@agentapprove/openclaw 0.1.3 → 0.1.5

package/dist/index.js

@@ -1,13 +1,228 @@
 // src/index.ts
 import { fileURLToPath } from "url";
-import { randomBytes as randomBytes2 } from "crypto";
+import { createHash as createHash2, randomBytes as randomBytes2 } from "crypto";
 
 // src/config.ts
-import { readFileSync, existsSync, statSync } from "fs";
-import { join } from "path";
-import { homedir } from "os";
+import { readFileSync as readFileSync3, existsSync as existsSync3, statSync as statSync2 } from "fs";
+import { join as join3 } from "path";
+import { homedir as homedir3 } from "os";
 import { execSync } from "child_process";
-var CONFIG_PATH = join(homedir(), ".agentapprove", "env");
+
+// src/e2e-crypto.ts
+import { createHash, createHmac, createCipheriv, randomBytes } from "crypto";
+import { readFileSync as readFileSync2, writeFileSync as writeFileSync2, existsSync as existsSync2, copyFileSync } from "fs";
+import { join as join2 } from "path";
+import { homedir as homedir2 } from "os";
+
+// src/debug.ts
+import { appendFileSync, existsSync, mkdirSync, statSync, readFileSync, writeFileSync } from "fs";
+import { join, dirname } from "path";
+import { homedir } from "os";
+var DEBUG_LOG_PATH = join(homedir(), ".agentapprove", "hook-debug.log");
+var MAX_SIZE = 5 * 1024 * 1024;
+var KEEP_SIZE = 2 * 1024 * 1024;
+function ensureLogFile() {
+  const dir = dirname(DEBUG_LOG_PATH);
+  if (!existsSync(dir)) {
+    mkdirSync(dir, { recursive: true });
+  }
+  if (!existsSync(DEBUG_LOG_PATH)) {
+    writeFileSync(DEBUG_LOG_PATH, "", { mode: 384 });
+    return;
+  }
+  try {
+    const stat = statSync(DEBUG_LOG_PATH);
+    if (stat.size > MAX_SIZE) {
+      const content = readFileSync(DEBUG_LOG_PATH, "utf-8");
+      writeFileSync(DEBUG_LOG_PATH, content.slice(-KEEP_SIZE), { mode: 384 });
+      const ts = (/* @__PURE__ */ new Date()).toISOString().replace("T", " ").slice(0, 19);
+      appendFileSync(DEBUG_LOG_PATH, `[${ts}] [openclaw-plugin] Log rotated (exceeded 5MB)
+`);
+    }
+  } catch {
+  }
+}
+function debugLog(message, hookName = "openclaw-plugin") {
+  try {
+    ensureLogFile();
+    const ts = (/* @__PURE__ */ new Date()).toISOString().replace("T", " ").slice(0, 19);
+    appendFileSync(DEBUG_LOG_PATH, `[${ts}] [${hookName}] ${message}
+`);
+  } catch {
+  }
+}
+
+// src/e2e-crypto.ts
+function keyId(keyHex) {
+  const keyBytes = Buffer.from(keyHex, "hex");
+  const hash = createHash("sha256").update(keyBytes).digest();
+  return hash.subarray(0, 4).toString("hex");
+}
+function deriveEncKey(keyHex) {
+  const prefix = Buffer.from("agentapprove-e2e-enc:");
+  const keyBytes = Buffer.from(keyHex, "hex");
+  return createHash("sha256").update(Buffer.concat([prefix, keyBytes])).digest();
+}
+function deriveMacKey(keyHex) {
+  const prefix = Buffer.from("agentapprove-e2e-mac:");
+  const keyBytes = Buffer.from(keyHex, "hex");
+  return createHash("sha256").update(Buffer.concat([prefix, keyBytes])).digest();
+}
+function e2eEncrypt(keyHex, plaintext) {
+  const kid = keyId(keyHex);
+  const encKey = deriveEncKey(keyHex);
+  const macKey = deriveMacKey(keyHex);
+  const iv = randomBytes(16);
+  const cipher = createCipheriv("aes-256-ctr", encKey, iv);
+  const ciphertext = Buffer.concat([cipher.update(plaintext, "utf-8"), cipher.final()]);
+  const ivHex = iv.toString("hex");
+  const ciphertextBase64 = ciphertext.toString("base64");
+  const hmac = createHmac("sha256", macKey).update(Buffer.concat([iv, ciphertext])).digest("hex");
+  return `E2E:v1:${kid}:${ivHex}:${ciphertextBase64}:${hmac}`;
+}
+function applyApprovalE2E(payload, userKey, serverKey) {
+  const sensitiveFields = {};
+  for (const field of ["command", "toolInput", "cwd"]) {
