Add the opt-in Coven ACP runtime bridge as a bundled extension while keeping ACPX as the default path.
Security hardening included before merge:
- fail closed by default instead of silently falling back;
- bounded health/socket requests and daemon response sizes;
- fixed Coven socket trust anchor and symlink/path validation;
- reject untrusted harness/session/event ids before exposing them;
- sanitize daemon-controlled terminal/status/error strings;
- use incremental event polling with bounded dedupe state;
- clean up launched Coven sessions before fallback when daemon ids are invalid.
Validation:
- pnpm test extensions/coven/src/config.test.ts extensions/coven/src/client.test.ts extensions/coven/src/runtime.test.ts
- pnpm check:changed
- GitHub CI green on a64eac20b9
- Greptile Review green
Preserve contributor credit and land the narrowed sessions_spawn ACP-field handling with follow-up transcript redaction and ACP resume ownership hardening. Targeted Blacksmith validation passed for the touched sessions/ACP tests.
- testing-live: Tip components for model-discovery and authoritative-list guidance
- debugging: --dev flag Note and non-dev gateway stop Tip
- testing: narrowing live tests Tip
- tools/lobster: optional-plugin allowlist Note
- tools/acp-agents-setup: blockquote Important to Warning component
The clawhub doc was 358 lines mixing two install-command bullet
blocks, a 'beginner-friendly' prose walkthrough, six sequential
flat CLI command sections (Auth, Search, Install, Update, List,
Publish skills, Publish plugins, Delete, Sync), and a workflow
section that repeated the same commands a third time.
Restructure for scan-first reading without losing reference detail:
- Wrap Quick start in a 4-step Steps component (search -> install
-> use -> publish optional CLI install).
- Convert the duplicate native-OpenClaw skills/plugins blocks into
a single Tabs component with one tab per surface, keeping the
validation/safety notes inline.
- Convert the service-features bullet list to a 7-row table.
- Move reporting and moderation rules into a 2-panel
AccordionGroup.
- Convert the eight CLI command sections into one AccordionGroup
(Auth / Search / Install update list / Publish skills / Publish
plugins / Delete undelete / Sync) so the flat command catalog
collapses.
- Convert the global-options bullet list into ParamField
definitions.
- Consolidate the duplicate workflows section into a single Tabs
component (Search / Install / Update all / Publish single /
Sync many / Publish plugin from GitHub).
- Move versioning, lockfile, sync fallback, storage, and telemetry
notes into a dedicated AccordionGroup.
- Convert the env vars bullet list into a 5-row table.
- Drop the duplicate 'How it works / What you can do / Quick start
(non-technical)' prose; the same content lives in the new Quick
start Steps and 'What ClawHub is' summary.
- Sentence-case the Related list and add a missing 'Plugins' link.
- Add sidebarTitle for explicit nav.
CLI flags, command parameters, registry semantics, lockfile path,
moderation thresholds (1-week account age, 20-report cap, 3-report
auto-hide), telemetry env var, and required plugin package.json
metadata are unchanged. Pure restructure plus Mintlify upgrades.
The exec-approvals doc was 379 lines mixing inspection commands as
free bullets, bullet-list policy knobs (security/ask/askFallback/
strictInlineEval), a long YOLO-mode walkthrough split between two
shell blocks, and a stray dangling HTML comment from a prior split
to the advanced page.
Restructure for scan-first reading without losing operational detail:
- Convert 'Inspecting the effective policy' command bullets into a
command/result table.
- Convert each policy knob (security, ask, askFallback,
strictInlineEval) into a ParamField definition so type/values are
visually distinct.
- Wrap the persistent gateway-host YOLO setup in a Steps component
(config -> approvals file).
- Move the YOLO 'pick which layer' note and 'auto vs YOLO'
distinctions into a Warning callout instead of buried inline
bullets.
- Convert the YOLO layer summary into a 3-row layer/setting table.
- Move the local-only exec-policy limitations into a Note callout.
- Convert allowlist entry fields (id, lastUsedAt, lastUsedCommand,
lastResolvedPath) into a 4-row table.
- Surface Auto-allow trust caveats as a Warning callout.
- Drop the dangling HTML comment '<!-- moved to /tools/exec-approvals-advanced -->'.
- Sentence-case 'YOLO mode (no-approval)' replacing the inverted
quote variant ('No-approval YOLO mode').
- Add sidebarTitle for explicit nav.
Trust model, schema example, host approvals JSON shape, allowlist
glob rules, ask-fallback semantics, system-event names, deny-rerun
guard, and the trailing CardGroup of related entries are unchanged.
Pure restructure plus Mintlify component upgrades.
