dropbox

16 stars

bydiegosouzapw

View on GitHub Installation ↓

Best use case

dropbox is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Teams using dropbox should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

You only need a quick one-off answer and do not need a reusable workflow.
You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/dropbox/SKILL.md --create-dirs "https://raw.githubusercontent.com/diegosouzapw/awesome-omni-skill/main/skills/testing-security/dropbox/SKILL.md"

Manual Installation

Download SKILL.md from GitHub
Place it in .claude/skills/dropbox/SKILL.md inside your project
Restart your AI agent — it will auto-discover the skill

How dropbox Compares

Feature / Agent	dropbox	Standard Approach
Platform Support	Not specified	Limited / Varies
Context Awareness	High	Baseline
Installation Complexity	Unknown	N/A

Frequently Asked Questions

What does this skill do?

This skill provides specific capabilities for your AI agent. See the About section for full details.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

SKILL.md Source

# Dropbox Manager Skill

Manage Dropbox files via MCP server and CLI. Swift-native implementation using SwiftyDropbox SDK with OAuth 2.0 PKCE and secure Keychain token storage.

## Setup

### Prerequisites

```bash
# Clone and build Dropbook
git clone https://github.com/RyanLisse/Dropbook.git
cd Dropbook
make build
```

### Authentication

#### Option 1: OAuth Login with Keychain (Recommended)

Use the interactive OAuth flow with secure Keychain storage:

```bash
export DROPBOX_APP_KEY="your_dropbox_app_key"
export DROPBOX_APP_SECRET="your_dropbox_app_secret"
make login
# or: swift run dropbook login
```

This will:
1. Generate PKCE code verifier and challenge (SHA256, RFC 7636)
2. Open an authorization URL with state parameter (CSRF protection)
3. Prompt you to paste the authorization code
4. Exchange code for access and refresh tokens
5. **Save tokens to macOS Keychain** (hardware-backed encryption)
6. Fall back to `~/.dropbook/auth.json` if Keychain unavailable
7. Enable automatic token refreshing

**Security Features (RFC 9700 compliant):**
- PKCE with S256 challenge method
- State parameter for CSRF protection
- Keychain storage with `kSecAttrAccessibleWhenUnlocked`
- CryptoKit for cryptographic operations

#### Option 2: Environment Variables (Legacy)

```bash
export DROPBOX_APP_KEY="your_dropbox_app_key"
export DROPBOX_APP_SECRET="your_dropbox_app_secret"
export DROPBOX_ACCESS_TOKEN="your_dropbox_access_token"
```

**Note**: Manual tokens don't support automatic refreshing. Use OAuth login for production use.

### Logout

Clear stored tokens from both Keychain and file storage:

```bash
make logout
# or: swift run dropbook logout
```

## MCP Server (Recommended)

Start the MCP server:

```bash
make mcp
# or: ./.build/debug/dropbook mcp
```

### MCP Tools

| Tool | Description |
|------|-------------|
| `list_directory` | List files and folders in a Dropbox directory |
| `search` | Search for files by name or content |
| `upload` | Upload a file to Dropbox |
| `download` | Download a file from Dropbox |
| `delete` | Delete a file or folder (moves to trash) |
| `get_account_info` | Get account name and email |
| `read_file` | Read contents of a text file |

#### list_directory

List files and folders in a Dropbox directory.

**Parameters:**
- `path` (string, optional): Directory path. Default: "/"

**Response:**
```json
{
  "files": [
    {"type": "file", "name": "doc.pdf", "path": "/Docs/doc.pdf", "size": 1024},
    {"type": "folder", "name": "Projects", "path": "/Projects"}
  ]
}
```

#### search

Search for files by name or content.

**Parameters:**
- `query` (string, required): Search term
- `path` (string, optional): Path to search within. Default: "/"

**Response:**
```json
{
  "count": 2,
  "results": [
    {"matchType": "filename", "metadata": {"name": "report.pdf", "path": "/Docs/report.pdf"}}
  ]
}
```

#### upload

Upload a file to Dropbox.

**Parameters:**
- `localPath` (string, required): Absolute path to local file
- `remotePath` (string, required): Destination in Dropbox
- `overwrite` (boolean, optional): Replace if exists. Default: false

**Response:**
```json
{
  "uploaded": true,
  "name": "file.txt",
  "path": "/Uploads/file.txt",
  "size": 5000
}
```

#### download

Download a file from Dropbox.

**Parameters:**
- `remotePath` (string, required): File path in Dropbox
- `localPath` (string, required): Local destination path

**Response:**
```json
{
  "downloaded": true,
  "to": "/tmp/report.pdf"
}
```

#### delete

Delete a file or folder from Dropbox (moves to trash).