+    if (payload[field] != null) {
+      sensitiveFields[field] = payload[field];
+    }
+  }
+  if (Object.keys(sensitiveFields).length === 0) {
+    return payload;
+  }
+  const sensitiveJson = JSON.stringify(sensitiveFields);
+  const result = { ...payload };
+  delete result.command;
+  delete result.toolInput;
+  delete result.cwd;
+  const e2e = {
+    user: e2eEncrypt(userKey, sensitiveJson)
+  };
+  if (serverKey) {
+    e2e.server = e2eEncrypt(serverKey, sensitiveJson);
+  }
+  result.e2e = e2e;
+  return result;
+}
+function applyEventE2E(payload, userKey) {
+  const contentFields = {};
+  for (const field of [
+    "command",
+    "toolInput",
+    "response",
+    "responsePreview",
+    "text",
+    "textPreview",
+    "prompt",
+    "output",
+    "cwd"
+  ]) {
+    if (payload[field] != null) {
+      contentFields[field] = payload[field];
+    }
+  }
+  if (Object.keys(contentFields).length === 0) {
+    return payload;
+  }
+  const e2ePayload = e2eEncrypt(userKey, JSON.stringify(contentFields));
+  const result = { ...payload };
+  delete result.command;
+  delete result.toolInput;
+  delete result.response;
+  delete result.responsePreview;
+  delete result.text;
+  delete result.textPreview;
+  delete result.prompt;
+  delete result.output;
+  delete result.cwd;
+  result.e2ePayload = e2ePayload;
+  return result;
+}
+var AA_DIR = join2(homedir2(), ".agentapprove");
+var E2E_KEY_FILE = join2(AA_DIR, "e2e-key");
+var E2E_ROOT_KEY_FILE = join2(AA_DIR, "e2e-root-key");
+var E2E_ROTATION_FILE = join2(AA_DIR, "e2e-rotation.json");
+function rotateE2eKey(oldKeyHex) {
+  const prefix = Buffer.from("agentapprove-e2e-rotate:");
+  const keyBytes = Buffer.from(oldKeyHex, "hex");
+  return createHash("sha256").update(Buffer.concat([prefix, keyBytes])).digest("hex");
+}
+function deriveEpochKey(rootKeyHex, epoch) {
+  let current = rootKeyHex;
+  for (let i = 0; i < epoch; i++) {
+    current = rotateE2eKey(current);
+  }
+  return current;
+}
+function migrateRootKey() {
+  if (!existsSync2(E2E_KEY_FILE) || existsSync2(E2E_ROOT_KEY_FILE)) return;
+  try {
+    copyFileSync(E2E_KEY_FILE, E2E_ROOT_KEY_FILE);
+    try {
+      writeFileSync2(E2E_ROOT_KEY_FILE, readFileSync2(E2E_ROOT_KEY_FILE), { mode: 384 });
+    } catch {
+    }
+    if (!existsSync2(E2E_ROTATION_FILE)) {
+      const keyHex = readFileSync2(E2E_KEY_FILE, "utf-8").trim();
+      const kid = keyId(keyHex);
+      const config = {
+        rootKeyId: kid,
+        epoch: 0,
+        periodSeconds: 0,
+        startedAt: (/* @__PURE__ */ new Date()).toISOString()
+      };
+      writeFileSync2(E2E_ROTATION_FILE, JSON.stringify(config, null, 2), { mode: 384 });
+    }
+    debugLog("Migrated e2e-key to e2e-root-key");
+  } catch {
+  }
+}
+function checkAndRotateKeys(currentKeyHex) {
+  migrateRootKey();
+  if (!existsSync2(E2E_ROTATION_FILE) || !existsSync2(E2E_ROOT_KEY_FILE)) {
+    return currentKeyHex;
+  }
+  let rotCfg;
+  try {
+    rotCfg = JSON.parse(readFileSync2(E2E_ROTATION_FILE, "utf-8"));
+  } catch {
+    return currentKeyHex;
+  }
+  const periodSeconds = rotCfg.periodSeconds || 0;
+  if (periodSeconds <= 0 || !rotCfg.startedAt) {
+    return currentKeyHex;
+  }
+  const startedTs = Math.floor(new Date(rotCfg.startedAt).getTime() / 1e3);
+  if (isNaN(startedTs)) return currentKeyHex;
+  const nowTs = Math.floor(Date.now() / 1e3);
+  const elapsed = nowTs - startedTs;
+  if (elapsed < 0) return currentKeyHex;
+  const expectedEpoch = Math.floor(elapsed / periodSeconds);
+  const currentEpoch = rotCfg.epoch || 0;
+  if (expectedEpoch <= currentEpoch) {
+    return currentKeyHex;
+  }
+  let rootKeyHex;
+  try {
