← 返回 Skills 市场
648
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install workplace
功能描述
Manage multiple workplaces (project directories) with multi-agent orchestration, isolated memory, and inter-agent communication. Use when the user mentions:...
安全使用建议
This skill does what it claims (manage per-project workplaces, run multi-agent orchestration, and run a Rust file-watcher), but it makes persistent, wide-reaching changes: it creates/updates .workplace/ folders inside projects, writes to ~/.openclaw/workspace/.workplaces (registry/current/loaded/sessions), may modify project files like CLAUDE.md/.cursor rules/opencode.jsonc, auto-initialize children in parent dirs, and can start background processes. Before installing: (1) Review the scripts (init_workplace.sh, build.sh, etc.) line-by-line and the Rust server code; (2) avoid running init on a high-level parent directory unless you want many repos auto-initialized; (3) backup repositories or run in an isolated environment (container/VM) first; (4) if you will build the server, run build.sh manually and inspect the produced binary before executing; (5) be aware that agent prompts will include file contents (risk of leaking secrets or allowing prompt-injection), so ensure sensitive files are excluded or add .workplace to .gitignore and configure ignorePatterns appropriately; (6) consider running with limited permissions and monitor ~/.openclaw/workspace/ for unexpected changes. If you want, I can point out specific lines in the scripts that modify home or project files and explain them in detail.
功能分析
Type: OpenClaw Skill
Name: workplace
Version: 1.0.0
The skill is classified as suspicious due to a shell injection vulnerability found in `scripts/init_workplace.sh`. The script uses `sed` with direct variable substitution for the `--name` argument (e.g., `sed -e "s|__NAME__|$WP_NAME|g"`), which is user-controlled. An attacker could craft a malicious `--name` argument containing `sed` metacharacters (e.g., `|e /bin/sh #`) to achieve arbitrary command execution when the AI agent executes the `init_workplace.sh` script. This is a critical vulnerability, but not evidence of intentional malice within the skill itself.
能力评估
Purpose & Capability
The name/description match what the files implement: registry in ~/.openclaw/workspace/.workplaces, per-project .workplace folders, an agent kernel, Rust file-watcher, and IDE sync. Requiring filesystem access, git detection, and an optional Rust toolchain is coherent with the stated purpose. One notable behavior is automatic initialization of child repositories when run on a parent directory (init_workplace.sh can recurse across children and auto-initialize), which is functionally consistent but potentially intrusive if the user doesn't expect mass changes.
Instruction Scope
SKILL.md and the referenced scripts instruct the agent to read and write many files (project files, .workplace/*, ~/.openclaw workspace registry, CLAUDE.md, .cursor rules, opencode.jsonc). The orchestrator builds system prompts by ingesting structure.json and agent .md contents — useful for multi-agent operation but flagged by the static scan as a 'system-prompt-override' pattern. The skill will modify project files and the user's home registry, auto-create sessions, and can start background processes (kernel agent + file-watcher). Those are expected features but broaden the surface for accidental data exposure, accidental repository modification, or prompt-injection effects if untrusted files are included in prompts.
Install Mechanism
There is no install spec — the package is instruction- plus code-file based. Build.sh compiles a local Rust server using cargo (no remote arbitrary download in the scripts shown). Pre-built binaries are mentioned in README but not required by an install spec. Building requires the Rust toolchain; scripts copy compiled binaries into the skill's assets. This is moderate risk: code will be written to disk and services may be started locally, but no suspicious remote download was detected in the provided files.
Credentials
The skill requests no environment variables or external credentials. It does require filesystem access, git, and optionally the Rust toolchain — which matches its functionality. It also references 'supermemory' sync (OpenClaw platform feature) but does not declare or request credentials; that likely relies on platform-managed access. No unrelated credentials are requested.
Persistence & Privilege
The skill spawns persistent components (kernel agent, background Rust file-watcher) that monitor and write to project files and ~/.openclaw/workspace/.workplaces/* and can update process-status.json and sessions. always:false (good), but the skill will create long-lived files/processes and can modify workspace and project files persistently, so the user should be aware of the ongoing footprint and potential cross-workspace effects.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install workplace - 安装完成后,直接呼叫该 Skill 的名称或使用
/workplace触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial publish: multi-workplace management with session tracking, Telegram inline UI, agent orchestration, IDE sync
元数据
常见问题
Workplace 是什么?
Manage multiple workplaces (project directories) with multi-agent orchestration, isolated memory, and inter-agent communication. Use when the user mentions:... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 648 次。
如何安装 Workplace?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install workplace」即可一键安装,无需额外配置。
Workplace 是免费的吗?
是的,Workplace 完全免费(开源免费),可自由下载、安装和使用。
Workplace 支持哪些平台?
Workplace 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Workplace?
由 farmerwu(@dickwu)开发并维护,当前版本 v1.0.0。
推荐 Skills