feat: require password for admin init and auto-configure plugin path

- pass_mgr admin init now requires --key-path parameter
- Password must be at least 6 characters long
- Install script now updates OpenClaw plugins.load.paths config
- Falls back to manual instructions if config file not found

install.mjs

@@ -455,6 +455,44 @@ async function configure(env) {
   
   log('\n  Add the following to your shell profile:', 'yellow');
   log(`    source ${envFile}`, 'cyan');
+
+  // Update OpenClaw plugins.load.paths configuration
+  log('\n  Updating OpenClaw plugin configuration...', 'blue');
+  const openclawConfigPath = join(env.openclawDir || homedir(), '.openclaw', 'config.json');
+  
+  if (existsSync(openclawConfigPath)) {
+    try {
+      const configContent = readFileSync(openclawConfigPath, 'utf8');
+      const config = JSON.parse(configContent);
+      
+      // Ensure plugins.load.paths exists
+      if (!config.plugins) {
+        config.plugins = {};
+      }
+      if (!config.plugins.load) {
+        config.plugins.load = {};
+      }
+      if (!config.plugins.load.paths) {
+        config.plugins.load.paths = [];
+      }
+      
+      // Add paddedcell skills path if not already present
+      const skillsPath = join(env.openclawDir || homedir(), '.openclaw', 'skills', 'paddedcell');
+      if (!config.plugins.load.paths.includes(skillsPath)) {
+        config.plugins.load.paths.push(skillsPath);
+        writeFileSync(openclawConfigPath, JSON.stringify(config, null, 2));
+        logSuccess(`Added plugin path to OpenClaw config: ${skillsPath}`);
+      } else {
+        log('  Plugin path already in OpenClaw config', 'green');
+      }
+    } catch (err) {
+      logWarning(`Failed to update OpenClaw config: ${err.message}`);
+    }
+  } else {
+    logWarning(`OpenClaw config not found at ${openclawConfigPath}`);
+    log('  Please manually add the following to your OpenClaw config:', 'yellow');
+    log(`    plugins.load.paths: ["${join(env.openclawDir || homedir(), '.openclaw', 'skills', 'paddedcell')}"]`, 'cyan');
+  }
 }
 
 // ============================================================================

pass_mgr/src/main.go

@@ -178,6 +178,13 @@ func adminInitCmd() *cobra.Command {
 		Use:   "admin init",
 		Short: "Initialize pass_mgr with admin key",
 		Run: func(cmd *cobra.Command, args []string) {
+			// Require --key-path parameter
+			if keyPath == "" {
+				fmt.Fprintln(os.Stderr, "Error: --key-path is required")
+				fmt.Fprintln(os.Stderr, "Usage: pass_mgr admin init --key-path <path-to-key-file>")
+				fmt.Fprintln(os.Stderr, "The key file must contain a password with at least 6 characters")
+				os.Exit(1)
+			}
 			if err := initAdmin(keyPath); err != nil {
 				fmt.Fprintf(os.Stderr, "Error: %v\n", err)
 				os.Exit(1)
@@ -185,7 +192,7 @@ func adminInitCmd() *cobra.Command {
 			fmt.Println("pass_mgr initialized successfully")
 		},
 	}
-	cmd.Flags().StringVar(&keyPath, "key-path", "", "Path to admin key file (optional)")
+	cmd.Flags().StringVar(&keyPath, "key-path", "", "Path to admin key file (required, password must be >= 6 chars)")
 	return cmd
 }
 
@@ -258,20 +265,15 @@ func initAdmin(keyPath string) error {
 		return fmt.Errorf("failed to create admin directory: %w", err)
 	}
 	
-	var key []byte
-	if keyPath != "" {
-		// Read provided key
-		var err error
-		key, err = os.ReadFile(keyPath)
-		if err != nil {
-			return fmt.Errorf("failed to read key file: %w", err)
-		}
-	} else {
-		// Generate new key
-		key = make([]byte, 32)
-		if _, err := rand.Read(key); err != nil {
-			return fmt.Errorf("failed to generate key: %w", err)
-		}
+	// Read provided key
+	key, err := os.ReadFile(keyPath)
+	if err != nil {
+		return fmt.Errorf("failed to read key file: %w", err)
+	}
+	
+	// Validate password length (must be >= 6 characters)
+	if len(key) < 6 {
+		return fmt.Errorf("password must be at least 6 characters long (got %d)", len(key))
 	}
 	
 	// Save key