vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-06 17:10:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

docs: MCP + cron + plugin lifecycle plus channel env-block cross-links

Browse Source
This commit is contained in:
Vincent Koc
2026-04-22 23:56:29 -07:00
parent dd17dea761
commit 91c795cee0
8 changed files with 59 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docs/plugins/architecture.md
View File

@@ -478,6 +478,10 @@ Important trust note:
- A workspace plugin with the same id as a bundled plugin intentionally shadows
the bundled copy when that workspace plugin is enabled/allowlisted.
- This is normal and useful for local development, patch testing, and hotfixes.
- Bundled-plugin trust is resolved from the source snapshot — the manifest and
code on disk at load time — rather than from install metadata. A corrupted
or substituted install record cannot silently widen a bundled plugin's trust
surface beyond what the actual source claims.
## Export boundary
@@ -507,7 +511,9 @@ At startup, OpenClaw does roughly this:
4. normalize plugin config (`plugins.enabled`, `allow`, `deny`, `entries`,
`slots`, `load.paths`)
5. decide enablement for each candidate
6. load enabled native modules via jiti
6. load enabled native modules — built `dist/*` bundled modules go through a
native loader path, while non-built native plugin modules are loaded via
jiti
7. call native `register(api)` (or `activate(api)` — a legacy alias) hooks and collect registrations into the plugin registry
8. expose the registry to commands/runtime surfaces

12
docs/plugins/bundles.md
View File

@@ -254,6 +254,18 @@ OpenClaw checks for native plugin format first:
If a directory contains both, OpenClaw uses the native path. This prevents
dual-format packages from being partially installed as bundles.
## Runtime dependencies and cleanup
- Bundled plugin runtime dependencies ship inside the OpenClaw package under
`dist/*`. OpenClaw does **not** run `npm install` at startup for bundled
plugins; the release pipeline is responsible for shipping a complete bundled
dependency payload (see the postpublish verification rule in
[Releasing](/reference/RELEASING)).
- Sub-agent runs that launch bundled MCP servers dispose those MCP clients
through the shared runtime-cleanup path when the sub-agent exits, so
sub-agent lifecycles do not leak stdio child processes or long-lived MCP
connections across turns.
## Security
Bundles have a narrower trust boundary than native plugins: