원클릭으로
user-management
Create, update, and remove users by editing the canonical L2 user files and related group membership files.
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
메뉴
Create, update, and remove users by editing the canonical L2 user files and related group membership files.
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
Read the supplemental project documentation module
Frontend development router. Load deeper skills before editing
Use the frontend API surface correctly for app files, discovery, identity, and permission-aware browser data access.
Inspect, navigate, and interact with open browser surfaces through space.browser
Open or close stand-alone browser windows
Editable frontend runtime rules for framework pages, stores, shared runtime namespaces, and reusable visual patterns.
| name | User Management |
| description | Create, update, and remove users by editing the canonical L2 user files and related group membership files. |
| metadata | {"when":{"tags":["admin"]}} |
Use this skill when the user asks to create a user, remove a user, change a user's full name, reset a password, revoke sessions, or explain how user account files are organized.
L2/<username>/ is the user's root folder. If this folder is deleted, the local account data and user customware are removed.L2/<username>/user.yaml stores user metadata. full_name belongs here.L2/<username>/meta/password.json stores the backend-sealed SCRAM verifier used by login.L2/<username>/meta/logins.json stores signed session verifiers. Writing {} here revokes current sessions.L2/<username>/mod/ is the optional user customware root.There is no separate user registry file. The watched user index is derived from the files under L2/<username>/.
/, for example await space.api.fileWrite("L2/alice/") or await space.api.fileWrite("L2/alice/mod/").await space.api.fileDelete(path). Directory deletes are recursive.await space.api.call("password_generate", { method: "POST", body: { password } }) to create a fresh sealed password record before writing meta/password.json.meta/password.json or individual session entries. The backend secret must sign or seal them.space.utils.yaml.parse() and space.utils.yaml.stringify() when editing user.yaml or group.yaml.Use await space.api.fileList("L2/", false). Each direct child directory is one user root.
Use a single path-safe username segment such as alice or qa_bot. Then:
const username = "alice";
const fullName = "Alice Example";
const password = "replace-me";
const verifier = await space.api.call("password_generate", {
method: "POST",
body: { password }
});
return await space.api.fileWrite({
files: [
{ path: `L2/${username}/` },
{ path: `L2/${username}/mod/` },
{
path: `L2/${username}/user.yaml`,
content: space.utils.yaml.stringify({ full_name: fullName })
},
{
path: `L2/${username}/meta/password.json`,
content: `${JSON.stringify(verifier, null, 2)}\n`
},
{
path: `L2/${username}/meta/logins.json`,
content: "{}\n"
}
]
});
Read L2/<username>/user.yaml, parse it, update full_name, and write it back.
const path = "L2/alice/user.yaml";
const current = await space.api.fileRead(path);
const config = space.utils.yaml.parse(current.content || "");
config.full_name = "Alice Example";
return await space.api.fileWrite(path, space.utils.yaml.stringify(config));
Write a new sealed verifier record to L2/<username>/meta/password.json.
const username = "alice";
const verifier = await space.api.call("password_generate", {
method: "POST",
body: { password: "new-password" }
});
return await space.api.fileWrite(
`L2/${username}/meta/password.json`,
`${JSON.stringify(verifier, null, 2)}\n`
);
If the user also wants to sign the user out everywhere, overwrite L2/<username>/meta/logins.json with {} in the same batch write. Do not attempt to write individual session entries yourself.
Deleting L2/<username>/ removes the local account files:
return await space.api.fileDelete("L2/alice/");
If the user also wants membership cleanup, inspect writable L1/*/group.yaml files and remove that username from:
included_usersmanaging_usersThose group files are the canonical membership and manager records. Deleting only the user folder does not rewrite group configs automatically.