mirror of
https://github.com/openclaw/openclaw.git
synced 2026-06-28 16:33:34 +00:00
c5d34c8376
* feat(codex): add always plugin approval mode * fix(codex): normalize plugin approval decisions * fix(codex): fail closed on layered approval overrides
538 lines
18 KiB
JSON
538 lines
18 KiB
JSON
{
|
|
"id": "codex",
|
|
"name": "Codex",
|
|
"description": "OpenClaw Codex app-server harness and model provider plugin with a Codex-managed GPT catalog.",
|
|
"providers": ["codex"],
|
|
"contracts": {
|
|
"mediaUnderstandingProviders": ["codex"],
|
|
"migrationProviders": ["codex"],
|
|
"webSearchProviders": ["codex"]
|
|
},
|
|
"mediaUnderstandingProviderMetadata": {
|
|
"codex": {
|
|
"capabilities": ["image"],
|
|
"defaultModels": {
|
|
"image": "gpt-5.5"
|
|
}
|
|
}
|
|
},
|
|
"providerCatalogEntry": "./provider-discovery.ts",
|
|
"syntheticAuthRefs": ["codex"],
|
|
"nonSecretAuthMarkers": ["codex-app-server"],
|
|
"activation": {
|
|
"onStartup": false,
|
|
"onAgentHarnesses": ["codex"]
|
|
},
|
|
"commandAliases": [
|
|
{
|
|
"name": "codex",
|
|
"kind": "runtime-slash",
|
|
"cliCommand": "plugins"
|
|
}
|
|
],
|
|
"configSchema": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"codexDynamicToolsLoading": {
|
|
"type": "string",
|
|
"enum": ["searchable", "direct"],
|
|
"default": "searchable"
|
|
},
|
|
"codexDynamicToolsExclude": {
|
|
"type": "array",
|
|
"items": { "type": "string" },
|
|
"default": []
|
|
},
|
|
"discovery": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"enabled": { "type": "boolean" },
|
|
"timeoutMs": {
|
|
"type": "number",
|
|
"minimum": 1,
|
|
"default": 2500
|
|
}
|
|
}
|
|
},
|
|
"computerUse": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"default": false
|
|
},
|
|
"autoInstall": {
|
|
"type": "boolean",
|
|
"default": false
|
|
},
|
|
"marketplaceDiscoveryTimeoutMs": {
|
|
"type": "number",
|
|
"minimum": 1,
|
|
"default": 60000
|
|
},
|
|
"marketplaceSource": {
|
|
"type": "string"
|
|
},
|
|
"marketplacePath": {
|
|
"type": "string"
|
|
},
|
|
"marketplaceName": {
|
|
"type": "string"
|
|
},
|
|
"pluginName": {
|
|
"type": "string",
|
|
"default": "computer-use"
|
|
},
|
|
"mcpServerName": {
|
|
"type": "string",
|
|
"default": "computer-use"
|
|
}
|
|
}
|
|
},
|
|
"codexPlugins": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"default": false
|
|
},
|
|
"allow_destructive_actions": {
|
|
"oneOf": [{ "type": "boolean" }, { "const": "auto" }, { "const": "always" }],
|
|
"default": true
|
|
},
|
|
"plugins": {
|
|
"type": "object",
|
|
"additionalProperties": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean"
|
|
},
|
|
"marketplaceName": {
|
|
"type": "string",
|
|
"enum": ["openai-curated"]
|
|
},
|
|
"pluginName": {
|
|
"type": "string"
|
|
},
|
|
"allow_destructive_actions": {
|
|
"oneOf": [{ "type": "boolean" }, { "const": "auto" }, { "const": "always" }]
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"appServer": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"mode": {
|
|
"type": "string",
|
|
"enum": ["yolo", "guardian"]
|
|
},
|
|
"transport": {
|
|
"type": "string",
|
|
"enum": ["stdio", "websocket"],
|
|
"default": "stdio"
|
|
},
|
|
"command": { "type": "string" },
|
|
"args": {
|
|
"oneOf": [
|
|
{
|
|
"type": "array",
|
|
"items": { "type": "string" }
|
|
},
|
|
{ "type": "string" }
|
|
]
|
|
},
|
|
"url": { "type": "string" },
|
|
"authToken": { "type": ["string", "object"] },
|
|
"headers": {
|
|
"type": "object",
|
|
"additionalProperties": { "type": ["string", "object"] }
|
|
},
|
|
"clearEnv": {
|
|
"type": "array",
|
|
"items": { "type": "string" }
|
|
},
|
|
"remoteWorkspaceRoot": {
|
|
"type": "string"
|
|
},
|
|
"codeModeOnly": {
|
|
"type": "boolean",
|
|
"default": false
|
|
},
|
|
"requestTimeoutMs": {
|
|
"type": "number",
|
|
"minimum": 1,
|
|
"default": 60000
|
|
},
|
|
"turnCompletionIdleTimeoutMs": {
|
|
"type": "number",
|
|
"minimum": 1,
|
|
"default": 60000
|
|
},
|
|
"postToolRawAssistantCompletionIdleTimeoutMs": {
|
|
"type": "number",
|
|
"minimum": 1,
|
|
"default": 300000
|
|
},
|
|
"approvalPolicy": {
|
|
"type": "string",
|
|
"enum": ["never", "on-request", "on-failure", "untrusted"]
|
|
},
|
|
"sandbox": {
|
|
"type": "string",
|
|
"enum": ["read-only", "workspace-write", "danger-full-access"]
|
|
},
|
|
"approvalsReviewer": {
|
|
"type": "string",
|
|
"enum": ["user", "auto_review", "guardian_subagent"]
|
|
},
|
|
"serviceTier": { "type": ["string", "null"] },
|
|
"networkProxy": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"default": false
|
|
},
|
|
"profileName": { "type": "string" },
|
|
"baseProfile": {
|
|
"type": "string",
|
|
"enum": ["read-only", "workspace"]
|
|
},
|
|
"mode": {
|
|
"type": "string",
|
|
"enum": ["limited", "full"]
|
|
},
|
|
"domains": {
|
|
"type": "object",
|
|
"additionalProperties": {
|
|
"type": "string",
|
|
"enum": ["allow", "deny"]
|
|
}
|
|
},
|
|
"unixSockets": {
|
|
"type": "object",
|
|
"additionalProperties": {
|
|
"type": "string",
|
|
"enum": ["allow", "none"]
|
|
}
|
|
},
|
|
"proxyUrl": { "type": "string" },
|
|
"socksUrl": { "type": "string" },
|
|
"enableSocks5": { "type": "boolean" },
|
|
"enableSocks5Udp": { "type": "boolean" },
|
|
"allowUpstreamProxy": { "type": "boolean" },
|
|
"allowLocalBinding": { "type": "boolean" },
|
|
"dangerouslyAllowNonLoopbackProxy": { "type": "boolean" },
|
|
"dangerouslyAllowAllUnixSockets": { "type": "boolean" }
|
|
}
|
|
},
|
|
"defaultWorkspaceDir": {
|
|
"type": "string"
|
|
},
|
|
"experimental": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"properties": {
|
|
"sandboxExecServer": {
|
|
"type": "boolean",
|
|
"default": false
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"configContracts": {
|
|
"secretInputs": {
|
|
"paths": [
|
|
{ "path": "appServer.authToken", "expected": "string" },
|
|
{ "path": "appServer.headers.*", "expected": "string" }
|
|
]
|
|
}
|
|
},
|
|
"uiHints": {
|
|
"codexDynamicToolsLoading": {
|
|
"label": "Dynamic Tools Loading",
|
|
"help": "Use searchable to defer OpenClaw dynamic tools behind Codex tool search, or direct to expose them in the initial context.",
|
|
"advanced": true
|
|
},
|
|
"codexDynamicToolsExclude": {
|
|
"label": "Dynamic Tool Excludes",
|
|
"help": "Additional OpenClaw dynamic tool names to omit from Codex app-server turns.",
|
|
"advanced": true
|
|
},
|
|
"discovery": {
|
|
"label": "Model Discovery",
|
|
"help": "Plugin-owned controls for discovering Codex app-server models."
