Coder Workspaces

Name: Coder Workspaces
Author: developmentcats

Description

Manage Coder workspaces and AI coding agent tasks via CLI. List, create, start, stop, and delete workspaces. SSH into workspaces to run commands. Create and monitor AI coding tasks with Claude Code, Aider, or other agents.

Usage Guidance

Install this only if you want OpenClaw to manage your Coder deployment. Treat CODER_SESSION_TOKEN as an account credential: do not commit, share, log, or screenshot it; prefer least-privilege or short-lived tokens where available; rotate/revoke it if exposed; and require explicit confirmation before workspace deletion, task deletion, restarts, or broad remote commands.

Capability Analysis

Type: OpenClaw Skill Name: coder-workspaces Version: 1.5.5 The skill is designed to manage Coder workspaces and AI tasks using the `coder` CLI. It primarily serves as documentation for the AI agent on how to interact with the `coder` command. While it requires sensitive environment variables (`CODER_URL`, `CODER_SESSION_TOKEN`), this is necessary for its stated purpose. A key mitigating factor is the explicit instruction in `SKILL.md` that `coder ssh <workspace> -- <command>` executes commands within isolated Coder workspaces, not the host system. The `CHANGELOG.md` provides strong evidence that previous versions contained potentially risky patterns (e.g., `curl|bash`, helper scripts for install/auth, credential patterns) but these were intentionally removed to make the skill a 'pure documentation skill', significantly reducing its attack surface. No prompt injection attempts or malicious execution patterns are present in the current files.

Capability Assessment

ℹ Purpose & Capability

The skill's stated purpose matches its capabilities: listing and managing Coder workspaces, running commands in Coder workspaces, and creating or monitoring AI coding tasks. Delete, restart, SSH, and task actions are high-impact but disclosed and directly related to the purpose.

ℹ Instruction Scope

Runtime instructions are plain CLI examples with no hidden automation or prompt-injection behavior. Destructive examples use confirmation flags, so the agent or user should require explicit target names before running them.

✓ Install Mechanism

The current artifact contains only Markdown files and no executable scripts. Installation guidance points to official Coder CLI documentation, the user's Coder instance, Homebrew, and the ClawHub install command.

ℹ Credentials

CODER_URL and CODER_SESSION_TOKEN are expected for a Coder CLI integration. The README shows placing the session token in OpenClaw config but does not strongly label it as a sensitive secret, which is a security-hygiene gap rather than evidence of malicious behavior.

ℹ Persistence & Privilege

The skill does not add local persistence or privileged host behavior, but it can create remote Coder tasks and manage remote workspaces that may persist until stopped or deleted.

Version History

v1.5.5

### Changed - Restructured skill to follow standard CLI documentation patterns - Setup section now shows environment configuration (matches hass-cli style) - Commands no longer reference environment variables directly

v1.5.4

### Changed - Install instructions now point only to official Coder docs

v1.5.3

### Added - Context note clarifying commands run in isolated Coder workspaces, not host

v1.5.2

### Changed - Rewrote skill for agent (not user) as audience - Agent now attempts CLI install/auth fixes before asking user - Preset handling: try without, use default if exists, ask user only if needed ### Removed - Brew install metadata (agent learns install from Coder docs)

v1.5.1

### Changed - Task states timing now notes dependency on template configuration

v1.5.0

### Removed - `scripts/setup.sh` — CLI installation is now user responsibility (see docs) - `scripts/authenticate.sh` — login command documented in SKILL.md instead - `scripts/list-presets.sh` — presets visible in Coder web UI ### Changed - Skill now follows standard pattern: documents usage, doesn't install software - Added `metadata.openclaw.install` for brew install hint - No scripts remain — pure documentation skill

v1.4.1

### Changed - `scripts/setup.sh` now downloads binary directly instead of executing remote install script ### Security - Removed shell script piping pattern that triggered security scanners

v1.3.1

### Added - `scripts/setup.sh` — Install CLI from instance URL and verify authentication in one step ### Changed - README now instructs installing CLI from your Coder instance URL (ensures version match) - README restructured around the setup script workflow - SKILL.md references setup script for initial setup ### Security - Removed inline curl/API examples from SKILL.md (credential pattern flagged by security scanner) - SKILL.md now references helper scripts without exposing token-handling patterns - Helper scripts retained as tools (not agent-loaded content)

v1.4.0

Split setup and auth into independent scripts for targeted troubleshooting

v1.3.0

Added preset discovery workflow and helper script

v1.2.1

### Changed - Cleaned up description to remove implementation details - Simplified README with cleaner formatting - Replaced table with bullet list for task timing - Removed redundant sections and improved readability

v1.2.0

### Changed - Restructured skill to separate agent instructions from setup documentation - Setup instructions moved to README.md (for humans) - SKILL.md now assumes coder CLI is pre-installed and authenticated ### Removed - Helper script with curl commands (security scanner flagged patterns) - Reference files with API examples (redundant with official Coder docs) ### Security - Removed all curl and credential-sending patterns from agent-loaded files - Skill no longer contains install or authentication instructions

v1.1.0

### Added - Initial public release of Coder Workspaces skill for OpenClaw - Workspace lifecycle management: list, create, start, stop, restart, delete - SSH and command execution in workspaces - AI coding agent task management for Claude Code, Aider, Goose, and others - Helper script (coder-helper.sh) for common operations - Comprehensive CLI command reference documentation - Coder Tasks deep-dive guide - Setup guide with agent workflow checklist - Troubleshooting guide for authentication issues - GitHub Actions workflow for automated ClawHub publishing on tagged releases

v1.0.3

Test publish

v1.0.2

### Fixed - Fixed GitHub Actions permissions for creating releases

v1.0.1

### Fixed - Fixed GitHub Actions workflow changelog handling ### Changed - Improved release automation

v1.0.0

Initial release

Metadata

Slug coder-workspaces

Version 1.5.5

License —

All-time Installs 199

Active Installs 13

Total Versions 17

Frequently Asked Questions

What is Coder Workspaces?

Manage Coder workspaces and AI coding agent tasks via CLI. List, create, start, stop, and delete workspaces. SSH into workspaces to run commands. Create and monitor AI coding tasks with Claude Code, Aider, or other agents. It is an AI Agent Skill for Claude Code / OpenClaw, with 5281 downloads so far.

How do I install Coder Workspaces?

Run "/install coder-workspaces" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Coder Workspaces free?

Yes, Coder Workspaces is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Coder Workspaces support?

Coder Workspaces is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Coder Workspaces?

It is built and maintained by DevCats (@developmentcats); the current version is v1.5.5.

More Skills

What is Coder Workspaces?

How do I install Coder Workspaces?

Is Coder Workspaces free?

Which platforms does Coder Workspaces support?

Who created Coder Workspaces?

💬 Comments