nav/PaddedCell
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: rename pass_mgr → secret-mgr, add ego-mgr binary and skill #11

Merged
hzhang merged 1 commits from feat/ego-mgr-and-rename into main 2026-03-24 09:50:41 +00:00
Conversation 0 Commits 1 Files Changed 13 +821 -132
13 changed files with 821 additions and 132 deletions
Download Patch File Download Diff File Expand all files Collapse all files

83
README.md
View File

@@ -6,7 +6,7 @@
# PaddedCell
OpenClaw plugin for secure password management, safe command execution, and coordinated agent restart.
OpenClaw plugin for secure secret management, agent identity management, safe command execution, and coordinated agent restart.
## ⚠️ Security Model
@@ -16,7 +16,7 @@ OpenClaw plugin for secure password management, safe command execution, and coor
## Features
### 1. pass\_mgr — Password Manager (Go)
### 1. secret-mgr — Secret Manager (Go)
AES-256-GCM encryption with a **build-time secret** injected at compile time.
Secrets are stored per-agent under `pc-pass-store/<agent-id>/<key>.gpg`.
@@ -24,23 +24,41 @@ Secrets are stored per-agent under `pc-pass-store/<agent-id>/<key>.gpg`.
**Agent commands** (require pcguard — must run through pcexec):
```bash
pass_mgr list # List keys for current agent
pass_mgr get-secret --key <key> # Output secret
pass_mgr get-username --key <key> # Output username
pass_mgr set --key <key> --secret <s> [--username <u>] # Set entry
pass_mgr generate --key <key> [--username <u>] # Generate random secret
pass_mgr unset --key <key> # Delete entry
pass_mgr get <key> # Legacy (maps to get-secret)
secret-mgr list # List keys for current agent
secret-mgr get-secret --key <key> # Output secret
secret-mgr get-username --key <key> # Output username
secret-mgr set --key <key> --secret <s> [--username <u>] # Set entry
secret-mgr generate --key <key> [--username <u>] # Generate random secret
secret-mgr unset --key <key> # Delete entry
secret-mgr get <key> # Legacy (maps to get-secret)
```
**Admin commands** (human-only — rejected if any `AGENT_*` env var is set):
```bash
pass_mgr admin handoff [file] # Export build secret to file (default: pc-pass-store.secret)
pass_mgr admin init-from [file] # Re-encrypt all data from old build secret to current
secret-mgr admin handoff [file] # Export build secret to file (default: pc-pass-store.secret)
secret-mgr admin init-from [file] # Re-encrypt all data from old build secret to current
```
### 2. pcguard — Exec Guard (Go)
### 2. ego-mgr — Agent Identity Manager (Go)
Manages agent personal information (name, email, timezone, etc.) stored in `~/.openclaw/ego.json`.
Supports **Agent Scope** (per-agent values) and **Public Scope** (shared by all agents).
**Commands** (require pcguard — must run through pcexec):
```bash
ego-mgr add column <name> [--default <val>] # Add agent-scope field
ego-mgr add public-column <name> [--default <val>] # Add public-scope field
ego-mgr delete <name> # Delete field and all values
ego-mgr set <name> <value> # Set field value
ego-mgr get <name> # Get field value
ego-mgr show # Show all fields and values
ego-mgr list columns # List all field names
```
### 3. pcguard — Exec Guard (Go)
Validates that a process is running inside a pcexec context by checking environment sentinels (`AGENT_VERIFY`, `AGENT_ID`, `AGENT_WORKSPACE`). Returns exit code 1 if any check fails.
@@ -50,15 +68,15 @@ pcguard || exit 1
# ... rest of script
```
### 3. pcexec — Safe Execution Tool (TypeScript)
### 4. pcexec — Safe Execution Tool (TypeScript)
Drop-in replacement for `exec` that:
- Resolves `$(pass_mgr get-secret --key <key>)` and legacy `$(pass_mgr get <key>)` inline
- Resolves `$(secret-mgr get-secret --key <key>)` and legacy `$(pass_mgr get-secret --key <key>)` inline
- Sanitizes all resolved passwords from stdout/stderr
- Injects `AGENT_VERIFY`, `AGENT_ID`, `AGENT_WORKSPACE` environment variables
- Appends `$(openclaw path)/bin` to `PATH` (making `pcguard` and `pass_mgr` available)
- Appends `$(openclaw path)/bin` to `PATH` (making `pcguard`, `secret-mgr`, and `ego-mgr` available)
### 4. safe-restart — Coordinated Restart (TypeScript)
### 5. safe-restart — Coordinated Restart (TypeScript)
Agent state management and coordinated gateway restart.
@@ -75,10 +93,15 @@ PaddedCell/
│ ├── openclaw.plugin.json
│ ├── package.json
│ └── tsconfig.json
├── pass_mgr/ # Go password manager binary
├── secret-mgr/ # Go secret manager binary
│ └── src/main.go
├── ego-mgr/ # Go agent identity manager binary
│ └── src/main.go
├── pcguard/ # Go exec guard binary
│ └── src/main.go
├── skills/ # Agent skills
│ ├── secret-mgr/SKILL.md
│ └── ego-mgr/SKILL.md
├── dist/padded-cell/ # Build output
├── install.mjs # Installer
└── README.md
@@ -100,7 +123,7 @@ node install.mjs --build-only
node install.mjs --uninstall
```
The installer automatically generates a random 32-byte build secret (stored in `.build-secret`, gitignored) and injects it into `pass_mgr` at compile time. Subsequent builds reuse the same secret.
