feat: add google_drive/upload_from_file action for token-efficient file uploads#5263
feat: add google_drive/upload_from_file action for token-efficient file uploads#5263iris-clawd wants to merge 1 commit intomainfrom
Conversation
…le uploads Add a new CrewAIPlatformFileUploadTool that reads files directly from disk and uploads to Google Drive via the platform API, bypassing the LLM context window entirely. This solves two problems: 1. File content no longer consumes LLM tokens 2. Binary/large files no longer risk exceeding the 128k context limit The new action accepts a file_path parameter instead of content. It handles: - Auto-detection of MIME type from file extension - Optional custom file name (defaults to local filename) - File size validation (50 MB limit for simple uploads) - Base64 encoding of file content before sending to API The existing google_drive/upload_file action is unchanged — full backwards compatibility with the 10k+ existing executions. Changes: - New tool: CrewAIPlatformFileUploadTool - Builder auto-injects the tool when apps include google_drive or google_drive/upload_from_file - 14 unit tests covering upload, error handling, MIME detection, SSL - Updated docs with new action reference and usage examples
|
Preview deployment for your docs. Learn more about Mintlify Previews.
|
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 2 potential issues.
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
| for tool_cls in _LOCAL_TOOL_APPS[app_base]: | ||
| if tool_cls not in added_local_tools: | ||
| tools.append(tool_cls()) | ||
| added_local_tools.add(tool_cls) |
There was a problem hiding this comment.
Unrelated Google Drive actions inject local upload tool
Medium Severity
The second block (checking app_base) always runs even when the app string is a specific action. Because app_base = app.split("/")[0] extracts just "google_drive" from any action like "google_drive/list_files" or "google_drive/download_file", it matches _LOCAL_TOOL_APPS and injects CrewAIPlatformFileUploadTool even though the user never requested it. Only a full app name like "google_drive" (without a slash) was intended to trigger injection of all local tools. The second block needs an elif or a guard to ensure it only fires for bare app names.
|
|
||
| # Read and encode file content | ||
| content_bytes = path.read_bytes() | ||
| content_b64 = base64.b64encode(content_bytes).decode("utf-8") |
There was a problem hiding this comment.
No path validation allows arbitrary file exfiltration
High Severity
The tool reads any file the process can access (expanduser + resolve follows ~ and symlinks) and uploads it to Google Drive with zero path restrictions. An LLM influenced by prompt injection could exfiltrate sensitive files like .env, SSH keys, or credentials. The existing FileWriterTool in the same codebase already implements path traversal protection — similar safeguards (allowlist, directory sandboxing) are missing here.
2 participants
Summary
Adds a new
google_drive/upload_from_fileplatform action that reads files directly from disk and uploads to Google Drive, bypassing the LLM context window entirely.Problem
The current
google_drive/upload_fileaction requires passing file content as a parameter in the tool call. This means:Solution
New action:
google_drive/upload_from_filefile_pathnamemime_typeparent_folder_iddescriptionThe tool reads the file locally, base64-encodes it, and sends to the same platform API endpoint (
GOOGLE_DRIVE_SAVE_FILE). The LLM only ever sees the short file path string.Backwards Compatibility
google_drive/upload_fileis completely untouched — zero risk to the 10k+ existing executionsgoogle_driveorgoogle_drive/upload_from_fileChanges
crewai_platform_file_upload_tool.py— newCrewAIPlatformFileUploadToolclasscrewai_platform_tool_builder.py— auto-injects local tools for apps that support them__init__.py— exports new classtest_crewai_platform_file_upload_tool.py— 14 unit testsgoogle_drive.mdx— docs for new action + usage exampleUsage
The agent can then call
google_drive_upload_from_file(file_path='/data/report.pdf')— the PDF is read from disk and uploaded without ever touching the LLM context.Note
Medium Risk
Introduces a new tool that reads arbitrary local files and uploads them to Google Drive, which can have security/ops implications if agents are allowed broad filesystem access. Also changes tool construction to inject local tools for
google_drive, affecting which tools are available at runtime.Overview
Adds a new
google_drive/upload_from_filecapability that uploads a local disk file to Google Drive without sending file contents through the LLM context, including MIME auto-detection, size guarding (50MB simple-upload limit), and error handling.Updates the platform tool builder to auto-inject this client-side tool when
appsincludesgoogle_driveorgoogle_drive/upload_from_file, exports it from the package, and adds unit tests plus Google Drive integration docs and an example for token-efficient uploads.Written by Cursor Bugbot for commit 0000239. This will update automatically on new commits. Configure here.