vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-28 11:40:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
13d4e53a546fbb486af5ce1abb1895bccf63d76d
openclaw/docs/plugins/codex-native-plugins.md
Peter Steinberger bb46b79d3c refactor: internalize OpenClaw agent runtime (#85341) 
* refactor: extract agent core package

Introduce packages/agent-core as the OpenClaw-owned home for reusable agent loop, harness, session, prompt, and runtime dependency contracts.

* refactor: extract shared llm runtime

Move provider model registries, stream wrappers, OAuth helpers, and LLM utilities into src/llm with plugin-sdk barrels instead of depending on the old embedded runtime layout.

* refactor: remove pi runtime internals

Rename remaining Pi-shaped agent surfaces to OpenClaw agent runtime names, delete obsolete Pi docs and package graph checks, and add the third-party notice for incorporated code.

* refactor: tighten agent session runtime

Make agent-core/runtime dependencies explicit, consolidate compaction and session transcript helpers, and move model/session helpers behind OpenClaw-owned contracts.

* refactor: remove static model and pi auth paths

Drop static model catalogs and Pi auth bridges, move model/provider facts to manifest-owned runtime contracts, and harden internal embedded-agent utilities.

* refactor: remove legacy provider compat paths

* docs: remove agent parity notes

* fix: skip provider wildcard metadata parsing

* refactor: share session extension sdk loading

* refactor: inline acpx proxy error formatter

* refactor: fold edit recovery into edit tool

* fix: accept extension batch separator

* test: align startup provider plugin expectations

* fix: restore provider-scoped release discovery

* test: align static asset packaging expectations

* fix: run static provider catalogs during scoped discovery

* fix: add provider entry catalogs for scoped live discovery

* fix: load lightweight provider catalog entries

* fix: refresh provider-scoped plugin metadata

* fix: keep provider catalog entries on release live path

* fix: keep static manifest models in release live checks

* fix: harden release model discovery

* fix: reduce OpenAI live cache probe reasoning

* fix: disable OpenAI cache probe reasoning

* ci: extend OpenAI gateway live timeout

* fix: extend live gateway model budget

* fix: stabilize release validation regressions

* fix: honor provider aliases in model rows

* fix: stabilize release validation lanes

* fix: stabilize release memory qa

* ci: stabilize release validation lanes

* ci: prefer ipv4 for live docker node calls

* fix: restore shared tool-call stream wrapper

* ci: remove legacy pi test shard alias

* fix: clean up embedded agent test drift

* fix: stabilize runtime alias status

* fix: clean up embedded agent ci drift

* fix: restore release ci invariants

* fix: clean up post-rebase runtime drift

* fix: restore release ci checks

* fix: restore release ci after rebase

* fix: remove stale pi runtime path

* test: align compaction runtime expectations

* test: update plugin prerelease expectations

* fix: handle claude live tool approvals

* fix: stabilize release validation gates

* fix: finish agent runtime import

* test: finish post-rebase agent runtime mocks

* fix: keep codex compaction native

* fix: stabilize codex app-server hook tests

* test: isolate codex diagnostic active run

* test: remove codex diagnostic completion race

# Conflicts:
#	extensions/codex/src/app-server/run-attempt.test.ts

* ci: fix full release manifest performance run id

* refactor: narrow llm plugin sdk boundary

* chore: drop generated google boundary stamps

* fix: repair rebase fallout

* fix: clean up rebased runtime references

* fix: decode codex jwt payloads as base64url

* fix: preserve shipped pi runtime alias

* fix: add scoped sdk virtual modules

* fix: decode llm codex oauth jwt as base64url

* fix: avoid stale vertex adc negative cache

* fix: harden tool arg decoding and codeql path

* fix: keep vertex adc negative checks live

* refactor: consolidate codex jwt and edit helpers

* fix: await codex oauth node runtime imports

* fix: preserve sdk tool and notice contracts

* fix: preserve shipped compat config boundaries

* fix: align codex oauth callback host

* fix: terminate agent-core loop streams on failure

