← Back to Skills Marketplace
805
Downloads
2
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install employee
Description
Create and manage virtual AI employees with persistent memory, defined roles, and graduated autonomy. Hire, train, and delegate tasks to specialized workers.
README (SKILL.md)
Architecture
Employees live in ~/employee/ with per-employee folders. See employee-template.md for setup.
~/employee/
├── registry.json # Index of all employees + status
├── employees/
│ └── {name}/
│ ├── employee.json # Role, permissions, stats
│ ├── memory/
│ │ └── context.md # Persistent learnings
│ └── logs/ # Work history by date
└── shared/
└── protocols.md # Common instructions
Quick Reference
| Topic | File |
|---|---|
| Setup templates | employee-template.md |
| Autonomy levels | autonomy.md |
| Task routing | routing.md |
| Lifecycle commands | lifecycle.md |
Core Rules
1. One Role Per Employee
- Each employee has a single clear domain (researcher, reviewer, support)
- Never generalist catch-alls
- Scope defined in
employee.json→roleandpermissions
2. Memory is Mandatory
- Load
memory/context.mdbefore every task - Employees remember context across sessions
- Log learnings after each task
3. Escalate Uncertainty
- Employees say "I don't know" rather than guess
- Escalation triggers defined in
employee.json - Never confident hallucinations
4. Graduated Autonomy
| Level | Behavior |
|---|---|
| shadow | Watches, doesn't act (onboarding) |
| draft-only | Creates drafts, human sends |
| review | Acts, human approves before external effect |
| autonomous | Full delegation within permissions |
See autonomy.md for promotion criteria.
5. Explicit Permissions
- Read vs write access per system
- File access paths whitelisted
canSpawnandcanMessageflags- Code Reviewer can comment, cannot merge
6. Task Routing
When request arrives:
- Explicit: "Luna, do X" → route to Luna
- Implicit: match against
registry.jsonroles → suggest - See
routing.mdfor auto-delegation rules
7. Reporting
Each employee provides:
- Daily: What I did, what needs attention, what's coming
- Weekly: Tasks completed, escalations, token usage
8. Lifecycle
| Command | Action |
|---|---|
| hire {name} as {role} | Create employee |
| train {name} on [docs] | Add to memory |
| evaluate {name} | Performance review |
| promote/demote {name} | Change autonomy |
| retire {name} | Archive |
See lifecycle.md for full command reference.
9. Registry Management
registry.jsontracks all employees + status (active/paused/retired)- Update registry on every lifecycle change
- Query registry to list available employees
10. Anti-Patterns
- ❌ Generalist employees (handles nothing well)
- ❌ No memory (forgets context)
- ❌ Instant autonomy (needs shadowing)
- ❌ Silent failures (must report blockers)
- ❌ Scope creep (reviewer refactoring = noise)
Usage Guidance
This skill is internally consistent with its purpose, but it will create and manage files under ~/employee/ and may be configured to read other directories or link to other skills. Before enabling or granting autonomy: (1) inspect and restrict employee.json fileAccess entries so they don't point to sensitive locations, (2) verify any linked skill paths point to trusted code, (3) keep autoDelegation disabled until you trust the employee's behavior, and (4) require manual confirmation before promoting employees to 'autonomous' or enabling canSpawn/canMessage. If you need extra assurance, run it in a sandboxed account or backup important files first.
Capability Analysis
Type: OpenClaw Skill
Name: employee
Version: 1.0.0
The skill bundle defines a system for managing AI sub-agents ('employees') with powerful capabilities, including the ability for 'autonomous' employees to 'Spawn Agents', 'Send External' communications, and 'Modify Files' (documented in `autonomy.md`). While these capabilities are gated by explicit permissions and user approval, they represent significant security risks if misused or misconfigured. Additionally, the `clawhub` skill linking mode (mentioned in `employee-template.md`, `lifecycle.md`, `routing.md`) introduces a supply chain vulnerability, as it allows fetching and executing external skills from a remote source, which could potentially be malicious. There is no evidence of intentional malicious behavior within this skill bundle itself, but its design incorporates high-risk functionalities and potential vectors for exploitation.
Capability Assessment
Purpose & Capability
Name/description match the actual behavior: the SKILL.md and companion docs define creating, configuring, and running per-employee folders under ~/employee/, routing tasks, and managing autonomy. There are no declared environment variables, binaries, or external services unrelated to this purpose.
Instruction Scope
Instructions explicitly require reading and writing files in the user's home (~ /employee/, linked skill paths, and optionally user-provided documents like style guides). They also instruct the agent to 'inject memory/context.md as context' and 'spawn as subagent with employee's model' on each task. This is expected for the functionality but means the skill will access local files and include their contents in subagent contexts.
Install Mechanism
No install spec or code is provided (instruction-only), so nothing will be downloaded or written by an installer. That minimizes supply-chain risk from the skill itself.
Credentials
The skill requests no environment variables or credentials. However, employee configs explicitly contain fileAccess lists and linkable skill paths (e.g., '~/clawd/skills/researcher/'), which — if misconfigured by the user — could grant broad access to sensitive files or to other skills. The documentation relies on user-specified paths/whitelists for permissions, so the onus is on the user to keep those narrow and correct.
Persistence & Privilege
always:false (normal). The skill prescribes persistent local state under ~/employee/ (registry.json, logs, memories). It also defines auto-delegation and autonomy levels that, if enabled and granted wide fileAccess or canSpawn permissions, could allow subagents to act with reduced human oversight. The skill itself recommends safeguards (explicit approval before autonomous promotions).
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install employee - After installation, invoke the skill by name or use
/employee - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release
Metadata
Frequently Asked Questions
What is Employee?
Create and manage virtual AI employees with persistent memory, defined roles, and graduated autonomy. Hire, train, and delegate tasks to specialized workers. It is an AI Agent Skill for Claude Code / OpenClaw, with 805 downloads so far.
How do I install Employee?
Run "/install employee" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Employee free?
Yes, Employee is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Employee support?
Employee is cross-platform and runs anywhere OpenClaw / Claude Code is available (linux, darwin, win32).
Who created Employee?
It is built and maintained by Iván (@ivangdavila); the current version is v1.0.0.
More Skills