feat(tools): added sftp tool to accompany smtp and ssh tools

[waleedlatif1]

Summary

• added sftp tool to accompany smtp and ssh tools
• leverage existing file upload/download infra

Type of Change

• New feature

Testing

Tested manually

Checklist

• Code follows project style guidelines
• Self-reviewed my changes
• Tests added/updated and passing
• No new warnings introduced
• I confirm that I have read and agree to the terms outlined in the Contributor License Agreement (CLA)

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
docs	Ready	Preview	Comment	Dec 9, 2025 3:16am

[greptile-apps]

Greptile Overview

Greptile Summary

This PR adds comprehensive SFTP functionality to complement the existing SMTP and SSH tools. The implementation provides five core operations (upload, download, list, delete, mkdir) with robust security measures and follows established patterns in the codebase.

Key Changes:

• Added 5 SFTP tools (sftp_upload, sftp_download, sftp_list, sftp_delete, sftp_mkdir) with TypeScript interfaces and tool configurations
• Implemented 5 API routes with authentication, validation, path sanitization, and proper error handling
• Created comprehensive utility functions for SFTP connection management and security validations
• Added SFTP block configuration with conditional UI based on operation type
• Updated both tool and block registries to include new SFTP functionality
• Added complete documentation covering all operations and parameters
• Unified color scheme with SMTP tool (#2D3748)

Security Measures:

• Path traversal protection via isPathSafe, sanitizePath, and sanitizeFileName functions
• Authentication required via checkHybridAuth for all API routes
• File size limits (100MB upload, 50MB download) to prevent resource exhaustion
• Proper credential visibility (user-only for all credentials per custom instructions)
• URL decoding checks to prevent encoded path traversal attacks

Architecture:

• Leverages existing file upload/download infrastructure
• Follows consistent patterns with SMTP and SSH tools
• Uses ssh2 library for SFTP connection management
• Proper error formatting with helpful troubleshooting messages

Confidence Score: 5/5

• This PR is safe to merge with no security or functional issues detected
• The implementation demonstrates excellent code quality with comprehensive security measures, proper error handling, consistent patterns, thorough testing infrastructure, and complete documentation. All credentials correctly use 'user-only' visibility as required by custom instructions.
• No files require special attention

Important Files Changed

File Analysis

Filename	Score	Overview
apps/sim/app/api/tools/sftp/utils.ts	5/5	Comprehensive utility functions for SFTP connection management, path sanitization, and security validations
apps/sim/app/api/tools/sftp/upload/route.ts	5/5	Handles file upload operations with proper authentication, file size limits, and path traversal protection
apps/sim/tools/sftp/types.ts	5/5	Well-structured TypeScript interfaces for all SFTP operations and responses
apps/sim/blocks/blocks/sftp.ts	5/5	Comprehensive block configuration supporting all SFTP operations with proper parameter mapping
apps/docs/content/docs/en/tools/sftp.mdx	5/5	Comprehensive documentation covering all SFTP operations, parameters, and use cases

Sequence Diagram

sequenceDiagram
    participant User
    participant Block as SFTP Block
    participant Tool as SFTP Tool Config
    participant API as API Route
    participant Utils as SFTP Utils
    participant Server as Remote SFTP Server
    
    User->>Block: Configure SFTP operation
    Note over User,Block: Host, port, credentials,<br/>operation type, params
    
    Block->>Tool: Map params to tool config
    Note over Block,Tool: Select tool based on operation<br/>(upload/download/list/delete/mkdir)
    
    Tool->>API: POST request with connection config
    Note over Tool,API: Authentication via checkHybridAuth
    
    API->>Utils: Validate & sanitize paths
    Note over API,Utils: isPathSafe, sanitizePath,<br/>sanitizeFileName
    
    API->>Utils: createSftpConnection
    Utils->>Server: Connect via SSH2 client
    Note over Utils,Server: Password or private key auth
    
    Server-->>Utils: Connection established
    Utils-->>API: Return client & SFTP wrapper
    
    alt Upload Operation
        API->>Utils: downloadFileFromStorage
        Utils-->>API: File buffer
        API->>Server: Upload via createWriteStream
    else Download Operation
        API->>Server: Download via createReadStream
        Server-->>API: File content (utf-8 or base64)
    else List Operation
        API->>Server: readdir(remotePath)
        Server-->>API: Directory entries with metadata
    else Delete Operation
        API->>Server: unlink/rmdir (recursive if needed)
    else Mkdir Operation
        API->>Server: mkdir (recursive if needed)
    end
    
    API->>Utils: Close connection
    Utils->>Server: client.end()
    
    API-->>Tool: Return operation result
    Tool-->>Block: Transform response
    Block-->>User: Display success/error with output

Loading

[greptile-apps]

_{23 files reviewed, no comments}

_{Edit Code Review Agent Settings | Greptile}