Public documentation
Workbench Overview
Workbench Overview
Workbench is the shared workspace for teams that want local Roleplay results to become tracked security work.
It turns local CLI and CI results into:
- Home action list
- open findings
- Evidence
- attack-pack coverage
- test history
- protected agents
- CI setup
- API keys
- privacy controls
- ownership and status workflow
Current Release Behavior
Workbench stores workspace, project, run, finding, API-key, member, billing, and privacy settings for the shared workbench. Hosted production deployments use durable Postgres storage.
In local development only, workbench can use a local JSON store at:
.roleplay/cloud-db.jsonYou can point the app at another store with:
ROLEPLAY_CLOUD_STORE=/path/to/cloud-db.jsonProduction deployment assets, Postgres migrations, email/password workspace auth, billing endpoints, and readiness checks are included.
Main Screens
| Screen | Purpose |
|---|---|
| Home | What needs attention across findings, fixes, evidence, and monitors. |
| Findings | Triage finding status, owner, fix state, and remediation. |
| Evidence | Step through the proof for a failed scenario. |
| Attack Packs | Review pack coverage and copy local CLI run guidance. |
| Scenarios | Build adversarial simulations with YAML preview. |
| Tests | Review local and CI uploads with commit context. |
| Agents | Manage protected agent targets. |
| Monitor | Create API keys, copy workflow snippets, set privacy controls, and schedule recurring attack checks. |
| Settings | Workspace members, API keys, retention, and project controls. |
| Billing | Builder and Team subscription state. |
Workbench Plan Value
Use the included CLI to prove a failure locally. Use the workbench when that failure needs an owner, shared status, CI history, and regression tracking.