|
|
},
|
|
"discovery.enabled": {
|
|
"label": "Enable Discovery",
|
|
"help": "When false, OpenClaw keeps the Codex harness available but uses the bundled fallback model list."
|
|
},
|
|
"discovery.timeoutMs": {
|
|
"label": "Discovery Timeout",
|
|
"help": "Maximum time to wait for Codex app-server model discovery before falling back to the bundled model list.",
|
|
"advanced": true
|
|
},
|
|
"computerUse": {
|
|
"label": "Computer Use",
|
|
"help": "Controls Codex app-server setup for the Computer Use plugin.",
|
|
"advanced": true
|
|
},
|
|
"computerUse.enabled": {
|
|
"label": "Enable Computer Use",
|
|
"help": "When true, Codex-mode turns require the configured Computer Use MCP server to be available.",
|
|
"advanced": true
|
|
},
|
|
"computerUse.autoInstall": {
|
|
"label": "Auto Install",
|
|
"help": "Install the configured Computer Use plugin when Codex-mode turns start.",
|
|
"advanced": true
|
|
},
|
|
"computerUse.marketplaceDiscoveryTimeoutMs": {
|
|
"label": "Marketplace Discovery Timeout",
|
|
"help": "Maximum time to wait for Codex app-server to finish loading marketplaces during Computer Use install.",
|
|
"advanced": true
|
|
},
|
|
"computerUse.marketplaceSource": {
|
|
"label": "Marketplace Source",
|
|
"help": "Optional Codex marketplace source to add before installing Computer Use.",
|
|
"advanced": true
|
|
},
|
|
"computerUse.marketplacePath": {
|
|
"label": "Marketplace Path",
|
|
"help": "Optional local Codex marketplace file path containing the Computer Use plugin.",
|
|
"advanced": true
|
|
},
|
|
"computerUse.marketplaceName": {
|
|
"label": "Marketplace Name",
|
|
"help": "Optional registered Codex marketplace name containing the Computer Use plugin.",
|
|
"advanced": true
|
|
},
|
|
"computerUse.pluginName": {
|
|
"label": "Plugin Name",
|
|
"help": "Codex marketplace plugin name for Computer Use.",
|
|
"advanced": true
|
|
},
|
|
"computerUse.mcpServerName": {
|
|
"label": "MCP Server Name",
|
|
"help": "MCP server name exposed by the Computer Use plugin.",
|
|
"advanced": true
|
|
},
|
|
"codexPlugins": {
|
|
"label": "Native Codex Plugins",
|
|
"help": "Controls native Codex plugin availability for Codex harness turns.",
|
|
"advanced": true
|
|
},
|
|
"codexPlugins.enabled": {
|
|
"label": "Enable Native Plugins",
|
|
"help": "Expose explicit migrated Codex plugin entries to Codex harness turns.",
|
|
"advanced": true
|
|
},
|
|
"codexPlugins.allow_destructive_actions": {
|
|
"label": "Allow Destructive Plugin Actions",
|
|
"help": "Default policy for plugin app write or destructive action elicitations. Use true to accept safe schemas without prompting, false to decline, auto to ask through plugin approvals when Codex requires approval, or always to ask for every write/destructive action without durable approval.",
|
|
"advanced": true
|
|
},
|
|
"codexPlugins.plugins": {
|
|
"label": "Migrated Plugin Entries",
|
|
"help": "Explicit migration-authored plugin entries. The wildcard key * is not supported.",
|
|
"advanced": true
|
|
},
|
|
"appServer": {
|
|
"label": "App Server",
|
|
"help": "Runtime controls for connecting to Codex app-server.",
|
|
"advanced": true
|
|
},
|
|
"appServer.mode": {
|
|
"label": "Execution Mode",
|
|
"help": "Legacy Codex app-server preset. Prefer tools.exec.mode=auto for normalized Guardian-reviewed approvals.",
|
|
"advanced": true
|
|
},
|
|
"appServer.transport": {
|
|
"label": "Transport",
