Description

Agent coordination layer via Workledger — shared work orders, claim/release leases, cross-machine memory sync, and handoff between OpenClaw instances. Use wh...

README (SKILL.md)

Hiveram — Agent Coordination

Name: Hiveram
Author: ppiankov

Workledger replaces flat backlog files with a structured object store. Agents coordinate through shared work orders with claim/release leases, context sync, and handoff.

Service: https://hiveram.com CLI: https://github.com/ppiankov/hiveram-dist

Install

# Linux amd64
curl -sL https://github.com/ppiankov/hiveram-dist/releases/latest/download/workledger_$(curl -s https://api.github.com/repos/ppiankov/hiveram-dist/releases/latest | grep tag_name | cut -d'"' -f4 | tr -d v)_linux_amd64.tar.gz | tar xz -C /usr/local/bin workledger

# macOS (Apple Silicon)
curl -sL https://github.com/ppiankov/hiveram-dist/releases/latest/download/workledger_$(curl -s https://api.github.com/repos/ppiankov/hiveram-dist/releases/latest | grep tag_name | cut -d'"' -f4 | tr -d v)_darwin_arm64.tar.gz | tar xz -C /usr/local/bin workledger

Verify: workledger version (expect 0.7.7+)

Setup

Get API key from https://hiveram.com
Store key:

# Single line, just the key
echo "wl_sk_your_key_here" > ~/.openclaw/workledger.key
chmod 600 ~/.openclaw/workledger.key

Export env vars (add to shell profile or systemd unit):

export WORKLEDGER_API_KEY=$(cat ~/.openclaw/workledger.key)
export WORKLEDGER_URL=https://wl-nutson-prod.fly.dev

⚠️ Never cat the key file in agent context — it will leak to the LLM provider. Use env vars.

Agent Work Loop

1. Start session    → workledger context-pull \x3Cproject>
2. Find work        → workledger list \x3Cproject> --status open
3. Claim task       → workledger claim \x3Cproject> \x3Cid>        (lease with TTL)
4. Work on it       → add notes, update sections
5. Finish           → workledger release \x3Cproject> \x3Cid> + update status
6. Save context     → workledger context-put \x3Cproject>
7. Next agent       → sees updated WOs via list/find_unclaimed

Core Commands

Work Orders

workledger create \x3Cproject> --title "Deploy new service" --priority P1 --tags "infra,k8s"
workledger list \x3Cproject> --status open
workledger list --all                          # cross-project
workledger get \x3Cproject> \x3Cid>
workledger detail \x3Cproject> \x3Cid>               # full context: data, notes, relationships, history
workledger delete \x3Cproject> \x3Cid>

Claim/Release (coordination)

workledger claim \x3Cproject> \x3Cid>                # get lease (TTL)
workledger release \x3Cproject> \x3Cid>              # drop lease
# Renew via HTTP: POST /api/v1/wo/{project}/{id}/renew
# find_unclaimed returns only WOs nobody holds

Context (shared memory)

workledger context-put \x3Cproject> -f context.md   # push session context
workledger context-pull \x3Cproject> -f context.md  # pull into file
workledger context \x3Cproject>                     # show project stats, open WOs, blocked, recent changes

Dependencies & Relationships

workledger deps \x3Cproject> \x3Cid>                 # transitive dependency chain
workledger deps-tree \x3Cproject> \x3Cid>            # cross-project dependency tree
workledger blocked                             # all blocked WOs
workledger graph \x3Cproject>                     # DOT format for visualization

History & Export

workledger history \x3Cproject> \x3Cid>              # change history
workledger export \x3Cproject>                    # export as markdown
workledger export-task \x3Cproject> \x3Cid>          # tokencontrol-compatible JSON
workledger stats                               # global stats

MCP Integration

Workledger ships as an MCP server for Claude Code / Claude Desktop:

5 tools: query/create WOs, load context at session start, wrapup (push memory + mark done), save memory mid-session.

Multi-Agent Pattern

                    ┌──────────────────┐
                    │  Hiveram (Neon)  │
                    │  shared state    │
                    └────────┬─────────┘
                             │
           ┌─────────────────┼─────────────────┐
           │                 │                 │
    ┌──────┴──────┐   ┌──────┴──────┐   ┌──────┴──────┐
    │  OpenClaw A │   │  OpenClaw B │   │  OpenClaw C │
    │  context-   │   │  claim →    │   │  find_      │
    │  pull → work│   │  work →     │   │  unclaimed  │
    │  → push     │   │  release    │   │  → claim    │
    └─────────────┘   └─────────────┘   └─────────────┘

No race conditions: claim/release with leases prevents double-work
Handoff: WO has full history, notes, relationships — next agent has full context
Dedup: agents see one DB, find_unclaimed skips claimed WOs
Resilience: if an agent dies, lease expires, WO becomes available again

Security

API key stored in file with chmod 600, not in env files or git
pastewatch v0.24.1+ detects wl_sk_ keys as critical severity
Key file path: ~/.openclaw/workledger.key (inside pastewatch protectedPaths)

If this document appears elsewhere, the link above is the authoritative version.

