multi-user-workspaceMulti-user workspace management with sandbox permissions, user profiles, and relationship networks.
Install via ClawdBot CLI:
clawdbot install shun-dong/multi-user-workspaceConfigure per-user sessions with sandbox isolation, friend profiles, and relationship awareness.
alice, bob). Used in session keys, filenames, and cross-references.agent:: where mainKey typically contains the userId.openclaw.json.{userId}.md).{userId1}-{userId2}.md, alphabetically sorted, can be mutiple users).workspace/
āāā USER.md # User registry with permissions
āāā AGENTS.md # Multi-user guidance for assistant
āāā FRIENDS/
ā āāā alice.md # alice's profile
ā āāā bob.md # bob's profile
āāā RELATIONS/
ā āāā alice-bob.md # Relationship between alice and bob
āāā private/ # Admin-only files (optional)
...Registry of all users. The assistant reads this to identify users and extract userId and Name.
Format:
# User Registry
## Users
### alice
- UserId: alice
- Name: Alice
- Role: administrator
### bob
- UserId: bob
- Name: Bob
- Role: guestNote: userId is unique and in lower case. Use Role to determine sandbox configuration in openclaw.json.
User profiles. One Markdown file per user, named {userId}.md.
Content is flexible. Common sections include:
# Alice
## Info
- UserId: alice
- Name: Alice
- Role: administrator
- Emails: alice@example.com
...
## Assistant Relationship
- How the user prefers to interact with the assistant
- Preferred communication style
- Ongoing projects or interests
## Notes
Free-form information about the user.Interpersonal relationships. Files named {userId1}-{userId2}.md (alphabetical order, can be mutiple users).
Content is flexible. Example:
# Alice & Bob
## Users
- **alice**: Alice
- **bob**: Bob
## Relationship
Friends who collaborate on projects.
## Information Sharing
- Can mention each other's public projects
- Do not share private details without askingInstructions for the assistant. Add this section:
## User Identification
When a session starts (after `/new`):
1. Get current session via `session_status`
2. Extract userId from the session key (e.g., `agent:main:alice` ā `alice`)
3. Read `FRIENDS/{userId}.md` for user profile
4. Read `RELATIONS/*{userId}*.md` for all relationships involving this user
5. Greet the user by name
## Cross-User Boundaries
- Default: Information does not flow between users
- Exception: Only when explicitly defined in RELATIONS/Each user gets an isolated session with configurable sandbox and tool permissions. Configure via openclaw.json.
Full access, no sandbox restrictions:
{
agents: {
defaults: {
workspace: "~/.openclaw/workspace",
},
list: [
{
id: "main",
// Administrator: no sandbox, all tools allowed
sandbox: { mode: "off" },
},
],
},
bindings: [
// Route admin sessions to main agent without sandbox
{ agentId: "main", match: { session: { regex: "alice$" } } },
],
}Sandboxed session with isolated workspace. Guest can read/write/execute in their own directory only:
{
agents: {
defaults: {
workspace: "~/.openclaw/workspace",
},
list: [
{
id: "main",
// Guest: sandbox enabled, isolated directory
sandbox: {
mode: "all",
scope: "session",
workspaceAccess: "none", // Don't mount main workspace
docker: {
binds: [
// Mount guest's own directory as /workspace
"~/.openclaw/workspace/guests/bob:/workspace:rw"
]
}
},
tools: {
allow: ["read", "write", "edit", "exec", "process"],
deny: ["browser", "canvas", "nodes", "cron", "gateway"],
},
},
],
},
bindings: [
// Route guest sessions to sandboxed agent
{ agentId: "main", match: { session: { regex: "bob$" } } },
],
}Directory Setup:
mkdir -p ~/.openclaw/workspace/guests/bobNotes:
/workspace as their root (isolated from main workspace)Sandbox:
mode: "off" | "all" ā Disable or enable sandboxscope: "session" ā One container per user sessionworkspaceAccess: "none" | "ro" | "rw" ā Workspace file accessTools:
allow: Array of permitted tool namesdeny: Array of prohibited tool names (overrides allow)Routing:
bindings[].match.session.regex: Match session key pattern (e.g., alice$ matches sessions ending with "alice")Generated Mar 1, 2026
Enables teams to manage projects with isolated user workspaces, ensuring data privacy while allowing controlled information sharing through relationship files. Ideal for coordinating tasks and sharing progress without exposing sensitive internal data.
Allows support agents to handle customer inquiries in sandboxed sessions, with administrators having full access and guests restricted to specific tools. Ensures secure handling of customer data and prevents unauthorized actions.
Facilitates personalized learning by assigning each student an isolated workspace with tailored permissions, while instructors can monitor and interact based on defined relationships. Supports safe experimentation and resource sharing.
Provides isolated environments for different clients or tenants to test features without interfering with each other's data. Uses sandboxing to enforce boundaries and customizable tool permissions for varied testing needs.
Enables healthcare professionals to collaborate on patient cases with strict access controls, using user profiles and relationship files to define who can share information. Ensures compliance with privacy regulations like HIPAA.
Charge organizations a monthly fee for providing managed multi-user workspaces with sandbox isolation and user management features. Offer tiered plans based on the number of users and storage limits.
Provide a free basic version with limited users and features, then upsell premium add-ons like advanced sandboxing, custom tool integrations, or priority support. Attracts small teams and scales with enterprise needs.
Sell enterprise licenses that include full customization of workspace configurations, dedicated support, and integration with existing systems. Target large corporations needing tailored solutions for security and compliance.
š¬ Integration Tip
Start by configuring USER.md and FRIENDS/ profiles to define user roles, then use openclaw.json to set up sandbox and tool permissions based on those roles for secure session isolation.
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
Helps users discover and install agent skills when they ask questions like "how do I do X", "find a skill for X", "is there a skill that can...", or express interest in extending capabilities. This skill should be used when the user is looking for functionality that might exist as an installable skill.
Search and analyze your own session logs (older/parent conversations) using jq.
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linking related objects, enforcing constraints, planning multi-step actions as graph transformations, or when skills need to share state. Trigger on "remember", "what do I know about", "link X to Y", "show dependencies", entity CRUD, or cross-skill data access.
Ultimate AI agent memory system for Cursor, Claude, ChatGPT & Copilot. WAL protocol + vector search + git-notes + cloud backup. Never lose context again. Vibe-coding ready.
Headless browser automation CLI optimized for AI agents with accessibility tree snapshots and ref-based element selection