228 lines
7.4 KiB
TypeScript
228 lines
7.4 KiB
TypeScript
// PaddedCell Plugin for OpenClaw
|
|
// Registers pcexec and safe_restart tools
|
|
|
|
import { pcexec, pcexecSync } from './tools/pcexec';
|
|
import {
|
|
safeRestart,
|
|
createSafeRestartTool,
|
|
StatusManager,
|
|
createApiServer,
|
|
startApiServer,
|
|
} from './core/index';
|
|
import { SlashCommandHandler } from './commands/slash-commands';
|
|
import { EgoMgrSlashCommand } from './commands/ego-mgr-slash';
|
|
|
|
/** Sentinel value injected into every pcexec subprocess */
|
|
const AGENT_VERIFY = 'IF YOU ARE AN AGENT/MODEL, YOU SHOULD NEVER TOUCH THIS ENV VARIABLE';
|
|
|
|
/**
|
|
* Resolve the openclaw base path.
|
|
* Priority: explicit config → $OPENCLAW_PATH → ~/.openclaw
|
|
*/
|
|
function resolveOpenclawPath(config?: { openclawProfilePath?: string }): string {
|
|
if (config?.openclawProfilePath) return config.openclawProfilePath;
|
|
if (process.env.OPENCLAW_PATH) return process.env.OPENCLAW_PATH;
|
|
const home = process.env.HOME || require('os').homedir();
|
|
return require('path').join(home, '.openclaw');
|
|
}
|
|
|
|
function getPluginConfig(api: any): Record<string, unknown> {
|
|
return ((api?.pluginConfig as Record<string, unknown> | undefined) || {});
|
|
}
|
|
|
|
function resolveProxyAllowlist(config?: { proxyAllowlist?: unknown; 'proxy-allowlist'?: unknown }): string[] {
|
|
const value = config?.proxyAllowlist ?? config?.['proxy-allowlist'];
|
|
if (!Array.isArray(value)) return [];
|
|
return value.filter((item): item is string => typeof item === 'string');
|
|
}
|
|
|
|
// Plugin registration function
|
|
function register(api: any) {
|
|
const logger = api.logger || { info: console.log, error: console.error };
|
|
|
|
logger.info('PaddedCell plugin initializing...');
|
|
|
|
const pluginConfig = getPluginConfig(api);
|
|
const openclawPath = resolveOpenclawPath(pluginConfig as { openclawProfilePath?: string });
|
|
const proxyAllowlist = resolveProxyAllowlist(pluginConfig as { proxyAllowlist?: unknown; 'proxy-allowlist'?: unknown });
|
|
const binDir = require('path').join(openclawPath, 'bin');
|
|
|
|
// Register pcexec tool — pass a FACTORY function that receives context
|
|
api.registerTool((ctx: any) => {
|
|
const agentId = ctx.agentId;
|
|
const workspaceDir = ctx.workspaceDir;
|
|
|
|
return {
|
|
name: 'pcexec',
|
|
description: 'Safe exec with password sanitization',
|
|
parameters: {
|
|
type: 'object',
|
|
properties: {
|
|
command: { type: 'string', description: 'Command to execute' },
|
|
cwd: { type: 'string', description: 'Working directory' },
|
|
timeout: { type: 'number', description: 'Timeout in milliseconds' },
|
|
},
|
|
required: ['command'],
|
|
},
|
|
async execute(_id: string, params: any) {
|
|
const command = params.command;
|
|
if (!command) {
|
|
throw new Error('Missing required parameter: command');
|
|
}
|
|
|
|
// Build PATH with openclaw bin dir appended
|
|
const currentPath = process.env.PATH || '';
|
|
const newPath = currentPath.includes(binDir)
|
|
? currentPath
|
|
: `${currentPath}:${binDir}`;
|
|
|
|
const result = await pcexec(command, {
|
|
cwd: params.cwd || workspaceDir,
|
|
timeout: params.timeout,
|
|
env: {
|
|
AGENT_ID: agentId || '',
|
|
AGENT_WORKSPACE: workspaceDir || '',
|
|
AGENT_VERIFY,
|
|
PATH: newPath,
|
|
},
|
|
});
|
|
|
|
// Format output for OpenClaw tool response
|
|
let output = result.stdout;
|
|
if (result.stderr) {
|
|
output += result.stderr;
|
|
}
|
|
return { content: [{ type: 'text', text: output }] };
|
|
},
|
|
};
|
|
});
|
|
|
|
api.registerTool((ctx: any) => {
|
|
const agentId = ctx.agentId;
|
|
const workspaceDir = ctx.workspaceDir;
|
|
|
|