* fix: keep codex oauth callback alive during fallback

* ci: include session tools in critical codeql scans

* fix: keep Cloudflare Anthropic provider auth header

* docs: redirect legacy pi runtime pages

* fix: honor bundled web provider compat discovery

* fix: protect session output spill files

* fix: keep legacy agent dir env blocked

* fix: contain auto-discovered skill symlinks

* fix: harden agent core sdk proxy surfaces

* fix: restore approval reaction sdk compat

* fix: keep live docker runs bounded

* fix: keep codex oauth redirect host aligned

* fix: resolve post-rebase agent runtime drift

* fix: redact anthropic oauth parse failures

* fix: preserve responses strict tool shaping

* fix: repair agent runtime rebase cleanup

* docs: redirect retired parity pages

* fix: bound auto-discovered resources to roots

* fix: repair post-rebase agent test drift

* fix: preserve bundled provider allowlist migration

* fix: preserve manifest-owned provider aliases

* fix: declare photon image dependency

* fix: keep provider headers out of proxy body

* fix: preserve shipped env aliases

* fix: refresh control ui i18n generated state

* fix: quote read fallback paths

* fix: preview edits through configured backend

* test: satisfy core test typecheck

* fix: preserve ZAI usage auth fallback

* test: repair codex diagnostic test

* fix: repair agent runtime rebase drift

* test: finish embedded runner import rename

* fix: repair agent runtime rebase integrations

* test: align compaction oauth fallback expectations

* fix: allow sdk-auth session models

* fix: update doctor tool schema import

* fix: preserve bedrock plugin region

* fix: stream harmony-like prose immediately

* ci: include session runtime in codeql shards

* fix: repair latest rebase integrations

* fix: honor explicit codex websocket transport

* fix: keep openai-compatible credentials provider-scoped

* fix: refresh sdk api baseline after rebase

* fix: route cli runtime aliases through openclaw harness

* test: rename stale harness mock expectation

* test: rename embedded agent overflow calls

* test: clean embedded auth test wording

* test: use openclaw stream types in deepinfra cache test

* fix: refresh sdk api baseline on latest main

* fix: honor bundled discovery compat allowlists

* fix: refresh sdk api baseline after latest rebase

* fix: remove stale rebase imports

* test: rename stale model catalog mock

* test: mock renamed doctor runtime modules

* fix: map canonical kimi env auth

* fix: use internal model registry in bench script

* fix: migrate deepinfra provider catalog entry

* fix: enforce builtin tool suppression

* fix: route compaction auth and proxy payloads safely

* refactor: prune unused llm registry leftovers

* test: update codex hooks session import

* test: fix model picker ci coverage

* test: align model picker auth mock types
2026-05-27 19:24:04 +01:00

12 KiB
Raw Blame History

summary, title, read_when
summary title read_when
Configure migrated native Codex plugins for Codex-mode OpenClaw agents Native Codex plugins
You want Codex-mode OpenClaw agents to use native Codex plugins
You are migrating source-installed openai-curated Codex plugins
You are troubleshooting codexPlugins, app inventory, destructive actions, or plugin app diagnostics

Native Codex plugin support lets a Codex-mode OpenClaw agent use Codex app-server's own app and plugin capabilities inside the same Codex thread that handles the OpenClaw turn.

OpenClaw does not translate Codex plugins into synthetic codex_plugin_* OpenClaw dynamic tools. Plugin calls stay in the native Codex transcript, and Codex app-server owns the app-backed MCP execution.

Use this page after the base Codex harness is working.

Requirements

  • The selected OpenClaw agent runtime must be the native Codex harness.
  • plugins.entries.codex.enabled must be true.
  • plugins.entries.codex.config.codexPlugins.enabled must be true.
  • V1 supports only openai-curated plugins that migration observed as source-installed in the source Codex home.
  • The target Codex app-server must be able to see the expected marketplace, plugin, and app inventory.

codexPlugins has no effect on OpenClaw runs, normal OpenAI provider runs, ACP conversation bindings, or other harnesses because those paths do not create Codex app-server threads with native apps config.