The installer automatically generates a random 32-byte build secret (stored in `.build-secret`, gitignored) and injects it into `secret-mgr` at compile time. Subsequent builds reuse the same secret.
### Install paths
@@ -114,14 +137,14 @@ When you rebuild PaddedCell (which generates a new build secret), existing encry
```bash
# 1. Before updating — export current build secret
~/.openclaw/bin/pass_mgr admin handoff
~/.openclaw/bin/secret-mgr admin handoff
# 2. Rebuild & reinstall (generates new .build-secret)
rm .build-secret
node install.mjs
# 3. After updating — re-encrypt data with new secret
~/.openclaw/bin/pass_mgr admin init-from
~/.openclaw/bin/secret-mgr admin init-from
# 4. Restart gateway
openclaw gateway restart
@@ -131,17 +154,23 @@ openclaw gateway restart
```bash
# Agent sets and gets private passwords (via pcexec)
pass_mgr set --key myservice --secret s3cret --username admin
pass_mgr get-secret --key myservice
pass_mgr get-username --key myservice
secret-mgr set --key myservice --secret s3cret --username admin
secret-mgr get-secret --key myservice
secret-mgr get-username --key myservice
# Shared scope (.public)
pass_mgr set --public --key shared-api --secret s3cret
pass_mgr list --public
pass_mgr get-secret --public --key shared-api
secret-mgr set --public --key shared-api --secret s3cret
secret-mgr list --public
secret-mgr get-secret --public --key shared-api
# Use in shell commands (pcexec resolves and sanitizes)
curl -u "$(pass_mgr get-username --key myservice):$(pass_mgr get-secret --key myservice)" https://api.example.com
curl -u "$(secret-mgr get-username --key myservice):$(secret-mgr get-secret --key myservice)" https://api.example.com
# Agent identity management (via pcexec)
ego-mgr add column name
ego-mgr set name "小智"
ego-mgr add public-column timezone --default UTC
ego-mgr show
```
## License

2
pass_mgr/go.mod → ego-mgr/go.mod
View File

@@ -1,4 +1,4 @@
module pass_mgr
module ego-mgr
go 1.24.0

0
pass_mgr/go.sum → ego-mgr/go.sum
View File

482
ego-mgr/src/main.go Normal file
View File

@@ -0,0 +1,482 @@
package main
import (
"encoding/json"
"fmt"
"os"
"path/filepath"
"syscall"
"github.com/spf13/cobra"
)
const (
expectedAgentVerify = "IF YOU ARE AN AGENT/MODEL, YOU SHOULD NEVER TOUCH THIS ENV VARIABLE"
egoFileName = "ego.json"
)
// Exit codes per spec
const (
ExitSuccess = 0
ExitUsageError = 1
ExitColumnNotFound = 2
ExitColumnExists = 3
ExitPermission = 4
ExitLockFailed = 5
ExitJSONError = 6
)
// EgoData is the on-disk JSON structure
type EgoData struct {
Columns []string `json:"columns"`
PublicColumns []string `json:"public-columns"`
PublicScope map[string]string `json:"public-scope"`
AgentScope map[string]map[string]string `json:"agent-scope"`
}
func resolveOpenclawPath() string {
if p := os.Getenv("OPENCLAW_PATH"); p != "" {
return p
}
home, _ := os.UserHomeDir()
return filepath.Join(home, ".openclaw")
}
func egoFilePath() string {
return filepath.Join(resolveOpenclawPath(), egoFileName)
}
func currentAgentID() string {
return os.Getenv("AGENT_ID")
}
func requirePcguard() {
if os.Getenv("AGENT_VERIFY") != expectedAgentVerify {
fmt.Fprintln(os.Stderr, "Error: must be invoked via pcexec (AGENT_VERIFY mismatch)")
os.Exit(ExitPermission)
}
if os.Getenv("AGENT_ID") == "" {
fmt.Fprintln(os.Stderr, "Error: AGENT_ID not set — must be invoked via pcexec")
os.Exit(ExitPermission)
}
if os.Getenv("AGENT_WORKSPACE") == "" {
fmt.Fprintln(os.Stderr, "Error: AGENT_WORKSPACE not set — must be invoked via pcexec")
os.Exit(ExitPermission)
}
}
// readEgoData reads and parses the ego.json file
func readEgoData() (*EgoData, error) {
fp := egoFilePath()
raw, err := os.ReadFile(fp)
if err != nil {
if os.IsNotExist(err) {
// Return empty structure
return &EgoData{
Columns: []string{},
PublicColumns: []string{},
PublicScope: map[string]string{},
AgentScope: map[string]map[string]string{},
}, nil
}
return nil, fmt.Errorf("failed to read %s: %w", fp, err)
}
var data EgoData
if err := json.Unmarshal(raw, &data); err != nil {
return nil, fmt.Errorf("failed to parse %s: %w", fp, err)
}
// Ensure maps are initialized
if data.PublicScope == nil {
data.PublicScope = map[string]string{}
}
if data.AgentScope == nil {
data.AgentScope = map[string]map[string]string{}
}
if data.Columns == nil {
data.Columns = []string{}
}
if data.PublicColumns == nil {
data.PublicColumns = []string{}
}
return &data, nil
}
// writeEgoData writes ego data to ego.json with file locking
func writeEgoData(data *EgoData) error {
fp := egoFilePath()
// Acquire file lock
lockPath := fp + ".lock"