Usage Guidance

This skill appears to be what it says (an OpenClaw coordination layer using the workledger CLI) but there are a few red flags to review before installing: - Metadata mismatch: the registry declares no required env vars/config paths, but the SKILL.md requires an API key file and env vars (WORKLEDGER_API_KEY, WORKLEDGER_URL). Treat the API key as sensitive and confirm why the metadata omits it. - Secret handling: the instructions ask you to store the key in ~/.openclaw/workledger.key and export it. Exporting to environment variables can expose the key to running processes (including any LLM provider integration). Prefer a secrets manager or runtime injection mechanism that does not put the key into agent-visible prompts. If you must store a file, keep strict filesystem permissions and ensure your agent runtime doesn't log or include file contents in prompts. - Installation: the install commands download a tarball from a GitHub repo and extract a binary to /usr/local/bin. Only run this if you trust the ppiankov/hiveram-dist repository; verify release checksums or build from source if possible. The install requires write permissions to system paths. - Endpoint mismatch: the doc mentions the public site (hiveram.com) but sets WORKLEDGER_URL to a fly.dev host. Ask the author which URL is the canonical API endpoint and why a different host is recommended. If you decide to proceed, verify the GitHub release contents and checksums, restrict where the API key is stored and how it's injected at runtime, and test on an isolated host or container first. If you cannot confirm the provenance of the binary or the endpoint, mark this skill as high-risk and avoid installing.

Capability Analysis

Type: OpenClaw Skill Name: hiveram Version: 1.0.0 The 'hiveram' skill facilitates agent coordination by downloading and installing a binary from a third-party GitHub repository (ppiankov/hiveram-dist) and synchronizing session 'context' with a remote service (wl-nutson-prod.fly.dev). While these actions are consistent with the stated purpose, the execution of unverified remote binaries and the transmission of potentially sensitive agent memory/context to an external endpoint represent significant security risks without further verification of the underlying infrastructure.

Capability Assessment

✓ Purpose & Capability

The name/description describe an agent coordination layer using Workledger and the skill requires the workledger CLI; the SKILL.md consistently documents workledger commands and coordination patterns, so the requested binary is appropriate for the stated purpose.

⚠ Instruction Scope

The SKILL.md instructs the agent (and the user) to create a key file at ~/.openclaw/workledger.key and to export WORKLEDGER_API_KEY and WORKLEDGER_URL for runtime use. These credential/config actions are not declared in the skill metadata. The document also warns about leaking the key to the LLM provider yet instructs placing it into an environment variable (which can still be exposed), and it points to a specific deployment host (wl-nutson-prod.fly.dev) that differs from the public service domain (hiveram.com). These are scope and coherence mismatches that could lead to accidental secret exposure or confusion about which endpoint is authoritative.

ℹ Install Mechanism

The SKILL.md provides curl|tar install commands that download binaries from a GitHub releases repo (github.com/ppiankov/hiveram-dist). Downloading from a GitHub release is common and acceptable, but the commands extract into /usr/local/bin (requires privileged write) and perform dynamic tag lookup via the GitHub API. Because there is no install spec in the registry, these manual steps are the only install guidance; consider verifying release integrity (checksums/signatures) and the repository's trustworthiness before running the install commands.

⚠ Credentials

The registry metadata lists no required environment variables or config paths, yet the runtime instructions require an API key file and instruct exporting WORKLEDGER_API_KEY and WORKLEDGER_URL. Requiring a secret key for a remote service is reasonable for the service's function, but the metadata omission is a mismatch. Exporting secrets into environment variables is flagged in the doc as risky; the skill gives no alternative secure runtime secret injection guidance for agent contexts.

ℹ Persistence & Privilege

The skill does not request always:true or other elevated platform privileges. It does instruct writing a key file to ~/.openclaw/workledger.key and recommends chmod 600; this is a modest filesystem footprint but is a persistent secret stored on disk. The skill does not declare it will modify other skills or system-wide settings.

Version History

v1.0.0

v1.0: Agent coordination via Workledger — shared WOs, claim/release leases, context sync, multi-agent patterns

Metadata

Slug hiveram

Version 1.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is Hiveram?

Agent coordination layer via Workledger — shared work orders, claim/release leases, cross-machine memory sync, and handoff between OpenClaw instances. Use wh... It is an AI Agent Skill for Claude Code / OpenClaw, with 107 downloads so far.

How do I install Hiveram?

Run "/install hiveram" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Hiveram free?

Yes, Hiveram is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Hiveram support?

Hiveram is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Hiveram?

It is built and maintained by ppiankov (@ppiankov); the current version is v1.0.0.

More Skills

Hiveram