Quickstart

Preview migration from the source Codex home:

openclaw migrate codex --dry-run

Use strict source app verification when you want migration to check source app accessibility before planning native plugin activation:

openclaw migrate codex --dry-run --verify-plugin-apps

Apply the migration when the plan looks right:

openclaw migrate apply codex --yes

Migration writes explicit codexPlugins entries for eligible plugins and calls Codex app-server plugin/install for selected plugins. A typical migrated config looks like this:

{
  plugins: {
    entries: {
      codex: {
        enabled: true,
        config: {
          codexPlugins: {
            enabled: true,
            allow_destructive_actions: true,
            plugins: {
              "google-calendar": {
                enabled: true,
                marketplaceName: "openai-curated",
                pluginName: "google-calendar",
              },
            },
          },
        },
      },
    },
  },
}

After changing codexPlugins, new Codex conversations pick up the updated app set automatically. Use /new or /reset to refresh the current conversation. A gateway restart is not required for plugin enable or disable changes.

Manage plugins from chat

Use /codex plugins when you want to inspect or change configured native Codex plugins from the same chat where you operate the Codex harness:

/codex plugins
/codex plugins list
/codex plugins disable google-calendar
/codex plugins enable google-calendar

/codex plugins is an alias for /codex plugins list. The list output shows the configured plugin keys, on/off state, Codex plugin name, and marketplace from plugins.entries.codex.config.codexPlugins.plugins.

enable and disable write only to OpenClaw config at ~/.openclaw/openclaw.json; they do not edit ~/.codex/config.toml or install new Codex plugins. Only the owner or a gateway client with the operator.admin scope can change plugin state.

Enabling a configured plugin also turns on the global codexPlugins.enabled switch. If the plugin was written disabled because migration returned auth_required, reauthorize the app in Codex before enabling it in OpenClaw.

How native plugin setup works

The integration has three separate states:

  • Installed: Codex has the local plugin bundle in the target app-server runtime.
  • Enabled: OpenClaw config is willing to make the plugin available to Codex harness turns.
  • Accessible: Codex app-server confirms the plugin's app entries are available for the active account and can be mapped to the migrated plugin identity.

Migration is the durable install/eligibility step. During planning, OpenClaw reads source Codex plugin/read details and checks that the source Codex app-server account response is a ChatGPT subscription account. Non-ChatGPT or missing account responses skip app-backed plugins with codex_subscription_required. By default, migration does not call source app/list; app-backed source plugins that pass the account gate are planned without source app accessibility verification, and account lookup transport failures skip with codex_account_unavailable. With --verify-plugin-apps, migration takes a fresh source app/list snapshot and requires every owned app to be present, enabled, and accessible before planning native activation. In that mode, account lookup transport failures fall through to the source app-inventory gate. Runtime app inventory is the target-session accessibility check after migration. Codex harness session setup then computes a restrictive thread app config for the enabled and accessible plugin apps.

Thread app config is computed when OpenClaw establishes a Codex harness session or replaces a stale Codex thread binding. It is not recomputed on every turn, so /codex plugins enable and /codex plugins disable affect new Codex conversations. Use /new or /reset when the current conversation should pick up the updated app set.

V1 support boundary

V1 is intentionally narrow:

  • Only openai-curated plugins that were already installed in the source Codex app-server inventory are migration-eligible.
  • App-backed source plugins must pass the migration-time subscription gate. --verify-plugin-apps adds the source app-inventory gate. Subscription-gated accounts plus, in verification mode, inaccessible, disabled, missing source apps or source app-inventory refresh failures are reported as skipped manual items instead of enabled config entries. Unreadable plugin details are skipped before the source app-inventory gate.
  • Migration writes explicit plugin identities with marketplaceName and pluginName; it does not write local marketplacePath cache paths.
  • codexPlugins.enabled is the global enablement switch.
  • There is no plugins["*"] wildcard and no config key that grants arbitrary install authority.
  • Unsupported marketplaces, cached plugin bundles, hooks, and Codex config files are preserved in the migration report for manual review.