+    rootKeyHex = readFileSync2(E2E_ROOT_KEY_FILE, "utf-8").trim();
+  } catch {
+    return currentKeyHex;
+  }
+  if (rootKeyHex.length !== 64) return currentKeyHex;
+  const newKey = deriveEpochKey(rootKeyHex, expectedEpoch);
+  if (!newKey) return currentKeyHex;
+  try {
+    writeFileSync2(E2E_KEY_FILE, newKey, { mode: 384 });
+    rotCfg.epoch = expectedEpoch;
+    writeFileSync2(E2E_ROTATION_FILE, JSON.stringify(rotCfg, null, 2), { mode: 384 });
+  } catch {
+  }
+  debugLog(`E2E key rotated: epoch ${currentEpoch} -> ${expectedEpoch}`);
+  return newKey;
+}
+
+// src/config.ts
+var CONFIG_PATH = join3(homedir3(), ".agentapprove", "env");
 var KEYCHAIN_SERVICE = "com.agentapprove";
 var KEYCHAIN_ACCOUNT = "api-token";
 function parseConfigValue(content, key) {
@@ -49,9 +264,9 @@ function getKeychainToken() {
   }
 }
 function checkPermissions(logger) {
-  if (!existsSync(CONFIG_PATH)) return;
+  if (!existsSync3(CONFIG_PATH)) return;
   try {
-    const stat = statSync(CONFIG_PATH);
+    const stat = statSync2(CONFIG_PATH);
     const mode = stat.mode & 511;
     if (mode & 54) {
       logger?.warn(
@@ -64,8 +279,8 @@ function checkPermissions(logger) {
 function loadConfig(openclawConfig, logger) {
   checkPermissions(logger);
   let fileContent = "";
-  if (existsSync(CONFIG_PATH)) {
-    fileContent = readFileSync(CONFIG_PATH, "utf-8");
+  if (existsSync3(CONFIG_PATH)) {
+    fileContent = readFileSync3(CONFIG_PATH, "utf-8");
   }
   let token = process.env.AGENTAPPROVE_TOKEN || getKeychainToken() || parseConfigValue(fileContent, "AGENTAPPROVE_TOKEN") || "";
   if (!token) {
@@ -80,26 +295,33 @@ function loadConfig(openclawConfig, logger) {
   const privacyTier = openclawConfig?.privacyTier || process.env.AGENTAPPROVE_PRIVACY || parseConfigValue(fileContent, "AGENTAPPROVE_PRIVACY") || "full";
   const debug = openclawConfig?.debug || process.env.AGENTAPPROVE_DEBUG === "true" || parseConfigValue(fileContent, "AGENTAPPROVE_DEBUG") === "true" || false;
   const agentName = process.env.AGENTAPPROVE_AGENT_NAME || parseConfigValue(fileContent, "AGENTAPPROVE_OPENCLAW_NAME") || "OpenClaw";
-  const e2eEnabled = parseConfigValue(fileContent, "AGENTAPPROVE_E2E_ENABLED") === "true";
-  const e2eUserKeyPath = join(homedir(), ".agentapprove", "e2e-key");
-  const e2eServerKeyPath = join(homedir(), ".agentapprove", "e2e-server-key");
+  const e2eEnabled = process.env.AGENTAPPROVE_E2E_ENABLED === "true" || parseConfigValue(fileContent, "AGENTAPPROVE_E2E_ENABLED") === "true";
+  const e2eUserKeyPath = join3(homedir3(), ".agentapprove", "e2e-key");
+  const e2eServerKeyPath = join3(homedir3(), ".agentapprove", "e2e-server-key");
   let e2eUserKey;
   let e2eServerKey;
   if (e2eEnabled) {
-    if (existsSync(e2eUserKeyPath)) {
+    if (existsSync3(e2eUserKeyPath)) {
       try {
-        e2eUserKey = readFileSync(e2eUserKeyPath, "utf-8").trim();
+        e2eUserKey = readFileSync3(e2eUserKeyPath, "utf-8").trim();
       } catch {
         logger?.warn("Failed to load E2E user key");
       }
     }
-    if (existsSync(e2eServerKeyPath)) {
+    if (existsSync3(e2eServerKeyPath)) {
       try {
-        e2eServerKey = readFileSync(e2eServerKeyPath, "utf-8").trim();
+        e2eServerKey = readFileSync3(e2eServerKeyPath, "utf-8").trim();
       } catch {
         logger?.warn("Failed to load E2E server key");
       }
     }
+    if (e2eUserKey) {
+      e2eUserKey = checkAndRotateKeys(e2eUserKey) || e2eUserKey;
+    }
+  }
+  if (debug) {
+    const e2eStatus = !e2eEnabled ? "disabled" : !e2eUserKey ? "enabled but user key missing" : `enabled, keyId=${keyId(e2eUserKey)}`;
+    debugLog(`Config loaded: e2e=${e2eStatus}, serverKey=${e2eServerKey ? "present" : "missing"}, api=${apiUrl}`);