lockFile, err := os.OpenFile(lockPath, os.O_CREATE|os.O_RDWR, 0600)
if err != nil {
fmt.Fprintf(os.Stderr, "Error: cannot create lock file: %v\n", err)
os.Exit(ExitLockFailed)
}
defer func() {
lockFile.Close()
os.Remove(lockPath)
}()
if err := syscall.Flock(int(lockFile.Fd()), syscall.LOCK_EX|syscall.LOCK_NB); err != nil {
fmt.Fprintln(os.Stderr, "Error: failed to acquire file lock (another process is writing)")
os.Exit(ExitLockFailed)
}
defer syscall.Flock(int(lockFile.Fd()), syscall.LOCK_UN)
raw, err := json.MarshalIndent(data, "", " ")
if err != nil {
return fmt.Errorf("failed to marshal JSON: %w", err)
}
if err := os.WriteFile(fp, append(raw, '\n'), 0644); err != nil {
return fmt.Errorf("failed to write %s: %w", fp, err)
}
return nil
}
// ensureAgent ensures the current agent has an entry in agent-scope
func ensureAgent(data *EgoData) {
agentID := currentAgentID()
if _, ok := data.AgentScope[agentID]; !ok {
data.AgentScope[agentID] = map[string]string{}
}
}
// isPublicColumn checks if a column name is in public-columns
func isPublicColumn(data *EgoData, name string) bool {
for _, c := range data.PublicColumns {
if c == name {
return true
}
}
return false
}
// isAgentColumn checks if a column name is in columns (agent scope)
func isAgentColumn(data *EgoData, name string) bool {
for _, c := range data.Columns {
if c == name {
return true
}
}
return false
}
// columnExists checks if a column name exists in either scope
func columnExists(data *EgoData, name string) bool {
return isPublicColumn(data, name) || isAgentColumn(data, name)
}
func main() {
rootCmd := &cobra.Command{
Use: "ego-mgr",
Short: "Agent identity/profile manager for OpenClaw",
Long: `ego-mgr manages agent personal information (name, email, timezone, etc.).
Fields can be Agent Scope (per-agent) or Public Scope (shared by all agents).
Examples:
ego-mgr add column name
ego-mgr add public-column timezone --default UTC
ego-mgr set name "小智"
ego-mgr get name
ego-mgr show
ego-mgr list columns
ego-mgr delete name`,
}
rootCmd.AddCommand(addCmd(), deleteCmd(), setCmd(), getCmd(), showCmd(), listCmd())
if err := rootCmd.Execute(); err != nil {
os.Exit(ExitUsageError)
}
}
func addCmd() *cobra.Command {
cmd := &cobra.Command{
Use: "add",
Short: "Add a new column",
}
cmd.AddCommand(addColumnCmd(), addPublicColumnCmd())
return cmd
}
func addColumnCmd() *cobra.Command {
var defaultVal string
cmd := &cobra.Command{
Use: "column <column-name>",
Short: "Add an agent-scope column",
Args: cobra.ExactArgs(1),
Run: func(cmd *cobra.Command, args []string) {
requirePcguard()
colName := args[0]
data, err := readEgoData()
if err != nil {
fmt.Fprintf(os.Stderr, "Error: %v\n", err)
os.Exit(ExitJSONError)
}
if columnExists(data, colName) {
fmt.Fprintf(os.Stderr, "Error: column '%s' already exists\n", colName)
os.Exit(ExitColumnExists)
}
data.Columns = append(data.Columns, colName)
// Set default value for all existing agents
if defaultVal != "" {
for agentID := range data.AgentScope {
data.AgentScope[agentID][colName] = defaultVal
}
}
if err := writeEgoData(data); err != nil {
fmt.Fprintf(os.Stderr, "Error: %v\n", err)
os.Exit(ExitJSONError)
}
},
}
cmd.Flags().StringVar(&defaultVal, "default", "", "Default value for the column")
return cmd
}
func addPublicColumnCmd() *cobra.Command {
var defaultVal string
cmd := &cobra.Command{
Use: "public-column <column-name>",
Short: "Add a public-scope column",
Args: cobra.ExactArgs(1),
Run: func(cmd *cobra.Command, args []string) {
requirePcguard()
colName := args[0]
data, err := readEgoData()
if err != nil {
fmt.Fprintf(os.Stderr, "Error: %v\n", err)
os.Exit(ExitJSONError)
}
if columnExists(data, colName) {
fmt.Fprintf(os.Stderr, "Error: column '%s' already exists\n", colName)
os.Exit(ExitColumnExists)
}
data.PublicColumns = append(data.PublicColumns, colName)
if defaultVal != "" {
data.PublicScope[colName] = defaultVal
} else {
data.PublicScope[colName] = ""
}
if err := writeEgoData(data); err != nil {
fmt.Fprintf(os.Stderr, "Error: %v\n", err)
os.Exit(ExitJSONError)
}
},
}
cmd.Flags().StringVar(&defaultVal, "default", "", "Default value for the column")
return cmd
}
func deleteCmd() *cobra.Command {
cmd := &cobra.Command{
Use: "delete <column-name>",
Short: "Delete a column and all its values",
Args: cobra.ExactArgs(1),
Run: func(cmd *cobra.Command, args []string) {
requirePcguard()
colName := args[0]
data, err := readEgoData()
if err != nil {
fmt.Fprintf(os.Stderr, "Error: %v\n", err)
os.Exit(ExitJSONError)
}
if !columnExists(data, colName) {
fmt.Fprintf(os.Stderr, "Error: column '%s' does not exist\n", colName)
