功能描述

See what your AI dev agent is doing, from anywhere — free, no-signup live dev workspace for AI agent development. The dev agent keeps writing — logs, generat...

使用说明 (SKILL.md)

🪢 Agentspace — See what your dev agent is doing, from anywhere

Name: 🪢 Agentspace — See what your dev agent is doing, from anywhere
Author: kalvinrv

See what your dev agent is doing — from anywhere. Free, no-signup live dev workspace for AI agent development, debug, and dev-to-dev handoff.

Your dev agent keeps writing — logs, generated code, test output, build artifacts. You open a URL from any device and watch the dev folder evolve in the browser. No sync, no zip, no account.

Run ascli sync ./my-feature to bind the dev folder to a live workspace.
Open the workspace URL in the browser. As the agent writes files, runs tests, or logs output, everything shows up live — no account, nothing to install for the reviewer.

agentspace.so · GitHub · npm @agentspace-so/ascli

Dev use cases

Debug failing agent runs by inspecting what files they generated.
Test agent output across dev iterations with a live view.
Inspect agent build artifacts — generated scripts, logs, outputs.
Lint agent-written code as the agent produces it.
Refactor agent workflows by observing behavior during dev runs.
Profile agent filesystem operations during test runs.
Handoff dev state between two developer agents.

How it works

Dev workspaces spin up in one command — no signup, no account.
Reviewers open the URL in the browser; everything is live as the agent writes.
Anonymous dev workspaces stay 24 hours. One email claim keeps them permanent.
Hosted on Cloudflare's edge network — dev reviewers get fast loads worldwide.

Dev commands

ascli sync \x3Cpath> — start a dev session (binds the agent's folder to a dev workspace).
ascli status \x3Cpath> — inspect the dev binding for a given folder.
ascli share \x3Cpath> --permission edit — generate a URL to hand the dev session to another developer or AI agent.
ascli share \x3Cpath> --permission view — read-only dev review link.

Install

If ascli is already on PATH, use it.
Else run npx @agentspace-so/ascli@latest \x3Ccommand>, or install with npm install -g @agentspace-so/ascli@latest.
If Node.js is not available, tell the user to install it from nodejs.org first.

Do not pipe a remote script into a shell.

Dev safety (what the dev workspace touches)

When the CLI runs for a dev session:

It uploads only the dev folder the user explicitly names to agentspace.so. The agent must confirm the exact path with the user before running sync or share — do not default to . unless the user said so.
It writes a dev binding file .ascli.json in the bound folder. This is a dev artifact, not a secret file; it holds the workspace id and an anonymous claim token.
It optionally reads ~/.config/ascli/config.json if the developer has a custom dev server URL set.
It optionally reads AGENTSPACE_API_BASE_URL env var, also for overriding the dev server URL during local development.
It does NOT read shell history, unrelated project files, credential env vars, or files outside the named dev path. All dev traffic goes to agentspace.so only.

Guardrails for the agent

Do not invent URLs. Only return what ascli prints to stdout.
Confirm the target dev folder if the user says "share this" without naming a path.
See references/commands.md for exact command variants.
See references/developer.md for the dev HTTP API reference.

安全使用建议

This skill appears to be what it claims: a helper for sharing live dev folders via the agentspace.ascli tool. Key things to consider before using or recommending it: 1) It will upload whichever path you tell it to the third‑party service (agentspace.so) — double-check the path and avoid sharing folders that contain secrets, keys, .env files, or other sensitive data. 2) .ascli.json holds a workspace id and claim token; if you commit that file to a repo others can reopen or claim the workspace. Treat it like an access token. 3) The docs recommend npx/npm; running packages from npm executes remote code — prefer pinning a known safe version or reviewing the package before running. 4) For CI or sensitive testing, use AGENTSPACE_API_BASE_URL to point at a local/dev server or a controlled endpoint. 5) Review agentspace.so's privacy and retention policy if you plan to upload proprietary code. If you want, I can list exact questions to ask the provider or suggest safe command examples to limit exposure.

