agent-orchestrator/packages/plugins/notifier-openclaw
Dhruv Sharma fe1d45b0a7 fix: address production failure modes from adversarial review
- Rollback plugin config on setup failure so a half-configured
  notifier is never left enabled (non-transactional install fix)
- Use atomic temp+rename for health summary writes to prevent
  corruption under concurrent notifications
- Scope credential injection to only when OpenClaw notifier is
  configured, avoiding ambient secret exposure to unrelated projects

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-31 14:39:49 +05:30
..
src fix: address production failure modes from adversarial review 2026-03-31 14:39:49 +05:30
CHANGELOG.md chore: version packages 2026-03-20 15:47:55 +00:00
README.md fix: address CodeRabbit review comments 2026-03-26 21:58:19 +05:30
package.json chore: version packages 2026-03-20 15:47:55 +00:00
tsconfig.json feat(ao): add OpenClaw notifier plugin for AO escalations 2026-03-09 18:24:30 +05:30

README.md

notifier-openclaw

OpenClaw notifier plugin for AO escalation events.

Quick setup

ao setup openclaw

This interactive wizard auto-detects your OpenClaw gateway, validates the connection, and writes the config. For non-interactive use (e.g., in CI/CD pipelines or automation scripts):

ao setup openclaw --url http://127.0.0.1:18789/hooks/agent --token YOUR_TOKEN --non-interactive

Required OpenClaw config (openclaw.json)

{
  "hooks": {
    "enabled": true,
    "token": "<your-hooks-token>",
    "allowRequestSessionKey": true,
    "allowedSessionKeyPrefixes": ["hook:"]
  }
}

AO config (agent-orchestrator.yaml)

notifiers:
  openclaw:
    plugin: openclaw
    url: http://127.0.0.1:18789/hooks/agent
    token: ${OPENCLAW_HOOKS_TOKEN}

Behavior

  • Sends POST /hooks/agent payloads with per-session key hook:ao:<sessionId>.
  • Defaults wakeMode: now and deliver: true.
  • Retries on 429 and 5xx responses with exponential backoff.

Token rotation

  1. Rotate hooks.token in OpenClaw.
  2. Update OPENCLAW_HOOKS_TOKEN used by AO.
  3. Verify old token returns 401 and new token returns 200.

Known limitation (Phase 0)

  • OpenClaw hook ingest is not idempotent by default. Replayed webhook payloads are processed as separate runs.
  • Owner: AO integration.
  • Follow-up: add stable event id/idempotency key support.