   }
   return {
     apiUrl,
@@ -109,7 +331,7 @@ function loadConfig(openclawConfig, logger) {
     failBehavior,
     privacyTier,
     debug,
-    hookVersion: "1.1.1",
+    hookVersion: "1.1.2",
     agentName,
     e2eEnabled,
     e2eUserKey,
@@ -124,7 +346,7 @@ import { URL } from "url";
 
 // src/hmac.ts
 import crypto from "crypto";
-import { readFileSync as readFileSync2 } from "fs";
+import { readFileSync as readFileSync4 } from "fs";
 function generateHMACSignature(body, token, hookVersion) {
   const timestamp = Math.floor(Date.now() / 1e3);
   const message = `${hookVersion}:${timestamp}:${body}`;
@@ -133,7 +355,7 @@ function generateHMACSignature(body, token, hookVersion) {
 }
 function computePluginHash(pluginPath) {
   try {
-    const content = readFileSync2(pluginPath, "utf-8");
+    const content = readFileSync4(pluginPath, "utf-8");
     return crypto.createHash("sha256").update(content).digest("hex");
   } catch {
     return "";
@@ -151,6 +373,28 @@ function buildHMACHeaders(body, token, hookVersion, pluginHash) {
 
 // src/privacy.ts
 var SUMMARY_MAX_LENGTH = 50;
+var FILEPATH_MAX_LENGTH = 100;
+var SENSITIVE_PATTERNS = [
+  /(?:password|secret|token|key|api_key|auth)=[^\s&]+/gi,
+  /Bearer [a-zA-Z0-9_-]+/gi
+];
+function redactSensitive(value) {
+  let result = value;
+  for (const pattern of SENSITIVE_PATTERNS) {
+    result = result.replace(pattern, "***REDACTED***");
+  }
+  return result;
+}
+function truncate(value, maxLen) {
+  if (!value) return value;
+  if (value.length <= maxLen) return value;
+  return value.slice(0, maxLen) + "...";
+}
+function summarizeToolInput(value) {
+  const inputStr = redactSensitive(JSON.stringify(value));
+  const summary = inputStr.length > SUMMARY_MAX_LENGTH ? inputStr.slice(0, SUMMARY_MAX_LENGTH) + "..." : inputStr;
+  return { _summary: summary };
+}
 function applyPrivacyFilter(request, privacyTier) {
   if (privacyTier === "full") {
     return request;
@@ -162,142 +406,51 @@ function applyPrivacyFilter(request, privacyTier) {
     delete filtered.cwd;
     return filtered;
   }
-  if (filtered.command && filtered.command.length > SUMMARY_MAX_LENGTH) {
-    filtered.command = filtered.command.slice(0, SUMMARY_MAX_LENGTH) + "...";
+  if (filtered.command) {
+    filtered.command = truncate(redactSensitive(filtered.command), SUMMARY_MAX_LENGTH);
   }
   if (filtered.toolInput) {
-    const inputStr = JSON.stringify(filtered.toolInput);
-    if (inputStr.length > SUMMARY_MAX_LENGTH) {
-      filtered.toolInput = { _summary: inputStr.slice(0, SUMMARY_MAX_LENGTH) + "..." };
-    }
+    filtered.toolInput = summarizeToolInput(filtered.toolInput);
   }
   return filtered;
 }
-
-// src/e2e-crypto.ts
-import { createHash, createHmac, createCipheriv, randomBytes } from "crypto";
-function keyId(keyHex) {
-  const keyBytes = Buffer.from(keyHex, "hex");
-  const hash = createHash("sha256").update(keyBytes).digest();
-  return hash.subarray(0, 4).toString("hex");
-}
-function deriveEncKey(keyHex) {
-  const prefix = Buffer.from("agentapprove-e2e-enc:");
-  const keyBytes = Buffer.from(keyHex, "hex");
-  return createHash("sha256").update(Buffer.concat([prefix, keyBytes])).digest();
-}
-function deriveMacKey(keyHex) {
-  const prefix = Buffer.from("agentapprove-e2e-mac:");
-  const keyBytes = Buffer.from(keyHex, "hex");
-  return createHash("sha256").update(Buffer.concat([prefix, keyBytes])).digest();
-}
-function e2eEncrypt(keyHex, plaintext) {
-  const kid = keyId(keyHex);
-  const encKey = deriveEncKey(keyHex);
-  const macKey = deriveMacKey(keyHex);
-  const iv = randomBytes(16);
-  const cipher = createCipheriv("aes-256-ctr", encKey, iv);
