Tags: enhancement, backend, skill-installation
Quality Rating: ⭐ 9/10
Problem Description
The install_skill API has a hardcoded file size limit of 500KB per skill package, which is too restrictive for complex skills with multiple files, dependencies, or embedded resources.
Current Implementation
Location: backend/app/api/skills.py
MAX_SKILL_SIZE = 512_000 # 500KB hard limit
Impact
This limit prevents installation of legitimate skill packages that exceed 500KB, such as:
- Skills with multiple auxiliary files (scripts/, references/, examples/)
- Skills that include documentation or templates
- Skills with embedded assets (images, config files)
- Complex skills with comprehensive instructions
Example Scenario
A skill package structure like:
my-complex-skill/
├── SKILL.md (50KB)
├── scripts/
│ ├── helper.py (100KB)
│ └── utils.py (150KB)
├── templates/
│ └── report_template.md (200KB)
└── examples/
└── usage_examples.md (100KB)
Total: ~600KB → ❌ Installation fails
Proposed Solution
Option 1: Increase the Limit (Recommended)
Raise MAX_SKILL_SIZE to a more reasonable value:
- 2MB (2,097,152 bytes) — accommodates most complex skills
- 5MB (5,242,880 bytes) — future-proof for very large skills
Option 2: Make it Configurable
Allow the limit to be configured via environment variable:
MAX_SKILL_SIZE = int(os.getenv("CLAWITH_MAX_SKILL_SIZE", 2_097_152)) # Default 2MBOption 3: Tiered Limits
- Simple skills (SKILL.md only): 100KB
- Standard skills (with scripts/): 2MB
- Complex skills (with assets): 5MB (requires admin approval)
Additional Considerations
- Security: Ensure file size validation happens before processing to prevent DoS attacks
- Storage: Consider the cumulative storage impact if users install many large skills
- Upload timeout: Larger files may need adjusted timeout settings
Priority
Medium-High — This blocks legitimate use cases and limits the platform's extensibility
Environment
- Platform: Clawith
- Component: Backend API (
backend/app/api/skills.py)
- Date observed: 2026-05-28
Tags:
enhancement,backend,skill-installationQuality Rating: ⭐ 9/10
Problem Description
The
install_skillAPI has a hardcoded file size limit of 500KB per skill package, which is too restrictive for complex skills with multiple files, dependencies, or embedded resources.Current Implementation
Location:
backend/app/api/skills.pyImpact
This limit prevents installation of legitimate skill packages that exceed 500KB, such as:
Example Scenario
A skill package structure like:
Total: ~600KB → ❌ Installation fails
Proposed Solution
Option 1: Increase the Limit (Recommended)
Raise
MAX_SKILL_SIZEto a more reasonable value:Option 2: Make it Configurable
Allow the limit to be configured via environment variable:
Option 3: Tiered Limits
Additional Considerations
Priority
Medium-High — This blocks legitimate use cases and limits the platform's extensibility
Environment
backend/app/api/skills.py)