring

SourceSKILL.md

201	make login # OAuth login with Keychain storage

high line 273

Access to system keychain/keyring

SourceSKILL.md

273	\| `itemNotFound` \| No token in Keychain \| Run `make login` to authenticate \|

medium line 281

Access to system keychain/keyring

SourceSKILL.md

281	│ │ ├── Auth/ # Keychain & file token storage

high line 385

Access to system keychain/keyring

SourceSKILL.md

385	1. Use OAuth login - Secure Keychain storage with automatic token refresh

high line 395

Access to system keychain/keyring

SourceSKILL.md

395	- Keychain Storage: Tokens stored with hardware-backed encryption

low line 296

External URL reference

SourceSKILL.md

296	For large-scale operations like backups, syncing, or bulk transfers, use [rclone](https://rclone.org/) - a powerful cloud sync tool with native Dropbox support.

low line 412

External URL reference

SourceSKILL.md

412	- [Dropbox API Docs](https://www.dropbox.com/developers/documentation)

low line 413

External URL reference

SourceSKILL.md

413	- [rclone Dropbox Docs](https://rclone.org/dropbox/) - Bulk sync and backup

low line 414

External URL reference

SourceSKILL.md

414	- [RFC 7636 - PKCE](https://datatracker.ietf.org/doc/html/rfc7636)

low line 415

External URL reference

SourceSKILL.md

415	- [RFC 9700 - OAuth 2.0 Security Best Practices](https://datatracker.ietf.org/doc/html/rfc9700)

Scanned on Feb 27, 2026

View Security Dashboard

Installation guide →

GitHub Stars 2

Rate this skill

Categorydevelopment

UpdatedMay 21, 2026

openclaw api backend backend-developer devops-sre data-engineer development

diegosouzapw/awesome-omni-skill