원클릭으로
admin-users
Create, update, remove, and explain user accounts, password verifiers, sessions, and user-root storage as an admin.
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
메뉴
Create, update, remove, and explain user accounts, password verifiers, sessions, and user-root storage as an admin.
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
Read the supplemental project documentation module
Frontend development router. Load deeper skills before editing
Use the frontend API surface correctly for app files, discovery, identity, and permission-aware browser data access.
Inspect, navigate, and interact with open browser surfaces through space.browser
Open or close stand-alone browser windows
Editable frontend runtime rules for framework pages, stores, shared runtime namespaces, and reusable visual patterns.
| name | Admin Users |
| description | Create, update, remove, and explain user accounts, password verifiers, sessions, and user-root storage as an admin. |
| metadata | {"when":{"tags":["agent"]}} |
Use this skill for concrete user-account work.
const info = await space.api.userSelfInfo().info.groups.includes("_admin") === true.L2/<username>/ is the user's logical root.L2/<username>/user.yaml stores user metadata such as full_name.L2/<username>/meta/password.json stores the backend-sealed SCRAM verifier.L2/<username>/meta/logins.json stores signed session verifiers.L2/<username>/mod/ is that user's customware module root.There is no separate user registry file. The watched user index is derived from files under L2/<username>/.
L2/alice/user.yaml.CUSTOMWARE_PATH, these logical paths stay the same.fileWrite(".../") creates a directory because the path ends with /.meta/password.json or individual session entries. Use password_generate for password records and only write {} when revoking sessions.Use a normalized username segment such as alice, ops_bot, or qa-team-1.
const username = "alice";
const fullName = "Alice Example";
const password = "replace-me";
const verifier = await space.api.call("password_generate", {
method: "POST",
body: { password }
});
return await space.api.fileWrite({
files: [
{ path: `L2/${username}/` },
{ path: `L2/${username}/mod/` },
{
path: `L2/${username}/user.yaml`,
content: space.utils.yaml.stringify({ full_name: fullName })
},
{
path: `L2/${username}/meta/password.json`,
content: `${JSON.stringify(verifier, null, 2)}\n`
},
{
path: `L2/${username}/meta/logins.json`,
content: "{}\n"
}
]
});
Read user.yaml, parse it, mutate the fields you need, and write it back.
const path = "L2/alice/user.yaml";
const current = await space.api.fileRead(path);
const config = space.utils.yaml.parse(current.content || "");
config.full_name = "Alice Example";
return await space.api.fileWrite(path, space.utils.yaml.stringify(config));
Generate a fresh sealed verifier first, then overwrite meta/password.json.
const verifier = await space.api.call("password_generate", {
method: "POST",
body: { password: "new-password" }
});
return await space.api.fileWrite(
"L2/alice/meta/password.json",
`${JSON.stringify(verifier, null, 2)}\n`
);
Overwrite L2/<username>/meta/logins.json with {}.
return await space.api.fileWrite("L2/alice/meta/logins.json", "{}\n");
When resetting a password, prefer writing the new verifier and clearing logins.json in the same batch. Do not attempt to preserve or invent individual session entries.
Deleting L2/<username>/ removes the local account tree:
return await space.api.fileDelete("L2/alice/");
Deleting a user root does not rewrite L1/*/group.yaml automatically. If the user should disappear from memberships or manager lists too, load admin-user-management/groups and remove that username from the affected group configs.
guest_create is the dedicated endpoint for guest creation when the runtime allows it.guest_ account unless the user explicitly wants a normal local user whose name happens to start that way.Backend equivalents exist for operators outside the browser:
node space user create <username> --password <password> [--full-name <name>]node space user password <username> --password <password>From the overlay agent, prefer the browser APIs above.