8.3 KiB
summary, read_when, title
| summary | read_when | title | |||
|---|---|---|---|---|---|
| Unified bundle format guide for Codex, Claude, and Cursor bundles in OpenClaw |
|
Plugin Bundles |
Plugin bundles
OpenClaw supports one shared class of external plugin package: bundle plugins.
Today that means three closely related ecosystems:
- Codex bundles
- Claude bundles
- Cursor bundles
OpenClaw shows all of them as Format: bundle in openclaw plugins list.
Verbose output and openclaw plugins info <id> also show the subtype
(codex, claude, or cursor).
Related:
- Plugin system overview: Plugins
- CLI install/list flows: plugins
- Native manifest schema: Plugin manifest
What a bundle is
A bundle is a content/metadata pack, not a native in-process OpenClaw plugin.
Today, OpenClaw does not execute bundle runtime code in-process. Instead, it detects known bundle files, reads the metadata, and maps supported bundle content into native OpenClaw surfaces such as skills, hook packs, MCP config, and embedded Pi settings.
That is the main trust boundary:
- native OpenClaw plugin: runtime module executes in-process
- bundle: metadata/content pack, with selective feature mapping
Shared bundle model
Codex, Claude, and Cursor bundles are similar enough that OpenClaw treats them as one normalized model.
Shared idea:
- a small manifest file, or a default directory layout
- one or more content roots such as
skills/orcommands/ - optional tool/runtime metadata such as MCP, hooks, agents, or LSP
- install as a directory or archive, then enable in the normal plugin list
Common OpenClaw behavior:
- detect the bundle subtype
- normalize it into one internal bundle record
- map supported parts into native OpenClaw features
- report unsupported parts as detected-but-not-wired capabilities
In practice, most users do not need to think about the vendor-specific format first. The more useful question is: which bundle surfaces does OpenClaw map today?
Detection order
OpenClaw prefers native OpenClaw plugin/package layouts before bundle handling.
Practical effect:
openclaw.plugin.jsonwins over bundle detection- package installs with valid
package.json+openclaw.extensionsuse the native install path - if a directory contains both native and bundle metadata, OpenClaw treats it as native first
That avoids partially installing a dual-format package as a bundle and then loading it later as a native plugin.
What works today
OpenClaw normalizes bundle metadata into one internal bundle record, then maps supported surfaces into existing native behavior.
Supported now
Skill content
- bundle skill roots load as normal OpenClaw skill roots
- Claude
commandsroots are treated as additional skill roots - Cursor
.cursor/commandsroots are treated as additional skill roots
This means Claude markdown command files work through the normal OpenClaw skill loader. Cursor command markdown works through the same path.
Hook packs
- bundle hook roots work only when they use the normal OpenClaw hook-pack
layout. Today this is primarily the Codex-compatible case:
HOOK.mdhandler.tsorhandler.js
MCP for CLI backends
- enabled bundles can contribute MCP server config
- current runtime wiring is used by the
claude-clibackend - OpenClaw merges bundle MCP config into the backend
--mcp-configfile
Embedded Pi settings
- Claude
settings.jsonis imported as default embedded Pi settings when the bundle is enabled - OpenClaw sanitizes shell override keys before applying them
Sanitized keys:
shellPathshellCommandPrefix
Detected but not executed
These surfaces are detected, shown in bundle capabilities, and may appear in diagnostics/info output, but OpenClaw does not run them yet:
- Claude
agents - Claude
hooks.jsonautomation - Claude
lspServers - Claude
outputStyles - Cursor
.cursor/agents - Cursor
.cursor/hooks.json - Cursor
.cursor/rules - Cursor
mcpServersoutside the current mapped runtime paths - Codex inline/app metadata beyond capability reporting
Capability reporting
openclaw plugins info <id> shows bundle capabilities from the normalized
bundle record.
Supported capabilities are loaded quietly. Unsupported capabilities produce a warning such as:
bundle capability detected but not wired into OpenClaw yet: agents
Current exceptions:
- Claude
commandsis considered supported because it maps to skills - Claude
settingsis considered supported because it maps to embedded Pi settings - Cursor
commandsis considered supported because it maps to skills - bundle MCP is considered supported where OpenClaw actually imports it
- Codex
hooksis considered supported only for OpenClaw hook-pack layouts
Format differences
The formats are close, but not byte-for-byte identical. These are the practical differences that matter in OpenClaw.
Codex
Typical markers:
.codex-plugin/plugin.json- optional
skills/ - optional
hooks/ - optional
.mcp.json - optional
.app.json
Codex bundles fit OpenClaw best when they use skill roots and OpenClaw-style hook-pack directories.
Claude
OpenClaw supports both:
- manifest-based Claude bundles:
.claude-plugin/plugin.json - manifestless Claude bundles that use the default Claude layout
Default Claude layout markers OpenClaw recognizes:
skills/commands/agents/hooks/hooks.json.mcp.json.lsp.jsonsettings.json
Claude-specific notes:
commands/is treated like skill contentsettings.jsonis imported into embedded Pi settingshooks/hooks.jsonis detected, but not executed as Claude automation
Cursor
Typical markers:
.cursor-plugin/plugin.json- optional
skills/ - optional
.cursor/commands/ - optional
.cursor/agents/ - optional
.cursor/rules/ - optional
.cursor/hooks.json - optional
.mcp.json
Cursor-specific notes:
.cursor/commands/is treated like skill content.cursor/rules/,.cursor/agents/, and.cursor/hooks.jsonare detect-only today
Claude custom paths
Claude bundle manifests can declare custom component paths. OpenClaw treats those paths as additive, not replacing defaults.
Currently recognized custom path keys:
skillscommandsagentshooksmcpServerslspServersoutputStyles
Examples:
- default
commands/plus manifestcommands: "extra-commands"=> OpenClaw scans both - default
skills/plus manifestskills: ["team-skills"]=> OpenClaw scans both
Security model
Bundle support is intentionally narrower than native plugin support.
Current behavior:
- bundle discovery reads files inside the plugin root with boundary checks
- skills and hook-pack paths must stay inside the plugin root
- bundle settings files are read with the same boundary checks
- OpenClaw does not execute arbitrary bundle runtime code in-process
This makes bundle support safer by default than native plugin modules, but you should still treat third-party bundles as trusted content for the features they do expose.
Install examples
openclaw plugins install ./my-codex-bundle
openclaw plugins install ./my-claude-bundle
openclaw plugins install ./my-cursor-bundle
openclaw plugins install ./my-bundle.tgz
openclaw plugins info my-bundle
If the directory is a native OpenClaw plugin/package, the native install path still wins.
Troubleshooting
Bundle is detected but capabilities do not run
Check openclaw plugins info <id>.
If the capability is listed but OpenClaw says it is not wired yet, that is a real product limit, not a broken install.
Claude command files do not appear
Make sure the bundle is enabled and the markdown files are inside a detected
commands root or skills root.
Claude settings do not apply
Current support is limited to embedded Pi settings from settings.json.
OpenClaw does not treat bundle settings as raw OpenClaw config patches.
Claude hooks do not execute
hooks/hooks.json is only detected today.
If you need runnable bundle hooks today, use the normal OpenClaw hook-pack layout through a supported Codex hook root or ship a native OpenClaw plugin.