-  const ciphertext = Buffer.concat([cipher.update(plaintext, "utf-8"), cipher.final()]);
-  const ivHex = iv.toString("hex");
-  const ciphertextBase64 = ciphertext.toString("base64");
-  const hmac = createHmac("sha256", macKey).update(Buffer.concat([iv, ciphertext])).digest("hex");
-  return `E2E:v1:${kid}:${ivHex}:${ciphertextBase64}:${hmac}`;
-}
-function applyApprovalE2E(payload, userKey, serverKey) {
-  const sensitiveFields = {};
-  for (const field of ["command", "toolInput", "cwd"]) {
-    if (payload[field] != null) {
-      sensitiveFields[field] = payload[field];
-    }
-  }
-  if (Object.keys(sensitiveFields).length === 0) {
-    return payload;
-  }
-  const sensitiveJson = JSON.stringify(sensitiveFields);
-  const result = { ...payload };
-  delete result.command;
-  delete result.toolInput;
-  delete result.cwd;
-  const e2e = {
-    user: e2eEncrypt(userKey, sensitiveJson)
-  };
-  if (serverKey) {
-    e2e.server = e2eEncrypt(serverKey, sensitiveJson);
+var CONTENT_FIELDS = [
+  "command",
+  "toolInput",
+  "response",
+  "text",
+  "textPreview",
+  "prompt",
+  "output",
+  "cwd"
+];
+function applyEventPrivacyFilter(event, privacyTier) {
+  if (privacyTier === "full") {
+    return event;
   }
-  result.e2e = e2e;
-  return result;
-}
-function applyEventE2E(payload, userKey) {
-  const contentFields = {};
-  for (const field of [
-    "command",
-    "toolInput",
-    "response",
-    "responsePreview",
-    "text",
-    "textPreview",
-    "prompt",
-    "output",
-    "cwd"
-  ]) {
-    if (payload[field] != null) {
-      contentFields[field] = payload[field];
+  const filtered = { ...event };
+  if (privacyTier === "minimal") {
+    for (const field of CONTENT_FIELDS) {
+      delete filtered[field];
     }
+    if (typeof filtered.textLength === "undefined" && typeof event.text === "string") {
+      filtered.textLength = event.text.length;
+    }
+    return filtered;
   }
-  if (Object.keys(contentFields).length === 0) {
-    return payload;
-  }
-  const e2ePayload = e2eEncrypt(userKey, JSON.stringify(contentFields));
-  const result = { ...payload };
-  delete result.command;
-  delete result.toolInput;
-  delete result.response;
-  delete result.responsePreview;
-  delete result.text;
-  delete result.textPreview;
-  delete result.prompt;
-  delete result.output;
-  delete result.cwd;
-  result.e2ePayload = e2ePayload;
-  return result;
-}
-
-// src/debug.ts
-import { appendFileSync, existsSync as existsSync2, mkdirSync, statSync as statSync2, readFileSync as readFileSync3, writeFileSync } from "fs";
-import { join as join2, dirname } from "path";
-import { homedir as homedir2 } from "os";
-var DEBUG_LOG_PATH = join2(homedir2(), ".agentapprove", "hook-debug.log");
-var MAX_SIZE = 5 * 1024 * 1024;
-var KEEP_SIZE = 2 * 1024 * 1024;
-function ensureLogFile() {
-  const dir = dirname(DEBUG_LOG_PATH);
-  if (!existsSync2(dir)) {
-    mkdirSync(dir, { recursive: true });
-  }
-  if (!existsSync2(DEBUG_LOG_PATH)) {
-    writeFileSync(DEBUG_LOG_PATH, "", { mode: 384 });
-    return;
-  }
-  try {
-    const stat = statSync2(DEBUG_LOG_PATH);
-    if (stat.size > MAX_SIZE) {
-      const content = readFileSync3(DEBUG_LOG_PATH, "utf-8");
-      writeFileSync(DEBUG_LOG_PATH, content.slice(-KEEP_SIZE), { mode: 384 });
-      const ts = (/* @__PURE__ */ new Date()).toISOString().replace("T", " ").slice(0, 19);
-      appendFileSync(DEBUG_LOG_PATH, `[${ts}] [openclaw-plugin] Log rotated (exceeded 5MB)
-`);
+  for (const field of CONTENT_FIELDS) {
+    const val = filtered[field];
+    if (val === void 0 || val === null) continue;
+    if (field === "toolInput") {
+      filtered[field] = summarizeToolInput(val);
+    } else if (typeof val === "string") {