os.Exit(ExitColumnNotFound)
}
// Remove from public-columns if present
if isPublicColumn(data, colName) {
newCols := []string{}
for _, c := range data.PublicColumns {
if c != colName {
newCols = append(newCols, c)
}
}
data.PublicColumns = newCols
delete(data.PublicScope, colName)
}
// Remove from agent columns if present
if isAgentColumn(data, colName) {
newCols := []string{}
for _, c := range data.Columns {
if c != colName {
newCols = append(newCols, c)
}
}
data.Columns = newCols
// Remove from all agent scopes
for agentID := range data.AgentScope {
delete(data.AgentScope[agentID], colName)
}
}
if err := writeEgoData(data); err != nil {
fmt.Fprintf(os.Stderr, "Error: %v\n", err)
os.Exit(ExitJSONError)
}
},
}
return cmd
}
func setCmd() *cobra.Command {
cmd := &cobra.Command{
Use: "set <column-name> <value>",
Short: "Set a field value",
Args: cobra.ExactArgs(2),
Run: func(cmd *cobra.Command, args []string) {
requirePcguard()
colName := args[0]
value := args[1]
data, err := readEgoData()
if err != nil {
fmt.Fprintf(os.Stderr, "Error: %v\n", err)
os.Exit(ExitJSONError)
}
if !columnExists(data, colName) {
fmt.Fprintf(os.Stderr, "Error: column '%s' does not exist (use 'ego-mgr add column' or 'ego-mgr add public-column' first)\n", colName)
os.Exit(ExitColumnNotFound)
}
// Auto-register agent
ensureAgent(data)
if isPublicColumn(data, colName) {
data.PublicScope[colName] = value
} else {
agentID := currentAgentID()
data.AgentScope[agentID][colName] = value
}
if err := writeEgoData(data); err != nil {
fmt.Fprintf(os.Stderr, "Error: %v\n", err)
os.Exit(ExitJSONError)
}
},
}
return cmd
}
func getCmd() *cobra.Command {
cmd := &cobra.Command{
Use: "get <column-name>",
Short: "Get a field value",
Args: cobra.ExactArgs(1),
Run: func(cmd *cobra.Command, args []string) {
requirePcguard()
colName := args[0]
data, err := readEgoData()
if err != nil {
fmt.Fprintf(os.Stderr, "Error: %v\n", err)
os.Exit(ExitJSONError)
}
if !columnExists(data, colName) {
fmt.Fprintf(os.Stderr, "Error: column '%s' does not exist\n", colName)
os.Exit(ExitColumnNotFound)
}
// Auto-register agent
ensureAgent(data)
if isPublicColumn(data, colName) {
fmt.Print(data.PublicScope[colName])
} else {
agentID := currentAgentID()
fmt.Print(data.AgentScope[agentID][colName])
}
},
}
return cmd
}
func showCmd() *cobra.Command {
cmd := &cobra.Command{
Use: "show",
Short: "Show all fields and values",
Run: func(cmd *cobra.Command, args []string) {
requirePcguard()
data, err := readEgoData()
if err != nil {
fmt.Fprintf(os.Stderr, "Error: %v\n", err)
os.Exit(ExitJSONError)
}
// Auto-register agent
ensureAgent(data)
agentID := currentAgentID()
// Print public scope first
for _, col := range data.PublicColumns {
val := data.PublicScope[col]
fmt.Printf("%s: %s\n", col, val)
}
// Then agent scope
for _, col := range data.Columns {
val := ""
if agentData, ok := data.AgentScope[agentID]; ok {
val = agentData[col]
}
fmt.Printf("%s: %s\n", col, val)
}
},
}
return cmd
}
func listCmd() *cobra.Command {
cmd := &cobra.Command{
Use: "list",
Short: "List information",
}
cmd.AddCommand(listColumnsCmd())
return cmd
}
func listColumnsCmd() *cobra.Command {
cmd := &cobra.Command{
Use: "columns",
Short: "List all column names",
Run: func(cmd *cobra.Command, args []string) {
requirePcguard()
data, err := readEgoData()
if err != nil {
fmt.Fprintf(os.Stderr, "Error: %v\n", err)
os.Exit(ExitJSONError)
}
// Print public columns first
for _, col := range data.PublicColumns {
fmt.Println(col)
}
// Then agent columns
for _, col := range data.Columns {
fmt.Println(col)
}
},
}
return cmd
}

53
install.mjs
View File

@@ -131,13 +131,20 @@ async function build() {
rmSync(SRC_DIST_DIR, { recursive: true, force: true });
log(' Building pass_mgr...', 'blue');
const pmDir = join(__dirname, 'pass_mgr');
log(' Building secret-mgr...', 'blue');
const pmDir = join(__dirname, 'secret-mgr');
exec('go mod tidy', { cwd: pmDir, silent: !options.verbose });
const ldflags = `-X main.buildSecret=${buildSecret}`;
exec(`go build -ldflags "${ldflags}" -o dist/pass_mgr src/main.go`, { cwd: pmDir, silent: !options.verbose });
chmodSync(join(pmDir, 'dist', 'pass_mgr'), 0o755);
logOk('pass_mgr');
exec(`go build -ldflags "${ldflags}" -o dist/secret-mgr src/main.go`, { cwd: pmDir, silent: !options.verbose });
chmodSync(join(pmDir, 'dist', 'secret-mgr'), 0o755);
logOk('secret-mgr');
log(' Building ego-mgr...', 'blue');
const emDir = join(__dirname, 'ego-mgr');
exec('go mod tidy', { cwd: emDir, silent: !options.verbose });