The sub-agents doc was 412 lines of dense bullet lists describing
spawn behavior, tool params, thread binding flow, allowlist rules,
auto-archive behavior, announce semantics, and the sessions_history
sanitization pipeline.
Restructure for scan-first reading without losing reference detail:
- Move spawn-behavior bullets into an AccordionGroup with four
panels (Non-blocking + push-based; Manual-spawn delivery
resilience; Completion handoff metadata; Modes and ACP runtime).
- Convert sessions_spawn tool params into ParamField definitions so
type/default/required render visually.
- Wrap the thread-binding flow in a Steps component (spawn -> bind
-> route -> inspect timeouts -> detach).
- Convert manual thread controls into a 5-row table.
- Convert allowlist fields (allowAgents, requireAgentId) into
ParamField definitions.
- Convert announce-context fields into a 6-row source/field table.
- Surface the cost-budget guidance, sessions_spawn delivery-param
exclusion, operational guidance, and the PAIRING_REQUIRED caller
caveat as Note/Warning callouts where they were buried inline.
- Sentence-case 'Tool Policy' to 'Tool policy' (heading-case fix).
- Sentence-case 'Configuration Reference' link.
- Alphabetize the Related list and add 'Background tasks' which was
referenced inline but missing from Related.
- Add sidebarTitle for explicit nav.
Tool surface, depth tables, slash commands, defaults, allowlist
semantics, sandbox-inheritance guard, per-depth tool policy,
auto-archive timing, announce status sourcing, sessions_history
normalization steps, concurrency lane, recovery rules, and
limitations are unchanged. Pure restructure plus Mintlify upgrades.
The skills doc was 409 lines of nested bullet lists describing
precedence, allowlist rules, gating fields, installer specs, and
config overrides. Heavy reference content but no Mintlify structure.
Restructure for scan-first reading without losing reference detail:
- Convert 'Locations and precedence' from a numbered list + arrow
string into a 6-row precedence table.
- Convert 'Per-agent vs shared skills' bullet/paragraph mix into a
scope/path/visibility table.
- Move agent-allowlist rules into an AccordionGroup so the example
config is the headline and the rules collapse on demand.
- Convert ClawHub install/update/sync bullets into a 3-row command
table.
- Convert SKILL.md frontmatter optional keys (homepage, user-invocable,
disable-model-invocation, command-dispatch, command-tool,
command-arg-mode) into ParamField definitions.
- Convert metadata.openclaw fields (always, emoji, homepage, os,
requires.bins, requires.anyBins, requires.env, requires.config,
primaryEnv, install) into ParamField definitions.
- Move installer-selection rules and per-installer details (Go, download)
into an AccordionGroup so the gating section reads as the canonical
schema plus collapsible operational notes.
- Convert skills.entries config-override rules (enabled, apiKey, env,
config, allowBundled) into ParamField definitions.
- Surface security caveats as a Warning callout up top instead of a
bullet list.
- Move 'Looking for more skills?' into the trailing Related list and
drop the dangling --- separator.
- Sentence-case headings (Format, Gating, Config overrides, Token
impact) and the Related entries (Creating skills, Skills config,
Slash commands).
- Drop the redundant 'Skill Workshop' Title-Case heading variant.
- Add sidebarTitle 'Skills' for explicit nav.
Skill source paths, frontmatter parser rules, gating semantics,
installer selection logic, sandboxing notes, env-injection scope,
snapshot/refresh behaviour, remote-node behaviour, and token-impact
formula are unchanged. Pure restructure plus Mintlify components.
The video-generation page was 454 lines with a 3-step Quick start
written as flat numbered prose, four separate parameter tables (Required,
Content inputs, Style controls, Advanced), the task lifecycle as a
numbered list, and a Related list mixing alphabetic and recency order.
Restructure for scan-first reading without losing technical content:
- Wrap Quick start in a Steps component (auth -> default model ->
ask the agent).
- Convert all four parameter tables into ParamField definitions grouped
under their existing sub-section headings (Required / Content inputs /
Style controls / Advanced), so types, defaults, and required flags
show as visual chips and long descriptions wrap cleanly.
- Convert the task lifecycle from a numbered list to a 4-row table for
at-a-glance scanning.
- Convert Yes/No checkmarks in both the Supported providers and
Capability matrix tables to ✓ and em-dash, matching the rest of the
media docs.
- Convert the bullet list under Actions into a 3-row table.
- Sentence-case Related entries and alphabetize the Related list.
- Add sidebarTitle so the nav reads 'Video generation' explicitly.
Schema fields, defaults, model refs, env vars, capability declarations,
fallback rules, and provider notes are unchanged. AccordionGroup of 14
provider notes was already alphabetized and is preserved verbatim.