**Parameters:**
- `path` (string, required): Path to delete in Dropbox

**Response:**
```json
{
  "deleted": true,
  "path": "/Docs/old-file.pdf"
}
```

#### get_account_info

Get Dropbox account information.

**Parameters:** None

**Response:**
```json
{
  "name": "Ryan Lisse",
  "email": "user@example.com"
}
```

#### read_file

Read and return the contents of a text file from Dropbox.

**Parameters:**
- `path` (string, required): Path to file in Dropbox

**Response:**
Returns the file contents as text. Only works with UTF-8 encoded text files.

## CLI Commands

```bash
# Authentication
make login                 # OAuth login with Keychain storage
make logout                # Clear stored tokens

# File operations
make list                  # List root directory
swift run dropbook list /path

# Search files
swift run dropbook search "query" [path]

# Upload file
swift run dropbook upload /local/path /remote/path [--overwrite]

# Download file
swift run dropbook download /remote/path /local/path

# Start MCP server
make mcp
```

## MCP Client Configuration

### Claude Code (Project-level)

The project includes a `.mcp.json` file that configures the MCP server:

```json
{
  "mcpServers": {
    "dropbox": {
      "command": "/path/to/Dropbook/.build/debug/dropbook",
      "args": ["mcp"],
      "env": {
        "DROPBOX_APP_KEY": "${DROPBOX_APP_KEY}",
        "DROPBOX_APP_SECRET": "${DROPBOX_APP_SECRET}"
      }
    }
  }
}
```

Enable project MCP servers in Claude Code settings.json:
```json
{
  "enableAllProjectMcpServers": true
}
```

### Claude Desktop

```json
{
  "mcpServers": {
    "dropbox": {
      "command": "/path/to/dropbook/.build/debug/dropbook",
      "args": ["mcp"],
      "env": {
        "DROPBOX_APP_KEY": "${DROPBOX_APP_KEY}",
        "DROPBOX_APP_SECRET": "${DROPBOX_APP_SECRET}"
      }
    }
  }
}
```

## Error Handling

| Error | Cause | Solution |
|-------|-------|----------|
| `notConfigured` | Missing env vars | Set DROPBOX_APP_KEY, DROPBOX_APP_SECRET |
| `invalidArguments` | Missing required params | Check tool parameters |
| `notFound` | Path doesn't exist | Use `list_directory` to verify paths |
| `itemNotFound` | No token in Keychain | Run `make login` to authenticate |

## Architecture

```
Dropbook/
├── Sources/
│   ├── DropbookCore/           # Business logic (actor-based)
│   │   ├── Auth/               # Keychain & file token storage
│   │   ├── Config/             # Configuration management
│   │   ├── Models/             # Domain models
│   │   └── Services/           # DropboxService actor
│   ├── DropbookCLI/            # CLI adapter
│   │   └── Commands/           # Login, logout, file commands
│   └── DropbookMCP/            # MCP server
├── dropbox-skill/              # Skill documentation
├── Makefile                    # Build automation
├── .mcp.json                   # MCP server configuration
└── Package.swift
```

## Bulk Operations with rclone

For large-scale operations like backups, syncing, or bulk transfers, use [rclone](https://rclone.org/) - a powerful cloud sync tool with native Dropbox support.

### Install rclone

```bash
brew install rclone
```

### Configure rclone for Dropbox

```bash
# Interactive setup (opens browser for OAuth)
rclone authorize dropbox

# Save the token output to config
mkdir -p ~/.config/rclone
cat > ~/.config/rclone/rclone.conf << 'EOF'
[dropbox]
type = dropbox
token = {"access_token":"...paste token here..."}
EOF
```

### Backup to Network Drive / Time Capsule

```bash
# Full backup with progress
rclone copy dropbox: /Volumes/TimeCapsule/Dropbox-Backup \
    --progress \
    --transfers 4 \
    --checkers 8 \
    --retries 10 \
    --log-file /tmp/dropbox-backup.log

# Sync (mirror - deletes files not in source)
rclone sync dropbox: /Volumes/Backup/Dropbox --progress

# Check what would be copied (dry run)
rclone copy dropbox: /Volumes/Backup --dry-run
```

### Common rclone Commands

```bash
# List remote contents
rclone lsd dropbox:              # List directories
rclone ls dropbox:               # List all files
rclone size dropbox:             # Calculate total size

# Copy operations
rclone copy dropbox:folder /local/path    # Download folder
rclone copy /local/path dropbox:folder    # Upload folder

# Sync (bidirectional)
rclone bisync dropbox: /local/path --resync

# Mount as filesystem (macOS - requires macFUSE)
rclone mount dropbox: /mnt/dropbox --vfs-cache-mode full
```

### rclone Flags for Reliability

| Flag | Description |
|------|-------------|
| `--progress` | Show real-time transfer progress |
| `--transfers 4` | Number of parallel transfers |
| `--checkers 8` | Number of parallel checkers |
| `--retries 10` | Retry failed operations |
| `--low-level-retries 20` | Retry low-level errors |
| `--log-file path` | Write logs to file |
| `--dry-run` | Show what would be done |
| `--checksum` | Verify with checksums |

### Rate Limiting

Dropbox has strict API rate limits. If you see `too_many_requests` errors:

```bash
# Use bandwidth limiting
rclone copy dropbox: /backup --bwlimit 1M

# Or add delays between operations
rclone copy dropbox: /backup --tpslimit 2
```

rclone handles rate limits automatically with exponential backoff.