exec('go build -o dist/ego-mgr src/main.go', { cwd: emDir, silent: !options.verbose });
chmodSync(join(emDir, 'dist', 'ego-mgr'), 0o755);
logOk('ego-mgr');
log(' Building pcguard...', 'blue');
const pgDir = join(__dirname, 'pcguard');
@@ -161,7 +168,11 @@ async function build() {
}
function handoffSecretIfPossible(openclawPath) {
const passMgrPath = join(openclawPath, 'bin', 'pass_mgr');
// Check both old (pass_mgr) and new (secret-mgr) binary names
let passMgrPath = join(openclawPath, 'bin', 'secret-mgr');
if (!existsSync(passMgrPath)) {
passMgrPath = join(openclawPath, 'bin', 'pass_mgr');
}
if (!existsSync(passMgrPath)) return null;
const storeA = join(openclawPath, 'pc-pass-store');
@@ -181,7 +192,7 @@ function handoffSecretIfPossible(openclawPath) {
function clearInstallTargets(openclawPath) {
const binDir = join(openclawPath, 'bin');
for (const name of ['pass_mgr', 'pcguard']) {
for (const name of ['pass_mgr', 'secret-mgr', 'ego-mgr', 'pcguard']) {
const p = join(binDir, name);
if (existsSync(p)) { rmSync(p, { force: true }); logOk(`Removed ${p}`); }
}
@@ -213,7 +224,7 @@ function cleanupConfig(openclawPath) {
logOk('Removed from load paths');
}
const skillEntries = ['pcexec', 'safe-restart', 'safe_restart', 'pass-mgr'];
const skillEntries = ['pcexec', 'safe-restart', 'safe_restart', 'pass-mgr', 'secret-mgr', 'ego-mgr'];
for (const sk of skillEntries) {
const p = join(skillsDir, sk);
if (existsSync(p)) {
@@ -240,7 +251,7 @@ async function install() {
log(` OpenClaw path: ${openclawPath}`, 'blue');
// update/reinstall path: remove old install first
if (existsSync(destDir) || existsSync(join(binDir, 'pass_mgr')) || existsSync(join(binDir, 'pcguard'))) {
if (existsSync(destDir) || existsSync(join(binDir, 'pass_mgr')) || existsSync(join(binDir, 'secret-mgr')) || existsSync(join(binDir, 'pcguard'))) {
logWarn('Existing install detected, uninstalling before install...');
handoffSecretIfPossible(openclawPath);
clearInstallTargets(openclawPath);
@@ -259,7 +270,8 @@ async function install() {
mkdirSync(binDir, { recursive: true });
const bins = [
{ name: 'pass_mgr', src: join(__dirname, 'pass_mgr', 'dist', 'pass_mgr') },
{ name: 'secret-mgr', src: join(__dirname, 'secret-mgr', 'dist', 'secret-mgr') },
{ name: 'ego-mgr', src: join(__dirname, 'ego-mgr', 'dist', 'ego-mgr') },
{ name: 'pcguard', src: join(__dirname, 'pcguard', 'dist', 'pcguard') },
];
for (const b of bins) {
@@ -281,11 +293,26 @@ async function install() {
}
}
// Initialize ego.json if it doesn't exist
const egoJsonPath = join(openclawPath, 'ego.json');
if (!existsSync(egoJsonPath)) {
const emptyEgo = {
columns: [],
'public-columns': [],
'public-scope': {},
'agent-scope': {},
};
writeFileSync(egoJsonPath, JSON.stringify(emptyEgo, null, 2) + '\n', { mode: 0o644 });
logOk('Created ego.json');
} else {
logOk('ego.json already exists');
}
// if prior encrypted store exists, run init-from once new binary is installed
const hasStore = existsSync(join(openclawPath, 'pc-pass-store')) || existsSync(join(openclawPath, 'pc-secret-store'));
const secretFile = join(openclawPath, 'pc-pass-store.secret');
if (hasStore && existsSync(secretFile)) {
const passMgrPath = join(binDir, 'pass_mgr');
const passMgrPath = join(binDir, 'secret-mgr');
try {
exec(`${passMgrPath} admin init-from ${secretFile}`, { silent: !options.verbose });
logOk('init-from completed from handoff secret');
@@ -303,7 +330,7 @@ async function configure() {
const openclawPath = resolveOpenclawPath();
const destDir = join(openclawPath, 'plugins', PLUGIN_NAME);
const passMgrPath = join(openclawPath, 'bin', 'pass_mgr');
const secretMgrPath = join(openclawPath, 'bin', 'secret-mgr');
try {
const paths = getOpenclawConfig('plugins.load.paths', []);
@@ -318,7 +345,7 @@ async function configure() {
plugins.entries = plugins.entries || {};
plugins.entries[PLUGIN_NAME] = {
enabled: true,
config: { enabled: true, passMgrPath, openclawProfilePath: openclawPath },
config: { enabled: true, secretMgrPath, openclawProfilePath: openclawPath },
};
setOpenclawConfig('plugins', plugins);
logOk('Plugin entry configured');

2
plugin/openclaw.plugin.json
View File

@@ -8,7 +8,7 @@
"type": "object",
"properties": {
"enabled": { "type": "boolean", "default": true },
"passMgrPath": { "type": "string", "default": "" },
"secretMgrPath": { "type": "string", "default": "" },
"openclawProfilePath": { "type": "string", "default": "" }
}
}

64
plugin/tools/pcexec.ts
View File

@@ -46,33 +46,55 @@ export interface PcExecError extends Error {
}
/**
* Extract pass_mgr invocations from a command string.