|
|
"help": "Use stdio to spawn Codex locally, or websocket to connect to an already-running app-server.",
|
|
"advanced": true
|
|
},
|
|
"appServer.command": {
|
|
"label": "Command",
|
|
"help": "Executable used for stdio transport. Leave unset to use OpenClaw's managed Codex binary.",
|
|
"advanced": true
|
|
},
|
|
"appServer.args": {
|
|
"label": "Arguments",
|
|
"help": "Arguments used for stdio transport. Defaults to app-server --listen stdio://.",
|
|
"advanced": true
|
|
},
|
|
"appServer.url": {
|
|
"label": "WebSocket URL",
|
|
"help": "Codex app-server WebSocket URL when transport is websocket.",
|
|
"advanced": true
|
|
},
|
|
"appServer.authToken": {
|
|
"label": "Auth Token",
|
|
"help": "Bearer token sent to the WebSocket app-server.",
|
|
"sensitive": true,
|
|
"advanced": true
|
|
},
|
|
"appServer.headers": {
|
|
"label": "Headers",
|
|
"help": "Additional headers sent to the WebSocket app-server.",
|
|
"sensitive": true,
|
|
"advanced": true
|
|
},
|
|
"appServer.clearEnv": {
|
|
"label": "Clear Environment",
|
|
"help": "Environment variable names removed from the spawned stdio app-server process after overrides are applied.",
|
|
"advanced": true
|
|
},
|
|
"appServer.remoteWorkspaceRoot": {
|
|
"label": "Remote Workspace Root",
|
|
"help": "Remote Codex app-server workspace root used to project OpenClaw cwd suffixes before starting Codex threads.",
|
|
"advanced": true
|
|
},
|
|
"appServer.codeModeOnly": {
|
|
"label": "Code Mode Only",
|
|
"help": "Expose Codex's code-mode-only tool surface. OpenClaw dynamic tools remain available through Codex nested tool calls.",
|
|
"advanced": true
|
|
},
|
|
"appServer.requestTimeoutMs": {
|
|
"label": "Request Timeout",
|
|
"help": "Maximum time to wait for Codex app-server control-plane requests.",
|
|
"advanced": true
|
|
},
|
|
"appServer.turnCompletionIdleTimeoutMs": {
|
|
"label": "Turn Completion Idle Timeout",
|
|
"help": "Maximum quiet time after Codex accepts a turn or after a turn-scoped app-server request before OpenClaw interrupts the turn while waiting for turn/completed.",
|
|
"advanced": true
|
|
},
|
|
"appServer.postToolRawAssistantCompletionIdleTimeoutMs": {
|
|
"label": "Post-Tool Continuation Idle Timeout",
|
|
"help": "Completion-idle and progress guard after a tool handoff, native tool completion, or post-tool raw assistant progress while waiting for turn/completed. Defaults to 300000 ms when unset.",
|
|
"advanced": true
|
|
},
|
|
"appServer.approvalPolicy": {
|
|
"label": "Approval Policy",
|
|
"help": "Codex native approval policy sent to thread start, resume, and turns.",
|
|
"advanced": true
|
|
},
|
|
"appServer.sandbox": {
|
|
"label": "Sandbox",
|
|
"help": "Codex native sandbox mode sent to thread start and resume.",
|
|
"advanced": true
|
|
},
|
|
"appServer.approvalsReviewer": {
|
|
"label": "Approvals Reviewer",
|
|
"help": "Use user approvals or Codex auto_review for native app-server approvals. guardian_subagent remains accepted for compatibility.",
|
|
"advanced": true
|
|
},
|
|
"appServer.serviceTier": {
|
|
"label": "Service Tier",
|
|
"help": "Optional Codex app-server service tier. Use priority, flex, or null. Legacy fast is accepted as priority.",
|
|
"advanced": true
|
|
},
|
|
"appServer.networkProxy": {
|
|
"label": "Network Proxy",
|
|
"help": "Enable Codex permissions-profile networking for app-server commands.",
|
|
"advanced": true
|