## Best Practices

1. **Use OAuth login** - Secure Keychain storage with automatic token refresh
2. **Use MCP for agents** - More reliable for programmatic access
3. **Use rclone for bulk ops** - Better for backups and large transfers
4. **Validate paths first** - Use `list_directory` before operations
5. **Handle errors gracefully** - Check responses for error fields
6. **Respect rate limits** - Add delays between bulk operations
7. **Use absolute paths** - Always provide full paths for file operations

## Security

- **Keychain Storage**: Tokens stored with hardware-backed encryption
- **PKCE**: Proof Key for Code Exchange prevents authorization code interception
- **State Parameter**: CSRF protection for OAuth flow
- **Token Refresh**: Automatic refresh before expiration
- **CryptoKit**: Modern Swift cryptographic library

## Dependencies

- **SwiftyDropbox** (v10.2.4+): Official Dropbox Swift SDK
- **MCP (swift-sdk)**: Model Context Protocol SDK
- **CryptoKit**: Apple's cryptographic framework
- **rclone** (optional): For bulk operations and backups (`brew install rclone`)

## See Also

- [Dropbook GitHub](https://github.com/RyanLisse/Dropbook)
- [CLAUDE.md](../CLAUDE.md) - Full project documentation
- [Dropbox API Docs](https://www.dropbox.com/developers/documentation)
- [rclone Dropbox Docs](https://rclone.org/dropbox/) - Bulk sync and backup
- [RFC 7636 - PKCE](https://datatracker.ietf.org/doc/html/rfc7636)
- [RFC 9700 - OAuth 2.0 Security Best Practices](https://datatracker.ietf.org/doc/html/rfc9700)

Related Skills

dropbox-automation

from diegosouzapw/awesome-omni-skill

Automate Dropbox file management, sharing, search, uploads, downloads, and folder operations via Rube MCP (Composio). Always search tools first for current schemas.

bgo

from diegosouzapw/awesome-omni-skill

Automates the complete Blender build-go workflow, from building and packaging your extension/add-on to removing old versions, installing, enabling, and launching Blender for quick testing and iteration.

Coding & Development

Load Test Designer

from diegosouzapw/awesome-omni-skill

Design load tests with realistic workload models and performance criteria

ln-634-test-coverage-auditor

from diegosouzapw/awesome-omni-skill

Coverage Gaps audit worker (L3). Identifies missing tests for critical paths (Money 20+, Security 20+, Data Integrity 15+, Core Flows 15+). Returns list of untested critical business logic with priority justification.

ln-523-auto-test-planner

from diegosouzapw/awesome-omni-skill

Plans automated tests (E2E/Integration/Unit) using Risk-Based Testing after manual testing. Calculates priorities, delegates to ln-301-task-creator. Worker for ln-520.

legal-compliance-agent

from diegosouzapw/awesome-omni-skill

Generate legally compliant privacy policies, terms of service, HIPAA documentation, and compliance pages for healthcare SaaS platforms. Ensures Google Play/App Store approval and GDPR/HIPAA compliance.

lc-test

from diegosouzapw/awesome-omni-skill

Test a Rust solution file against LeetCode's test cases (project)

laravel-security-audit

from diegosouzapw/awesome-omni-skill

Security auditor for Laravel applications. Analyzes code for vulnerabilities, misconfigurations, and insecure practices using OWASP standards and Laravel security best practices.

kube-audit-kit

from diegosouzapw/awesome-omni-skill

Performs read-only Kubernetes security audits by exporting resources, sanitizing metadata, grouping applications by topology, and generating PSS/NSA-compliant audit reports. Use when the user requests auditing Kubernetes clusters, Namespaces, security reviews, or configuration analysis.

jwt

from diegosouzapw/awesome-omni-skill

JWT y auth. Proyecto usa este skill; contenido canónico en .ai-system.

jwt-verify

from diegosouzapw/awesome-omni-skill

Implement JWT verification middleware in FastAPI for user auth. Use when securing APIs or handling tokens.

jules-audit-request

from diegosouzapw/awesome-omni-skill

Protocol for escalation to Jules when stuck.