return {
|
|
name: 'proxy-pcexec',
|
|
description: 'Safe exec with password sanitization using a proxied AGENT_ID',
|
|
parameters: {
|
|
type: 'object',
|
|
properties: {
|
|
command: { type: 'string', description: 'Command to execute' },
|
|
cwd: { type: 'string', description: 'Working directory' },
|
|
timeout: { type: 'number', description: 'Timeout in milliseconds' },
|
|
'proxy-for': { type: 'string', description: 'AGENT_ID value to inject for the subprocess' },
|
|
},
|
|
required: ['command', 'proxy-for'],
|
|
},
|
|
async execute(_id: string, params: any) {
|
|
const command = params.command;
|
|
const proxyFor = params['proxy-for'];
|
|
if (!command) {
|
|
throw new Error('Missing required parameter: command');
|
|
}
|
|
if (!proxyFor) {
|
|
throw new Error('Missing required parameter: proxy-for');
|
|
}
|
|
if (!agentId || !proxyAllowlist.includes(agentId)) {
|
|
throw new Error('Current agent is not allowed to call proxy-pcexec');
|
|
}
|
|
|
|
logger.info('proxy-pcexec invoked', {
|
|
executor: agentId,
|
|
proxyFor,
|
|
command,
|
|
});
|
|
|
|
const currentPath = process.env.PATH || '';
|
|
const newPath = currentPath.includes(binDir)
|
|
? currentPath
|
|
: `${currentPath}:${binDir}`;
|
|
|
|
const result = await pcexec(command, {
|
|
cwd: params.cwd || workspaceDir,
|
|
timeout: params.timeout,
|
|
env: {
|
|
AGENT_ID: String(proxyFor),
|
|
AGENT_WORKSPACE: workspaceDir || '',
|
|
AGENT_VERIFY,
|
|
PROXY_PCEXEC_EXECUTOR: agentId || '',
|
|
PCEXEC_PROXIED: 'true',
|
|
PATH: newPath,
|
|
},
|
|
});
|
|
|
|
let output = result.stdout;
|
|
if (result.stderr) {
|
|
output += result.stderr;
|
|
}
|
|
return { content: [{ type: 'text', text: output }] };
|
|
},
|
|
};
|
|
});
|
|
|
|
// Register safe_restart tool
|
|
api.registerTool((ctx: any) => {
|
|
const agentId = ctx.agentId;
|
|
const sessionKey = ctx.sessionKey;
|
|
|
|
return {
|
|
name: 'safe_restart',
|
|
description: 'Safe coordinated restart of OpenClaw gateway',
|
|
parameters: {
|
|
type: 'object',
|
|
properties: {
|
|
rollback: { type: 'string', description: 'Rollback script path' },
|
|
log: { type: 'string', description: 'Log file path' },
|
|
},
|
|
},
|
|
async execute(_id: string, params: any) {
|
|
return await safeRestart({
|
|
agentId,
|
|
sessionKey,
|
|
rollback: params.rollback,
|
|
log: params.log,
|
|
});
|
|
},
|
|
};
|
|
});
|
|
|
|
// Register /ego-mgr slash command
|
|
if (api.registerSlashCommand) {
|
|
api.registerSlashCommand({
|
|
name: 'ego-mgr',
|
|
description: 'Manage agent identity/profile fields',
|
|
handler: async (ctx: any, command: string) => {
|
|
const egoMgrSlash = new EgoMgrSlashCommand({
|
|
openclawPath,
|
|
agentId: ctx.agentId || '',
|
|
workspaceDir: ctx.workspaceDir || '',
|
|
onReply: async (message: string) => {
|
|
if (ctx.reply) {
|
|
await ctx.reply(message);
|
|
}
|
|
},
|
|
});
|
|
await egoMgrSlash.handle(command);
|
|
},
|
|
});
|
|
logger.info('Registered /ego-mgr slash command');
|
|
}
|
|
|
|
logger.info('PaddedCell plugin initialized');
|
|
}
|
|
|
|
// CommonJS export for OpenClaw
|
|
module.exports = { register };
|
|
|
|
// Also export individual modules for direct use
|
|
module.exports.pcexec = pcexec;
|
|
module.exports.pcexecSync = pcexecSync;
|
|
module.exports.safeRestart = safeRestart;
|
|
module.exports.createSafeRestartTool = createSafeRestartTool;
|
|
module.exports.StatusManager = StatusManager;
|
|
module.exports.createApiServer = createApiServer;
|
|
module.exports.startApiServer = startApiServer;
|
|
module.exports.SlashCommandHandler = SlashCommandHandler;
|
|
module.exports.EgoMgrSlashCommand = EgoMgrSlashCommand;
|
|
module.exports.AGENT_VERIFY = AGENT_VERIFY;
|