|
},
|
|
"appServer.networkProxy.enabled": {
|
|
"label": "Network Proxy Enabled",
|
|
"help": "When enabled, OpenClaw defines a Codex permissions profile and selects it with default_permissions instead of sandbox fields.",
|
|
"advanced": true
|
|
},
|
|
"appServer.networkProxy.profileName": {
|
|
"label": "Network Proxy Profile",
|
|
"help": "Optional stable Codex permissions profile name. Leave unset to use a generated openclaw-network fingerprint name.",
|
|
"advanced": true
|
|
},
|
|
"appServer.networkProxy.baseProfile": {
|
|
"label": "Network Proxy Base",
|
|
"help": "Filesystem access used by the generated profile. Defaults to read-only for read-only sandboxes and workspace otherwise.",
|
|
"advanced": true
|
|
},
|
|
"appServer.networkProxy.domains": {
|
|
"label": "Network Domains",
|
|
"help": "Domain allow and deny rules for Codex sandboxed networking.",
|
|
"advanced": true
|
|
},
|
|
"appServer.networkProxy.unixSockets": {
|
|
"label": "Unix Sockets",
|
|
"help": "Unix socket allow and none rules for Codex sandboxed networking.",
|
|
"advanced": true
|
|
},
|
|
"appServer.networkProxy.proxyUrl": {
|
|
"label": "HTTP Proxy URL",
|
|
"help": "HTTP listener URL used by Codex sandboxed networking.",
|
|
"advanced": true
|
|
},
|
|
"appServer.networkProxy.socksUrl": {
|
|
"label": "SOCKS Proxy URL",
|
|
"help": "SOCKS listener URL used by Codex sandboxed networking.",
|
|
"advanced": true
|
|
},
|
|
"appServer.networkProxy.enableSocks5": {
|
|
"label": "Enable SOCKS5",
|
|
"help": "Expose SOCKS5 support for the generated Codex permissions profile.",
|
|
"advanced": true
|
|
},
|
|
"appServer.networkProxy.enableSocks5Udp": {
|
|
"label": "Enable SOCKS5 UDP",
|
|
"help": "Allow UDP over the SOCKS5 listener when SOCKS5 is enabled.",
|
|
"advanced": true
|
|
},
|
|
"appServer.networkProxy.allowUpstreamProxy": {
|
|
"label": "Allow Upstream Proxy",
|
|
"help": "Allow Codex sandboxed networking to chain through inherited HTTP(S)_PROXY or ALL_PROXY settings.",
|
|
"advanced": true
|
|
},
|
|
"appServer.networkProxy.allowLocalBinding": {
|
|
"label": "Allow Local Binding",
|
|
"help": "Permit broader local and private-network access through Codex sandboxed networking.",
|
|
"advanced": true
|
|
},
|
|
"appServer.networkProxy.mode": {
|
|
"label": "Network Mode",
|
|
"help": "Codex sandboxed networking mode for subprocess traffic.",
|
|
"advanced": true
|
|
},
|
|
"appServer.networkProxy.dangerouslyAllowNonLoopbackProxy": {
|
|
"label": "Allow Non-Loopback Proxy",
|
|
"help": "Permit non-loopback bind addresses for Codex sandboxed networking listeners.",
|
|
"advanced": true
|
|
},
|
|
"appServer.networkProxy.dangerouslyAllowAllUnixSockets": {
|
|
"label": "Allow All Unix Sockets",
|
|
"help": "Bypass Codex's Unix socket allowlist for tightly controlled environments.",
|
|
"advanced": true
|
|
},
|
|
"appServer.defaultWorkspaceDir": {
|
|
"label": "Default Workspace",
|
|
"help": "Workspace used by /codex bind when --cwd is omitted.",
|
|
"advanced": true
|
|
},
|
|
"appServer.experimental": {
|
|
"label": "Experimental",
|
|
"help": "Experimental Codex app-server integrations.",
|
|
"advanced": true
|
|
},
|
|
"appServer.experimental.sandboxExecServer": {
|
|
"label": "Sandbox Exec Server",
|
|
"help": "Route native Codex execution through an OpenClaw sandbox-backed exec-server when OpenClaw sandboxing is active.",
|
|
"advanced": true
|
|
}
|
|
}
|
|
}
|