← Back to Skills Marketplace
247
Downloads
0
Stars
0
Active Installs
3
Versions
Install in OpenClaw
/install workspace-trash
Description
Soft-delete protection for workspace files. Intercept file deletions and move them to a recoverable trash instead of permanent removal. Use when deleting, re...
Usage Guidance
This skill appears to do what it claims, but check these before installing or using it:
- Verify OPENCLAW_HOME / OPENCLAW_WORKSPACE values: ensure they point to the intended OpenClaw directory (not / or your home directory) so the script cannot operate on unintended files.
- Confirm behavior around 'empty': the SKILL.md requires user confirmation before permanent deletion, but the script itself does not prompt. Make sure the agent asks you (or modify the script to require an explicit --confirm/--force flag) before running the empty action.
- Ensure Node.js and the listed POSIX utilities exist in the runtime environment.
- Test move/restore on non-critical files first to confirm permissions and cross-filesystem behavior.
- If you need stronger safety, consider adding an interactive confirmation in the script for 'empty' and/or an allowlist check for specific workspace subpaths, and be aware of TOCTOU race conditions with mv/cp+rm fallbacks.
Capability Analysis
Type: OpenClaw Skill
Name: workspace-trash
Version: 1.2.0
The workspace-trash skill is a safety utility designed to prevent accidental file loss by implementing a recoverable trash system. The implementation in trash.sh and SKILL.md demonstrates high security awareness, employing symlink resolution to prevent path traversal and using environment variables to pass data to Node.js scripts, which effectively mitigates shell injection risks. The operations are strictly scoped to the ~/.openclaw directory, and no suspicious network activity, data exfiltration, or obfuscation was found.
Capability Assessment
Purpose & Capability
The script implements soft-delete behavior described in the SKILL.md: it moves allowed files under the workspace into a .trash directory, records a manifest, supports restore and empty, and lists contents. Required binaries (node, mv, cp, rm, find, awk, date, basename, dirname) are consistent with the implementation.
Instruction Scope
SKILL.md instructs the agent to always confirm with the user before running an irreversible 'empty' action, but the provided script does not prompt for confirmation — it prints the count then immediately deletes. The script relies on the agent to gate destructive operations. The script otherwise confines actions to the configured OPENCLAW_HOME/workspace and avoids shell interpolation when invoking Node.js, which matches the stated security controls. Be aware of standard TOCTOU/race risks around filesystem moves when multiple actors operate on the same paths.
Install Mechanism
There is no install specification and no network downloads; the skill is instruction-only with an included script file. This is the lowest-risk install posture.
Credentials
No credentials or unrelated environment variables are requested. The script depends on OPENCLAW_HOME and OPENCLAW_WORKSPACE to define its scope; if those variables are misconfigured (e.g., set to / or another broad path) the script will operate over that area. The default ($HOME/.openclaw) is reasonable, but the scope depends entirely on these environment values.
Persistence & Privilege
The skill is not always-enabled and does not request persistent elevated privileges or modify other skills' configurations. Autonomous invocation is allowed (platform default) but that is expected for user-invocable tools.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install workspace-trash - After installation, invoke the skill by name or use
/workspace-trash - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.2.0
Security hardening: fix code injection via crafted filenames (env vars + spawnSync instead of string interpolation), resolve symlinks before scope check, declare node + POSIX deps, document env vars and destructive ops, add -- separators to all mv/cp/rm calls
v1.1.0
Cross-filesystem support for agent workspaces, expanded scope to all ~/.openclaw/ dirs, OOM-safe size calculation, agent tag in list view
v1.0.0
Initial release: soft-delete protection for workspace files with trash/restore/empty workflow
Metadata
Frequently Asked Questions
What is Workspace Trash?
Soft-delete protection for workspace files. Intercept file deletions and move them to a recoverable trash instead of permanent removal. Use when deleting, re... It is an AI Agent Skill for Claude Code / OpenClaw, with 247 downloads so far.
How do I install Workspace Trash?
Run "/install workspace-trash" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Workspace Trash free?
Yes, Workspace Trash is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Workspace Trash support?
Workspace Trash is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Workspace Trash?
It is built and maintained by crewhaus (@crewhaus); the current version is v1.2.0.
More Skills