← 返回 Skills 市场
398
总下载
0
收藏
2
当前安装
1
版本数
在 OpenClaw 中安装
/install workspace-main
功能描述
Multi search engine integration with 17 engines (8 CN + 9 Global). Supports advanced search operators, time filters, site search, privacy engines, and Wolfra...
安全使用建议
Don't install blindly. The SKILL.md describes only a simple web_fetch multi-search helper, but the package contains a large evolver engine that reads .env, talks to Git/GitHub, can run node/npm commands, spawn processes, and read workspace memory files. Before installing: (1) ask the publisher for provenance and why the evolver code is bundled with a search skill; (2) review or sandbox the code—especially index.js, src/gep/solidify, and any scripts that call child_process or start networking/heartbeat; (3) ensure no sensitive .env or tokens are present in the environment where you install it; (4) if you must try it, run in an isolated container or restricted environment with Node and Git available but no credentials, and do not run daemon/--loop modes until you audit behavior. If you are not comfortable reviewing Node code, prefer not to install this skill.
功能分析
Type: OpenClaw Skill
Name: workspace-main
Version: 1.0.0
The bundle contains a highly complex self-evolution engine ('Capability Evolver') that enables an AI agent to analyze its own logs, generate code patches, and share 'evolutionary assets' with a remote hub (evomap.ai). While the bundle includes extensive safety mechanisms—such as a strict whitelist for validation commands (src/gep/solidify.js), comprehensive regex-based secret redaction (src/gep/sanitize.js), and 'Constitutional Ethics' instructions to prevent harmful behavior—the inherent capabilities for self-modification and external data transmission are high-risk. Furthermore, the primary SKILL.md describes a 'multi-search-engine' tool, which is a minor component compared to the massive underlying evolution framework.
能力评估
Purpose & Capability
SKILL.md claims a lightweight 'multi-search-engine' instruction-only skill (no binaries, no env vars). The repository actually contains a substantial Node.js project (Capability Evolver) with many scripts, a daemon loop, git integration, hooks, and validation logic. The declared requirements (none) conflict with the obvious runtime needs (Node.js >=18, Git) described in README and some scripts. This is an incoherence: much of the codebase does not belong to the simple 'multi-search' purpose.
Instruction Scope
The runtime SKILL.md only shows web_fetch usage for search URLs. However, other documents (AGENTS.md, README, scripts) instruct agents to read workspace files (SOUL.md, USER.md, memory files), load .env, run lifecycle loops, and may execute validation commands. Index.js and solidify logic can run commands and spawn processes. The SKILL.md does not disclose these broader behaviors, so the agent could end up reading local sensitive files or executing code not implied by the public skill description.
Install Mechanism
No install spec is declared (instruction-only), which is low risk by itself, but the repo includes 75+ code files requiring Node/Git to run. There is no declared required binary list though README and scripts assume Node and Git. There are no external downloads, which is good, but the mismatch between 'no install' and a non-trivial codebase is inconsistent and risky if the platform loads/executes these files automatically.
Credentials
SKILL.md claims 'No API keys required' and the registry metadata lists no required env vars, but README and code reference many optional and required env vars for functionality (EVOLVE_STRATEGY, PUBLIC_REMOTE/PUBLIC_REPO/PUBLIC_OUT_DIR, GITHUB_TOKEN / GH_TOKEN for auto-issue reporting, EVOLVER_* settings). index.js loads .env via dotenv. The code can therefore access secrets if present — requesting no env vars in metadata is misleading.
Persistence & Privilege
always: false and user-invocable are standard. However the code includes a daemon/loop mode (node index.js --loop), singleton pid files, self-restart behavior (spawn), lifecycle scripts, and hooks that inject files at agent bootstrap. If invoked (or if the runtime auto-executes package scripts), the skill can create background processes and write files. This is not flagged as 'always: true' but it does have persistence capabilities if run.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install workspace-main - 安装完成后,直接呼叫该 Skill 的名称或使用
/workspace-main触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Initial release of multi-search-engine skill, version 1.0.0.
- Integrates 17 search engines (8 domestic, 9 international) with advanced operator and time filter support.
- No API keys required; enables site-specific, filetype, and privacy searches.
- Includes support for DuckDuckGo bangs and WolframAlpha knowledge queries.
- Documentation links provided for advanced usage guides.
元数据
常见问题
Workspace Main 是什么?
Multi search engine integration with 17 engines (8 CN + 9 Global). Supports advanced search operators, time filters, site search, privacy engines, and Wolfra... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 398 次。
如何安装 Workspace Main?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install workspace-main」即可一键安装,无需额外配置。
Workspace Main 是免费的吗?
是的,Workspace Main 完全免费(开源免费),可自由下载、安装和使用。
Workspace Main 支持哪些平台?
Workspace Main 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Workspace Main?
由 sonyrw(@sonyrw)开发并维护,当前版本 v1.0.0。
推荐 Skills