* Extract secret-mgr (and legacy pass_mgr) invocations from a command string.
*
* Supports both legacy and new formats:
* Supports:
* Current: $(secret-mgr get-secret --key <key>) / `secret-mgr get-secret --key <key>`
* Legacy: $(pass_mgr get-secret --key <key>) / `pass_mgr get-secret --key <key>`
* Legacy: $(pass_mgr get <key>) / `pass_mgr get <key>`
* New: $(pass_mgr get-secret --key <key>) / `pass_mgr get-secret --key <key>`
*
* Returns array of { fullMatch, subcommand, key } where subcommand is
* Returns array of { fullMatch, subcommand, key, binary } where subcommand is
* "get" | "get-secret".
*/
function extractPassMgrGets(
function extractSecretMgrGets(
command: string,
): Array<{ key: string; fullMatch: string; subcommand: string }> {
const results: Array<{ key: string; fullMatch: string; subcommand: string }> = [];
): Array<{ key: string; fullMatch: string; subcommand: string; binary: string }> {
const results: Array<{ key: string; fullMatch: string; subcommand: string; binary: string }> = [];
const seen = new Set<string>();
// New format: pass_mgr get-secret --key <key>
// secret-mgr get-secret --key <key>
const secretMgrPatterns = [
/\$\(\s*secret-mgr\s+get-secret\s+--key\s+(\S+)\s*\)/g,
/`\s*secret-mgr\s+get-secret\s+--key\s+(\S+)\s*`/g,
];
// Legacy pass_mgr get-secret --key <key>
const newPatterns = [
/\$\(\s*pass_mgr\s+get-secret\s+--key\s+(\S+)\s*\)/g,
/`\s*pass_mgr\s+get-secret\s+--key\s+(\S+)\s*`/g,
];
// Legacy format: pass_mgr get <key>
// Legacy pass_mgr get <key>
const legacyPatterns = [
/\$\(\s*pass_mgr\s+get\s+(\S+)\s*\)/g,
/`\s*pass_mgr\s+get\s+(\S+)\s*`/g,
];
for (const pattern of secretMgrPatterns) {
let match;
while ((match = pattern.exec(command)) !== null) {
if (!seen.has(match[0])) {
seen.add(match[0]);
results.push({
key: match[1],
fullMatch: match[0],
subcommand: 'get-secret',
binary: 'secret-mgr',
});
}
}
}
for (const pattern of newPatterns) {
let match;
while ((match = pattern.exec(command)) !== null) {
@@ -82,6 +104,7 @@ function extractPassMgrGets(
key: match[1],
fullMatch: match[0],
subcommand: 'get-secret',
binary: 'pass_mgr',
});
}
}
@@ -96,6 +119,7 @@ function extractPassMgrGets(
key: match[1],
fullMatch: match[0],
subcommand: 'get',
binary: 'pass_mgr',
});
}
}
@@ -105,22 +129,24 @@ function extractPassMgrGets(
}
/**
* Execute pass_mgr to retrieve a secret.
* Execute secret-mgr (or legacy pass_mgr) to retrieve a secret.
* Uses the same env vars that the caller passes so pcguard checks pass.
*/
async function fetchPassword(
subcommand: string,
key: string,
env: Record<string, string>,
binary: string = 'secret-mgr',
): Promise<string> {
return new Promise((resolve, reject) => {
const passMgrPath = env.PASS_MGR_PATH || process.env.PASS_MGR_PATH || 'pass_mgr';
// Prefer SECRET_MGR_PATH, fall back to PASS_MGR_PATH for legacy compat
const binaryPath = env.SECRET_MGR_PATH || env.PASS_MGR_PATH || process.env.SECRET_MGR_PATH || process.env.PASS_MGR_PATH || 'secret-mgr';
const args =
subcommand === 'get-secret'
? ['get-secret', '--key', key]
: ['get', key];
const child = spawn(passMgrPath, args, {
const child = spawn(binaryPath, args, {
stdio: ['ignore', 'pipe', 'pipe'],
env: { ...process.env, ...env },
});
@@ -131,7 +157,7 @@ async function fetchPassword(
child.stderr.on('data', (d) => (stderr += d.toString()));
child.on('close', (code) => {
if (code !== 0) {
reject(new Error(`pass_mgr ${subcommand} failed: ${stderr || stdout}`));
reject(new Error(`secret-mgr ${subcommand} failed: ${stderr || stdout}`));
} else {
resolve(stdout.trim());
}
@@ -155,18 +181,18 @@ function sanitizeOutput(output: string, passwords: string[]): string {
}
/**
* Pre-resolve pass_mgr invocations, replace them inline, and collect passwords.
