← Back to Skills Marketplace
648
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install workplace
Description
Manage multiple workplaces (project directories) with multi-agent orchestration, isolated memory, and inter-agent communication. Use when the user mentions:...
Usage Guidance
This skill does what it claims (manage per-project workplaces, run multi-agent orchestration, and run a Rust file-watcher), but it makes persistent, wide-reaching changes: it creates/updates .workplace/ folders inside projects, writes to ~/.openclaw/workspace/.workplaces (registry/current/loaded/sessions), may modify project files like CLAUDE.md/.cursor rules/opencode.jsonc, auto-initialize children in parent dirs, and can start background processes. Before installing: (1) Review the scripts (init_workplace.sh, build.sh, etc.) line-by-line and the Rust server code; (2) avoid running init on a high-level parent directory unless you want many repos auto-initialized; (3) backup repositories or run in an isolated environment (container/VM) first; (4) if you will build the server, run build.sh manually and inspect the produced binary before executing; (5) be aware that agent prompts will include file contents (risk of leaking secrets or allowing prompt-injection), so ensure sensitive files are excluded or add .workplace to .gitignore and configure ignorePatterns appropriately; (6) consider running with limited permissions and monitor ~/.openclaw/workspace/ for unexpected changes. If you want, I can point out specific lines in the scripts that modify home or project files and explain them in detail.
Capability Analysis
Type: OpenClaw Skill
Name: workplace
Version: 1.0.0
The skill is classified as suspicious due to a shell injection vulnerability found in `scripts/init_workplace.sh`. The script uses `sed` with direct variable substitution for the `--name` argument (e.g., `sed -e "s|__NAME__|$WP_NAME|g"`), which is user-controlled. An attacker could craft a malicious `--name` argument containing `sed` metacharacters (e.g., `|e /bin/sh #`) to achieve arbitrary command execution when the AI agent executes the `init_workplace.sh` script. This is a critical vulnerability, but not evidence of intentional malice within the skill itself.
Capability Assessment
Purpose & Capability
The name/description match what the files implement: registry in ~/.openclaw/workspace/.workplaces, per-project .workplace folders, an agent kernel, Rust file-watcher, and IDE sync. Requiring filesystem access, git detection, and an optional Rust toolchain is coherent with the stated purpose. One notable behavior is automatic initialization of child repositories when run on a parent directory (init_workplace.sh can recurse across children and auto-initialize), which is functionally consistent but potentially intrusive if the user doesn't expect mass changes.
Instruction Scope
SKILL.md and the referenced scripts instruct the agent to read and write many files (project files, .workplace/*, ~/.openclaw workspace registry, CLAUDE.md, .cursor rules, opencode.jsonc). The orchestrator builds system prompts by ingesting structure.json and agent .md contents — useful for multi-agent operation but flagged by the static scan as a 'system-prompt-override' pattern. The skill will modify project files and the user's home registry, auto-create sessions, and can start background processes (kernel agent + file-watcher). Those are expected features but broaden the surface for accidental data exposure, accidental repository modification, or prompt-injection effects if untrusted files are included in prompts.
Install Mechanism
There is no install spec — the package is instruction- plus code-file based. Build.sh compiles a local Rust server using cargo (no remote arbitrary download in the scripts shown). Pre-built binaries are mentioned in README but not required by an install spec. Building requires the Rust toolchain; scripts copy compiled binaries into the skill's assets. This is moderate risk: code will be written to disk and services may be started locally, but no suspicious remote download was detected in the provided files.
Credentials
The skill requests no environment variables or external credentials. It does require filesystem access, git, and optionally the Rust toolchain — which matches its functionality. It also references 'supermemory' sync (OpenClaw platform feature) but does not declare or request credentials; that likely relies on platform-managed access. No unrelated credentials are requested.
Persistence & Privilege
The skill spawns persistent components (kernel agent, background Rust file-watcher) that monitor and write to project files and ~/.openclaw/workspace/.workplaces/* and can update process-status.json and sessions. always:false (good), but the skill will create long-lived files/processes and can modify workspace and project files persistently, so the user should be aware of the ongoing footprint and potential cross-workspace effects.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install workplace - After installation, invoke the skill by name or use
/workplace - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial publish: multi-workplace management with session tracking, Telegram inline UI, agent orchestration, IDE sync
Metadata
Frequently Asked Questions
What is Workplace?
Manage multiple workplaces (project directories) with multi-agent orchestration, isolated memory, and inter-agent communication. Use when the user mentions:... It is an AI Agent Skill for Claude Code / OpenClaw, with 648 downloads so far.
How do I install Workplace?
Run "/install workplace" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Workplace free?
Yes, Workplace is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Workplace support?
Workplace is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Workplace?
It is built and maintained by farmerwu (@dickwu); the current version is v1.0.0.
More Skills