+      filtered[field] = truncate(redactSensitive(val), SUMMARY_MAX_LENGTH);
     }
-  } catch {
   }
-}
-function debugLog(message, hookName = "openclaw-plugin") {
-  try {
-    ensureLogFile();
-    const ts = (/* @__PURE__ */ new Date()).toISOString().replace("T", " ").slice(0, 19);
-    appendFileSync(DEBUG_LOG_PATH, `[${ts}] [${hookName}] ${message}
-`);
-  } catch {
+  if (typeof filtered.filePath === "string") {
+    filtered.filePath = truncate(filtered.filePath, FILEPATH_MAX_LENGTH);
   }
+  return filtered;
 }
 
 // src/api-client.ts
@@ -355,7 +508,9 @@ async function sendApprovalRequest(request, config, pluginPath) {
   let payload;
   if (config.e2eEnabled && config.e2eUserKey) {
     payload = applyApprovalE2E(request, config.e2eUserKey, config.e2eServerKey);
-    debugLog("E2E encryption applied to approval request");
+    if (config.debug) {
+      debugLog("E2E encryption applied to approval request");
+    }
   } else {
     payload = applyPrivacyFilter(request, config.privacyTier);
   }
@@ -385,10 +540,18 @@ async function sendApprovalRequest(request, config, pluginPath) {
 }
 async function sendEvent(event, config, pluginPath) {
   if (!config.token) return;
+  const eventType = event.eventType;
+  const toolName = event.toolName;
+  if (config.debug) {
+    debugLog(`Sending ${eventType || "event"}${toolName ? ` (${toolName})` : ""} (privacy: ${config.privacyTier})`);
+  }
   try {
-    let payload = { ...event };
+    let payload = applyEventPrivacyFilter(event, config.privacyTier);
     if (config.e2eEnabled && config.e2eUserKey) {
       payload = applyEventE2E(payload, config.e2eUserKey);
+      if (config.debug) {
+        debugLog(`E2E applied to event (type=${eventType})`);
+      }
     }
     const bodyStr = JSON.stringify(payload);
     const pluginHash = getPluginHash(pluginPath);
@@ -398,10 +561,18 @@ async function sendEvent(event, config, pluginPath) {
       ...hmacHeaders
     };
     const url = `${config.apiUrl}/${config.apiVersion}/events`;
-    await httpPost(url, bodyStr, headers, 5e3);
-  } catch {
     if (config.debug) {
-      debugLog(`Failed to send event: ${JSON.stringify(event).slice(0, 100)}`);
+      debugLog(`=== SENT TO ${url} ===`);
+      debugLog(bodyStr.slice(0, 500));
+      debugLog("=== END SENT ===");
+    }
+    const response = await httpPost(url, bodyStr, headers, 5e3);
+    if (config.debug) {
+      debugLog(`send_event response: ${response.body.slice(0, 200)}`);
+    }
+  } catch (err) {
+    if (config.debug) {
+      debugLog(`Failed to send ${eventType || "event"}: ${err instanceof Error ? err.message : String(err)}`);
     }
   }
 }
@@ -414,6 +585,29 @@ try {
   pluginFilePath = __filename;
 }
 var gatewaySessionId = randomBytes2(12).toString("hex");
+var DEDUP_WINDOW_MS = 1200;
+var DEDUP_MAX_SIZE = 300;
+var recentCompletions = /* @__PURE__ */ new Map();
+function resolveConversationId() {
+  return gatewaySessionId;
+}
+function isDuplicateCompletion(toolName, params) {
+  const paramsHash = createHash2("md5").update(JSON.stringify(params || {})).digest("hex").slice(0, 12);
+  const key = `${toolName}:${paramsHash}`;
+  const now = Date.now();
+  const last = recentCompletions.get(key);
+  if (last && now - last < DEDUP_WINDOW_MS) {
+    return true;
+  }
+  recentCompletions.set(key, now);
+  if (recentCompletions.size > DEDUP_MAX_SIZE) {
+    const cutoff = now - DEDUP_WINDOW_MS;
+    for (const [k, ts] of recentCompletions) {
+      if (ts < cutoff) recentCompletions.delete(k);
+    }
+  }
+  return false;
+}
 function classifyTool(toolName, params) {
   const lower = toolName.toLowerCase();
   if (lower === "exec" || lower === "process") {