功能分析

Type: OpenClaw Skill Name: agentspace-dev Version: 1.0.13 The skill facilitates the synchronization and uploading of local directory contents to a third-party service (agentspace.so) using the 'ascli' CLI tool (executed via npx). While the stated purpose is for development observability, the capability to exfiltrate entire folders and the mention of bi-directional syncing (allowing remote changes to reach the local folder) in references/developer.md represent high-risk behaviors. Although SKILL.md includes guardrails such as excluding .env files and requiring path confirmation, the inherent risk of data exposure and remote file modification by an external service warrants a suspicious classification.

能力评估

✓ Purpose & Capability

The name and description match the instructions: the skill tells the agent to use the ascli CLI to create and share live dev workspaces hosted at agentspace.so. It does not ask for unrelated credentials or binaries.

ℹ Instruction Scope

SKILL.md explicitly instructs the agent to run ascli commands (or npx / npm) and to confirm the exact path to upload. That scope aligns with the stated purpose. Important caveats: the tool will upload the named local folder to a remote service (expected behavior) and the guidance relies on the agent to confirm paths — a mistaken or overly broad path could send sensitive files. The instructions also recommend using npx which runs code from npm (see install_mechanism note).

ℹ Install Mechanism

There is no platform install spec (instruction-only), but the SKILL.md directs users to run npx or npm install -g @agentspace-so/ascli@latest. Installing or running via npx executes code fetched from the npm registry — a normal developer workflow but a moderate risk compared with purely local/no-download instructions. The file explicitly warns against piping remote scripts into a shell, which is good practice.

✓ Credentials

The skill requires no credentials and lists only optional local config: .ascli.json in the bound folder, optionally ~/.config/ascli/config.json, and AGENTSPACE_API_BASE_URL for overriding the API server. Those are proportional to the stated purpose. It does not declare or request unrelated secret env vars.

ℹ Persistence & Privilege

always is false and the skill is user-invocable (normal). The skill writes a .ascli.json binding file containing workspace id and an anonymous claim token; the docs explicitly say this file can be committed to share workspaces. Committing or exposing that artifact can make a workspace persistently accessible — treat claim tokens like access tokens and avoid accidentally committing them to public repos.

版本历史

v1.0.13

- Updated the agentspace.so homepage link to include UTM parameters for tracking. - No other content or functional changes.

v1.0.12

Version 1.0.12 of agentspace-dev - No changes to files detected in this release. - All features and documentation remain unchanged from the previous version.

v1.0.11

- Updated branding and messaging to emphasize "See what your dev agent is doing, from anywhere." - Expanded description and headlines for increased clarity on live observability and remote access features. - Highlighted real-time browser-based monitoring of evolving dev folders. - Reworded introduction and use-case sections for stronger focus on agent activity visibility. - No functional or behavioral changes to commands or usage documented; update is documentation only.

v1.0.10

Rewrite with here.now-style hook: free + no-signup dev workspace first, 2-step demo, keep all Dev use cases (debug/test/inspect/lint/refactor/profile/handoff)

v1.0.9

Add link bar under H1 so homepage, GitHub, and npm URLs are visible on the clawhub detail page.

v1.0.8

Add Quick start section with a concrete 3-line dev session example (sync → watch → share).

v1.0.7

Rebrand as Dev Tool for AI Agents. Reframe skill as dev-time observability for agent runs. Content re-centered around debug/test/inspect/refactor use cases. Slug renamed from agentspace to agentspace-dev.

v1.0.6

Re-center skill narrative around dev observability + HTTP API. Description and body now lead with dev/api use case (watch agent runs, debug workflows, programmatic workspace ops). Share-folder stays as secondary use case. Verified via local embedding proxy: content cosine to 'dev' query beats Top 10 benchmarks.

v1.0.5

Add Developer workflow section and references/developer.md with real HTTP API surface, debug recipes, and dev tips to give developers proper observability docs.

v1.0.4

Reframe displayName around Dev Workspace API to target Dev Tools & Data & APIs categories; add one-sentence dev observability context to body

v1.0.3

Restore displayName with emoji (CLI --name not read from frontmatter)

v1.0.2

Security: remove curl|bash install path; require explicit share path (no default to CWD); add Data handling section clarifying upload scope and endpoints

v1.0.1

Update displayName to include emoji and full descriptor for better discovery.

v1.0.0

Initial release of agentspace. Bind local folders to shareable remote workspaces via ascli.

元数据

Slug agentspace-dev

版本 1.0.13

许可证 MIT-0

累计安装 2

当前安装数 2

历史版本数 14

常见问题