← Back to Skills Marketplace
810
Downloads
2
Stars
4
Active Installs
1
Versions
Install in OpenClaw
/install multi-user-workspace
Description
Multi-user workspace management with sandbox permissions, user profiles, and relationship networks.
Usage Guidance
This skill is internally consistent, but review a few operational details before enabling it:
- Verify openclaw.json bindings and sandbox settings carefully. Docker bind mounts like "~/.openclaw/workspace/guests/bob:/workspace:rw" give the container access to the host path; ensure binds only expose the intended directories.
- Limit the number of administrator-role users and audit who can be assigned the administrator Role in USER.md.
- Review FRIENDS/RELATIONS files for any sensitive data before putting real user data into the workspace; those files are read by the assistant and by configured agents.
- Be cautious with allowed tools in agent config (e.g., allowing "exec" or "process" permits running processes inside the sandbox). If you want stricter isolation, deny exec/process or enforce tighter sandboxing.
- Ensure session keys (used to derive userId) come from a trusted source and cannot be spoofed; malformed or attacker-controlled session keys could cause misattribution.
- Test the setup with non-sensitive accounts first and monitor logs to confirm access boundaries behave as expected.
If you want a deeper review, provide your openclaw.json and an example of your USER.md / FRIENDS/RELATIONS files so I can point out any policy or content concerns specific to your configuration.
Capability Analysis
Type: OpenClaw Skill
Name: multi-user-workspace
Version: 1.0.0
The `SKILL.md` file contains instructions for the AI agent that introduce a significant path traversal vulnerability. Specifically, the agent is instructed to extract a `userId` from the session key and then use this `userId` directly in file paths (e.g., `FRIENDS/{userId}.md`, `RELATIONS/*{userId}*.md`). If an attacker can control the `userId` portion of the session key (e.g., via a crafted session ID like `agent:main:../../etc/passwd`), the agent would be instructed to read arbitrary files on the host system, leading to potential information disclosure.
Capability Assessment
Purpose & Capability
The SKILL.md explains managing per-user session keys, reading per-user FRIENDS/{userId}.md files, RELATIONS/*{userId}*.md, and configuring sandboxing via openclaw.json. These requirements align with a multi-user workspace manager and there are no unexplained environment variables, binaries, or external services requested.
Instruction Scope
Instructions are specific and limited to session identification, reading registry/profile/relationship files from the workspace, and configuring sandbox and routing in openclaw.json. They do not instruct the agent to read unrelated system files, exfiltrate data, or call external endpoints. Minor caution: the skill relies on extracting userId from session keys (session_status) — ensure session keys are trusted and well-formed to avoid accidental impersonation or misattribution.
Install Mechanism
This is instruction-only with no install spec and no code files, so nothing is written to disk by the skill installer. That is the lowest-risk install model and is coherent with the described functionality.
Credentials
No environment variables, credentials, or config paths are requested. The only configuration referenced is openclaw.json and workspace subdirectories under the user's home (e.g., ~/.openclaw/workspace). These are proportional to configuring per-user sandboxes and access controls.
Persistence & Privilege
The skill does not request always:true or elevated platform privileges. It does describe configuring agents/sandboxes via openclaw.json (normal for a workspace manager) but does not instruct modifying other skills or system-wide settings outside its own workspace scope.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install multi-user-workspace - After installation, invoke the skill by name or use
/multi-user-workspace - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of multi-user-workspace with configurable user isolation and relationship-aware features.
- Introduces per-user sessions with optional Docker sandboxing based on user role.
- Defines FRIENDS/ for user profiles and RELATIONS/ for managing user relationships.
- Provides flexible workspace structure supporting administrators and guests with different permissions.
- Includes clear instructions for configuring permissions and workspace isolation in openclaw.json.
- Ensures information flows between users only when explicitly permitted in RELATIONS/.
Metadata
Frequently Asked Questions
What is Multi User Workspace?
Multi-user workspace management with sandbox permissions, user profiles, and relationship networks. It is an AI Agent Skill for Claude Code / OpenClaw, with 810 downloads so far.
How do I install Multi User Workspace?
Run "/install multi-user-workspace" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Multi User Workspace free?
Yes, Multi User Workspace is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Multi User Workspace support?
Multi User Workspace is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Multi User Workspace?
It is built and maintained by shun-dong (@shun-dong); the current version is v1.0.0.
More Skills