@@ -494,7 +688,9 @@ function extractResultPreview(toolName, params, result, maxLen = 300) {
 }
 function handleFailBehavior(config, error, toolName, logger) {
   logger.warn(`Agent Approve API error for tool "${toolName}": ${error.message}`);
-  debugLog(`API error: ${error.message}, failBehavior: ${config.failBehavior}`);
+  if (config.debug) {
+    debugLog(`API error: ${error.message}, failBehavior: ${config.failBehavior}`);
+  }
   switch (config.failBehavior) {
     case "deny":
       return { block: true, blockReason: "Agent Approve unavailable, denying by policy" };
@@ -515,8 +711,11 @@ function register(api) {
     return;
   }
   api.logger.info(`Agent Approve: Plugin loaded (privacy: ${config.privacyTier}, fail: ${config.failBehavior})`);
-  debugLog(`Plugin loaded, API: ${config.apiUrl}, agent: ${config.agentName}`);
+  if (config.debug) {
+    debugLog(`Plugin loaded, API: ${config.apiUrl}, agent: ${config.agentName}`);
+  }
   api.on("before_tool_call", async (event, ctx) => {
+    const conversationId = resolveConversationId();
     const { toolType, displayName } = classifyTool(event.toolName, event.params);
     const command = extractCommand(event.toolName, event.params);
     const request = {
@@ -526,17 +725,22 @@ function register(api) {
       toolInput: event.params,
       agent: config.agentName,
       hookType: "before_tool_call",
-      sessionId: gatewaySessionId,
+      sessionId: conversationId,
+      conversationId,
       cwd: event.params.workdir || void 0,
       timestamp: (/* @__PURE__ */ new Date()).toISOString()
     };
     try {
       const response = await sendApprovalRequest(request, config, pluginFilePath);
       if (response.decision === "approve" || response.decision === "allow") {
-        debugLog(`Tool "${event.toolName}" approved${response.reason ? ": " + response.reason : ""}`);
+        if (config.debug) {
+          debugLog(`Tool "${event.toolName}" approved${response.reason ? ": " + response.reason : ""}`);
+        }
         return void 0;
       }
-      debugLog(`Tool "${event.toolName}" denied${response.reason ? ": " + response.reason : ""}`);
+      if (config.debug) {
+        debugLog(`Tool "${event.toolName}" denied${response.reason ? ": " + response.reason : ""}`);
+      }
       return {
         block: true,
         blockReason: response.reason || "Denied by Agent Approve"
@@ -551,6 +755,13 @@ function register(api) {
     }
   });
   api.on("after_tool_call", async (event, ctx) => {
+    const conversationId = resolveConversationId();
+    if (isDuplicateCompletion(event.toolName, event.params)) {
+      if (config.debug) {
+        debugLog(`Skipping duplicate tool_complete for "${event.toolName}"`);
+      }
+      return;
+    }
     const { toolType } = classifyTool(event.toolName, event.params);
     const resultPreview = extractResultPreview(event.toolName, event.params, event.result);
     void sendEvent({
@@ -559,7 +770,8 @@ function register(api) {
       eventType: "tool_complete",
       agent: config.agentName,
       hookType: "after_tool_call",
-      sessionId: gatewaySessionId,
+      sessionId: conversationId,
+      conversationId,
       command: extractCommand(event.toolName, event.params),
       status: event.error ? "error" : "success",
       response: event.error || resultPreview || void 0,
@@ -567,6 +779,139 @@ function register(api) {
       timestamp: (/* @__PURE__ */ new Date()).toISOString()
     }, config, pluginFilePath);
   });
+  api.on("session_start", async (event, ctx) => {
+    const conversationId = resolveConversationId();
+    if (config.debug) {
+      debugLog(`Session started: ${event.sessionId}${event.resumedFrom ? ` (resumed from ${event.resumedFrom})` : ""}`);
