negodiy/openclaw
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
0657d7c772e6f3343fca1c64e5f8625f29cdbb7a
openclaw/extensions/lobster
History
max 40b11db80e TypeScript: add extensions to tsconfig and fix type errors (#12781) 
* TypeScript: add extensions to tsconfig and fix type errors

- Add extensions/**/* to tsconfig.json includes
- Export ProviderAuthResult, AnyAgentTool from plugin-sdk
- Fix optional chaining for messageActions across channels
- Add missing type imports (MSTeamsConfig, GroupPolicy, etc.)
- Add type annotations for provider auth handlers
- Fix undici/fetch type compatibility in zalo proxy
- Correct ChannelAccountSnapshot property usage
- Add type casts for tool registrations
- Extract usage view styles and types to separate files

* TypeScript: fix optional debug calls and handleAction guards
2026-02-09 10:05:38 -08:00
..
src
TypeScript: add extensions to tsconfig and fix type errors (#12781)
2026-02-09 10:05:38 -08:00
index.ts
TypeScript: add extensions to tsconfig and fix type errors (#12781)
2026-02-09 10:05:38 -08:00
openclaw.plugin.json
refactor: rename to openclaw
2026-01-30 03:16:21 +01:00
package.json
chore(release): 2026.2.9
2026-02-09 11:19:07 -06:00
README.md
chore: Run pnpm format:fix.
2026-01-31 21:13:13 +09:00
SKILL.md
chore: Run pnpm format:fix.
2026-01-31 21:13:13 +09:00

README.md

Lobster (plugin)

Adds the lobster agent tool as an optional plugin tool.

What this is

  • Lobster is a standalone workflow shell (typed JSON-first pipelines + approvals/resume).
  • This plugin integrates Lobster with OpenClaw without core changes.

Enable

Because this tool can trigger side effects (via workflows), it is registered with optional: true.

Enable it in an agent allowlist:

{
  "agents": {
    "list": [
      {
        "id": "main",
        "tools": {
          "allow": [
            "lobster" // plugin id (enables all tools from this plugin)
          ]
        }
      }
    ]
  }
}

Using openclaw.invoke (Lobster → OpenClaw tools)

Some Lobster pipelines may include a openclaw.invoke step to call back into OpenClaw tools/plugins (for example: gog for Google Workspace, gh for GitHub, message.send, etc.).

For this to work, the OpenClaw Gateway must expose the tool bridge endpoint and the target tool must be allowed by policy:

  • OpenClaw provides an HTTP endpoint: POST /tools/invoke.
  • The request is gated by gateway auth (e.g. Authorization: Bearer … when token auth is enabled).
  • The invoked tool is gated by tool policy (global + per-agent + provider + group policy). If the tool is not allowed, OpenClaw returns 404 Tool not available.

Allowlisting recommended

To avoid letting workflows call arbitrary tools, set a tight allowlist on the agent that will be used by openclaw.invoke.

Example (allow only a small set of tools):

{
  "agents": {
    "list": [
      {
        "id": "main",
        "tools": {
          "allow": ["lobster", "web_fetch", "web_search", "gog", "gh"],
          "deny": ["gateway"],
        },
      },
    ],
  },
}

Notes:

  • If tools.allow is omitted or empty, it behaves like "allow everything (except denied)". For a real allowlist, set a non-empty allow.
  • Tool names depend on which plugins you have installed/enabled.

Security

  • Runs the lobster executable as a local subprocess.
  • Does not manage OAuth/tokens.
  • Uses timeouts, stdout caps, and strict JSON envelope parsing.
  • Prefer an absolute lobsterPath in production to avoid PATH hijack.