6.6 KiB
summary, read_when, title
| summary | read_when | title | |||
|---|---|---|---|---|---|
| Install and use Codex, Claude, and Cursor bundles as OpenClaw plugins |
|
Plugin Bundles |
Plugin Bundles
OpenClaw can install plugins from three external ecosystems: Codex, Claude, and Cursor. These are called bundles — content and metadata packs that OpenClaw maps into native features like skills, hooks, and MCP tools.
Bundles are **not** the same as native OpenClaw plugins. Native plugins run in-process and can register any capability. Bundles are content packs with selective feature mapping and a narrower trust boundary.Why bundles exist
Many useful plugins are published in Codex, Claude, or Cursor format. Instead of requiring authors to rewrite them as native OpenClaw plugins, OpenClaw detects these formats and maps their supported content into the native feature set. This means you can install a Claude command pack or a Codex skill bundle and use it immediately.
Install a bundle
```bash # Local directory openclaw plugins install ./my-bundle# Archive
openclaw plugins install ./my-bundle.tgz
# Claude marketplace
openclaw plugins marketplace list <marketplace-name>
openclaw plugins install <plugin-name>@<marketplace-name>
```
Bundles show as `Format: bundle` with a subtype of `codex`, `claude`, or `cursor`.
Mapped features (skills, hooks, MCP tools) are available in the next session.
What OpenClaw maps from bundles
Not every bundle feature runs in OpenClaw today. Here is what works and what is detected but not yet wired.
Supported now
| Feature | How it maps | Applies to |
|---|---|---|
| Skill content | Bundle skill roots load as normal OpenClaw skills | All formats |
| Commands | commands/ and .cursor/commands/ treated as skill roots |
Claude, Cursor |
| Hook packs | OpenClaw-style HOOK.md + handler.ts layouts |
Codex |
| MCP tools | Bundle MCP config merged into embedded Pi settings; supported stdio servers launched as subprocesses | All formats |
| Settings | Claude settings.json imported as embedded Pi defaults |
Claude |
Detected but not executed
These are recognized and shown in diagnostics, but OpenClaw does not run them:
- Claude
agents,hooks.jsonautomation,lspServers,outputStyles - Cursor
.cursor/agents,.cursor/hooks.json,.cursor/rules - Codex inline/app metadata beyond capability reporting
Bundle formats
Markers: `.codex-plugin/plugin.json`Optional content: `skills/`, `hooks/`, `.mcp.json`, `.app.json`
Codex bundles fit OpenClaw best when they use skill roots and OpenClaw-style
hook-pack directories (`HOOK.md` + `handler.ts`).
- **Manifest-based:** `.claude-plugin/plugin.json`
- **Manifestless:** default Claude layout (`skills/`, `commands/`, `agents/`, `hooks/`, `.mcp.json`, `settings.json`)
Claude-specific behavior:
- `commands/` is treated as skill content
- `settings.json` is imported into embedded Pi settings (shell override keys are sanitized)
- `.mcp.json` exposes supported stdio tools to embedded Pi
- `hooks/hooks.json` is detected but not executed
- Custom component paths in the manifest are additive (they extend defaults, not replace them)
Optional content: `skills/`, `.cursor/commands/`, `.cursor/agents/`, `.cursor/rules/`, `.cursor/hooks.json`, `.mcp.json`
- `.cursor/commands/` is treated as skill content
- `.cursor/rules/`, `.cursor/agents/`, and `.cursor/hooks.json` are detect-only
Detection precedence
OpenClaw checks for native plugin format first:
openclaw.plugin.jsonor validpackage.jsonwithopenclaw.extensions— treated as native plugin- Bundle markers (
.codex-plugin/,.claude-plugin/, or default Claude/Cursor layout) — treated as bundle
If a directory contains both, OpenClaw uses the native path. This prevents dual-format packages from being partially installed as bundles.
Security
Bundles have a narrower trust boundary than native plugins:
- OpenClaw does not load arbitrary bundle runtime modules in-process
- Skills and hook-pack paths must stay inside the plugin root (boundary-checked)
- Settings files are read with the same boundary checks
- Supported stdio MCP servers may be launched as subprocesses
This makes bundles safer by default, but you should still treat third-party bundles as trusted content for the features they do expose.
Troubleshooting
Run `openclaw plugins inspect `. If a capability is listed but marked as not wired, that is a product limit — not a broken install. Make sure the bundle is enabled and the markdown files are inside a detected `commands/` or `skills/` root. Only embedded Pi settings from `settings.json` are supported. OpenClaw does not treat bundle settings as raw config patches. `hooks/hooks.json` is detect-only. If you need runnable hooks, use the OpenClaw hook-pack layout or ship a native plugin.Related
- Install and Configure Plugins
- Building Plugins — create a native plugin
- Plugin Manifest — native manifest schema