App inventory and ownership

OpenClaw reads Codex app inventory through app-server app/list, caches it for one hour, and refreshes stale or missing entries asynchronously. The cache is in memory only; restarting the CLI or gateway drops it, and OpenClaw rebuilds it from the next app/list read.

Migration and runtime use separate cache keys:

  • Source migration verification uses the source Codex home and source app-server start options. This runs only when --verify-plugin-apps is set, and it forces a fresh source app/list traversal for that planning run.
  • Target runtime setup uses the target agent's Codex app-server identity when it builds the Codex thread app config. Plugin activation invalidates that target cache key and then force-refreshes it after plugin/install.

A plugin app is exposed only when OpenClaw can map it back to the migrated plugin through stable ownership:

  • exact app id from plugin detail
  • known MCP server name
  • unique stable metadata

Display-name-only or ambiguous ownership is excluded until the next inventory refresh proves ownership.

Thread app config

OpenClaw injects a restrictive config.apps patch for the Codex thread: _default is disabled and only apps owned by enabled migrated plugins are enabled.

OpenClaw sets app-level destructive_enabled from the effective global or per-plugin allow_destructive_actions policy and lets Codex enforce destructive tool metadata from its native app tool annotations. The _default app config is disabled with open_world_enabled: false. Enabled plugin apps are emitted with open_world_enabled: true; OpenClaw does not expose a separate plugin open-world policy knob and does not maintain per-plugin destructive tool-name deny lists.

Tool approval mode is automatic by default for plugin apps so non-destructive read tools can run without a same-thread approval UI. Destructive tools remain controlled by each app's destructive_enabled policy.

Destructive action policy

Destructive plugin elicitations are allowed by default for migrated Codex plugins, while unsafe schemas and ambiguous ownership still fail closed:

  • Global allow_destructive_actions defaults to true.
  • Per-plugin allow_destructive_actions overrides the global policy for that plugin.
  • When policy is false, OpenClaw returns a deterministic decline.
  • When policy is true, OpenClaw auto-accepts only safe schemas it can map to an approval response, such as a boolean approve field.
  • Missing plugin identity, ambiguous ownership, a missing turn id, a wrong turn id, or an unsafe elicitation schema declines instead of prompting.

Troubleshooting

auth_required: migration installed the plugin, but one of its apps still needs authentication. The explicit plugin entry is written disabled until you reauthorize and enable it.

app_inaccessible, app_disabled, or app_missing: migration did not install the plugin because the source Codex app inventory did not show all owned apps as present, enabled, and accessible while --verify-plugin-apps was set. Reauthorize or enable the app in Codex, then rerun migration with --verify-plugin-apps.

app_inventory_unavailable: migration did not install the plugin because strict source app verification was requested and source Codex app inventory refresh failed. Fix source Codex app-server access or retry without --verify-plugin-apps if you accept the faster account-gated plan.

codex_subscription_required: migration did not install the app-backed plugin because the source Codex app-server account was not logged in with a ChatGPT subscription account. Log in to the Codex app with subscription auth, then rerun migration.

codex_account_unavailable: migration did not install the app-backed plugin because the source Codex app-server account could not be read. Fix source Codex app-server auth or rerun with --verify-plugin-apps if you want source app inventory to decide eligibility when account lookup fails.

marketplace_missing or plugin_missing: the target Codex app-server cannot see the expected openai-curated marketplace or plugin. Rerun migration against the target runtime or inspect Codex app-server plugin status.

app_inventory_missing or app_inventory_stale: app readiness came from an empty or stale cache. OpenClaw schedules an async refresh and excludes plugin apps until ownership and readiness are known.

app_ownership_ambiguous: app inventory only matched by display name, so the app is not exposed to the Codex thread.

Config changed but the agent cannot see the plugin: use /codex plugins list to confirm the configured state, then use /new or /reset. Existing Codex thread bindings keep the app config they started with until OpenClaw establishes a new harness session or replaces a stale binding.

Destructive action is declined: check the global and per-plugin allow_destructive_actions values. Even when policy is true, unsafe elicitation schemas and ambiguous plugin identity still fail closed.

Related

Reference in New Issue View Git Blame Copy Permalink