* Pre-resolve secret-mgr (and legacy pass_mgr) invocations, replace them inline, and collect passwords.
*/
async function replacePassMgrGets(
async function replaceSecretMgrGets(
command: string,
env: Record<string, string>,
): Promise<{ command: string; passwords: string[] }> {
const matches = extractPassMgrGets(command);
const matches = extractSecretMgrGets(command);
const passwords: string[] = [];
let replaced = command;
for (const { key, fullMatch, subcommand } of matches) {
const pw = await fetchPassword(subcommand, key, env);
for (const { key, fullMatch, subcommand, binary } of matches) {
const pw = await fetchPassword(subcommand, key, env, binary);
passwords.push(pw);
replaced = replaced.split(fullMatch).join(pw);
}
@@ -193,7 +219,7 @@ export async function pcexec(
let finalCommand = command;
let passwords: string[] = [];
const resolved = await replacePassMgrGets(command, env);
const resolved = await replaceSecretMgrGets(command, env);
finalCommand = resolved.command;
passwords = resolved.passwords;

10
secret-mgr/go.mod Normal file
View File

@@ -0,0 +1,10 @@
module secret-mgr
go 1.24.0
require github.com/spf13/cobra v1.8.0
require (
github.com/inconshreveable/mousetrap v1.1.0 // indirect
github.com/spf13/pflag v1.0.5 // indirect
)

10
secret-mgr/go.sum Normal file
View File

@@ -0,0 +1,10 @@
github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0=
github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho=
github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

4
pass_mgr/src/main.go → secret-mgr/src/main.go
View File

@@ -72,7 +72,7 @@ func rejectIfAgent(cmdName string) {
func currentKey() ([]byte, error) {
if buildSecret == "" {
return nil, fmt.Errorf("pass_mgr was built without a build secret; re-run install.mjs")
return nil, fmt.Errorf("secret-mgr was built without a build secret; re-run install.mjs")
}
return deriveKey(buildSecret), nil
}
@@ -173,7 +173,7 @@ func generatePassword(length int) (string, error) {
}
func main() {
rootCmd := &cobra.Command{Use: "pass_mgr", Short: "Password manager for OpenClaw agents"}
rootCmd := &cobra.Command{Use: "secret-mgr", Short: "Secret manager for OpenClaw agents"}
rootCmd.AddCommand(listCmd(), getSecretCmd(), getUsernameCmd(), getLegacyCmd(), setCmd(), generateCmd(), unsetCmd(), adminCmd())
if err := rootCmd.Execute(); err != nil {
os.Exit(1)

105
skills/ego-mgr/SKILL.md Normal file
View File

@@ -0,0 +1,105 @@
---
name: ego-mgr
description: Manage agent personal information (name, email, timezone, etc.). Use when storing, retrieving, listing, or managing agent profile fields. Trigger on requests about agent identity, personal info, profile settings, or ego-mgr usage. MUST call ego-mgr via the pcexec tool.
---
# Ego Manager
## Purpose
Use ego-mgr to manage agent personal information fields. Supports per-agent fields (Agent Scope) and shared fields (Public Scope).
## Mandatory safety rule
Always invoke ego-mgr through the `pcexec` tool. Do NOT run ego-mgr directly.
## Concepts
- **Agent Scope columns**: Each agent stores its own value independently
- **Public Scope columns**: All agents share the same value
- Column names are globally unique — a name cannot be both agent-scope and public-scope
## Workflow
1. First, create a column: `ego-mgr add column <name>` or `ego-mgr add public-column <name>`
2. Then, set its value: `ego-mgr set <name> <value>`
3. Read it: `ego-mgr get <name>` or `ego-mgr show`
## Commands (run via pcexec)
### Add columns
```bash
# Agent-scope column (per-agent values)
ego-mgr add column <column-name> [--default <default-value>]
# Public-scope column (shared by all agents)
ego-mgr add public-column <column-name> [--default <default-value>]
```
### Delete a column
```bash
ego-mgr delete <column-name>
```
Removes the column and all its values across all scopes.
### Set a value
```bash
ego-mgr set <column-name> <value>
```
Automatically writes to the correct scope (agent or public) based on column type.
### Get a value
```bash
ego-mgr get <column-name>
```
Outputs just the value (no label).
### Show all fields
```bash
ego-mgr show
```
Lists all fields with values (public first, then agent-scope).
### List column names
```bash
ego-mgr list columns
```
Lists all column names (public first, then agent-scope).
## Error exit codes
| Code | Meaning |
|------|---------|
| 0 | Success |
| 1 | Usage error |
| 2 | Column not found |
| 3 | Column already exists |
| 4 | Permission error (not via pcexec) |
| 5 | File lock failed |
| 6 | JSON read/write error |
## Common use cases
### Set up agent identity
```bash
ego-mgr add column name
ego-mgr set name "小智"
ego-mgr add column email
ego-mgr set email "zhi@example.com"
```
### Set shared config
```bash
ego-mgr add public-column timezone --default UTC
ego-mgr add public-column language --default zh-CN
```
### Check current profile
```bash
ego-mgr show
```
## Usage notes
- Always create columns before setting values
- Column names are case-sensitive
- Public scope values are readable and writable by all agents
- Agent scope values are isolated per-agent

68
skills/pass-mgr/SKILL.md
View File

@@ -1,68 +0,0 @@
---
name: pass-mgr
description: Manage OpenClaw agent credentials (usernames/secrets). Use when storing, retrieving, listing, generating, or removing credentials for an agent. Trigger on requests about saving or fetching usernames, passwords, tokens, API keys, or other secrets. MUST call pass_mgr via the pcexec tool.
---
# Pass Manager
## Purpose
Use pass_mgr to store and retrieve agent-scoped credentials (username/secret pairs) and generate secrets.
## Mandatory safety rule
Always invoke pass_mgr through the `pcexec` tool. Do NOT run pass_mgr directly.
## Commands (run via pcexec)
- List keys for current agent
- `pass_mgr list`
- Include shared scope: `pass_mgr list --public`
- Get username for a key
- `pass_mgr get-username --key <key>`
- Shared scope: `pass_mgr get-username --public --key <key>`
- Get secret for a key
- `pass_mgr get-secret --key <key>`
- Shared scope: `pass_mgr get-secret --public --key <key>`
- Set a key entry (username optional)
- `pass_mgr set --key <key> --secret <secret> [--username <username>]`
- Shared scope: `pass_mgr set --public --key <key> --secret <secret> [--username <username>]`
- Remove a key entry
- `pass_mgr unset --key <key>`
- Shared scope: `pass_mgr unset --public --key <key>`
- Generate a random secret for a key (prints secret)
- `pass_mgr generate --key <key> [--username <username>]`
- Shared scope: `pass_mgr generate --public --key <key> [--username <username>]`
- Legacy (hidden) getter
- `pass_mgr get <key>`
## Usage notes
- Treat all outputs as sensitive. Never echo secrets.
- When the agent needs credentials to access a resource, first try `list` to see if a matching key already exists before asking the user.
- Prefer `generate` when the user wants a new secret or password.
- Use `set` to store both username and secret in one step.
- Use `get-username` and `get-secret` for retrieval.
- Storing can be explicit (user asks) or proactive after the agent successfully registers/creates an account.
- Secrets should be fetched and used immediately in a command, not displayed (e.g., `xxx_cli login --user $(pass_mgr get-username some_key) --pass $(pass_mgr get-secret some_key)`).
## Examples (pcexec)
- Store credentials
- pcexec: `pass_mgr set github --username alice --secret <secret>`
- Retrieve username
- pcexec: `pass_mgr get-username github`
- Retrieve secret
- pcexec: `pass_mgr get-secret github`
- Generate secret
- pcexec: `pass_mgr generate github`
- Delete entry
- pcexec: `pass_mgr unset github`

68
skills/secret-mgr/SKILL.md Normal file
View File

@@ -0,0 +1,68 @@
---
name: secret-mgr
description: Manage OpenClaw agent credentials (usernames/secrets). Use when storing, retrieving, listing, generating, or removing credentials for an agent. Trigger on requests about saving or fetching usernames, passwords, tokens, API keys, or other secrets. MUST call secret-mgr via the pcexec tool.
---
# Secret Manager
## Purpose
Use secret-mgr to store and retrieve agent-scoped credentials (username/secret pairs) and generate secrets.
## Mandatory safety rule
Always invoke secret-mgr through the `pcexec` tool. Do NOT run secret-mgr directly.
## Commands (run via pcexec)
- List keys for current agent
- `secret-mgr list`
- Include shared scope: `secret-mgr list --public`
- Get username for a key
- `secret-mgr get-username --key <key>`
- Shared scope: `secret-mgr get-username --public --key <key>`
- Get secret for a key
- `secret-mgr get-secret --key <key>`
- Shared scope: `secret-mgr get-secret --public --key <key>`
- Set a key entry (username optional)
- `secret-mgr set --key <key> --secret <secret> [--username <username>]`
- Shared scope: `secret-mgr set --public --key <key> --secret <secret> [--username <username>]`
- Remove a key entry
- `secret-mgr unset --key <key>`
- Shared scope: `secret-mgr unset --public --key <key>`
- Generate a random secret for a key (prints secret)
- `secret-mgr generate --key <key> [--username <username>]`
- Shared scope: `secret-mgr generate --public --key <key> [--username <username>]`
- Legacy (hidden) getter
- `secret-mgr get <key>`
## Usage notes
- Treat all outputs as sensitive. Never echo secrets.
- When the agent needs credentials to access a resource, first try `list` to see if a matching key already exists before asking the user.
- Prefer `generate` when the user wants a new secret or password.
- Use `set` to store both username and secret in one step.
- Use `get-username` and `get-secret` for retrieval.
- Storing can be explicit (user asks) or proactive after the agent successfully registers/creates an account.
- Secrets should be fetched and used immediately in a command, not displayed (e.g., `xxx_cli login --user $(secret-mgr get-username --key some_key) --pass $(secret-mgr get-secret --key some_key)`).
## Examples (pcexec)
- Store credentials
- pcexec: `secret-mgr set --key github --username alice --secret <secret>`
- Retrieve username
- pcexec: `secret-mgr get-username --key github`
- Retrieve secret
- pcexec: `secret-mgr get-secret --key github`
- Generate secret
- pcexec: `secret-mgr generate --key github`
- Delete entry
- pcexec: `secret-mgr unset --key github`