+    }
+    void sendEvent({
+      eventType: "session_start",
+      agent: config.agentName,
+      hookType: "session_start",
+      sessionId: conversationId,
+      conversationId,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    }, config, pluginFilePath);
+  });
+  api.on("session_end", async (event, ctx) => {
+    const conversationId = resolveConversationId();
+    if (config.debug) {
+      debugLog(`Session ended: ${event.sessionId} (${event.messageCount} messages, ${event.durationMs ?? "?"}ms)`);
+    }
+    void sendEvent({
+      eventType: "session_end",
+      agent: config.agentName,
+      hookType: "session_end",
+      sessionId: conversationId,
+      conversationId,
+      durationMs: event.durationMs,
+      sessionStats: { messageCount: event.messageCount },
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    }, config, pluginFilePath);
+  });
+  api.on("llm_input", async (event, ctx) => {
+    const conversationId = resolveConversationId();
+    if (config.debug) {
+      debugLog(`LLM input: model=${event.model}, prompt length=${event.prompt?.length ?? 0}`);
+    }
+    void sendEvent({
+      eventType: "user_prompt",
+      agent: config.agentName,
+      hookType: "llm_input",
+      sessionId: conversationId,
+      conversationId,
+      model: event.model,
+      prompt: event.prompt,
+      textLength: event.prompt?.length ?? 0,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    }, config, pluginFilePath);
+  });
+  api.on("llm_output", async (event, ctx) => {
+    const conversationId = resolveConversationId();
+    const responseText = event.assistantTexts?.join("\n") || "";
+    const textLength = responseText.length;
+    if (config.debug) {
+      debugLog(`LLM output: model=${event.model}, length=${textLength}${event.usage?.total ? `, tokens=${event.usage.total}` : ""}`);
+    }
+    void sendEvent({
+      eventType: "response",
+      agent: config.agentName,
+      hookType: "llm_output",
+      sessionId: conversationId,
+      conversationId,
+      model: event.model,
+      text: responseText,
+      textPreview: responseText.slice(0, 200),
+      textLength,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    }, config, pluginFilePath);
+  });
+  api.on("agent_end", async (event, ctx) => {
+    const conversationId = resolveConversationId();
+    if (config.debug) {
+      debugLog(`Agent ended: success=${event.success}${event.durationMs ? `, duration=${event.durationMs}ms` : ""}${event.error ? `, error=${event.error}` : ""}`);
+    }
+    void sendEvent({
+      eventType: "stop",
+      agent: config.agentName,
+      hookType: "agent_end",
+      sessionId: conversationId,
+      conversationId,
+      status: event.success ? "completed" : "error",
+      durationMs: event.durationMs,
+      response: event.error || void 0,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    }, config, pluginFilePath);
+  });
+  api.on("before_compaction", async (event, ctx) => {
+    const conversationId = resolveConversationId();
+    if (config.debug) {
+      debugLog(`Context compaction: ${event.messageCount} messages${event.tokenCount ? `, ${event.tokenCount} tokens` : ""}`);
+    }
+    void sendEvent({
+      eventType: "context_compact",
+      agent: config.agentName,
+      hookType: "before_compaction",
+      sessionId: conversationId,
+      conversationId,
+      trigger: `${event.messageCount} messages${event.tokenCount ? `, ${event.tokenCount} tokens` : ""}`,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    }, config, pluginFilePath);
+  });
+  api.on("subagent_spawned", async (event, ctx) => {
+    const conversationId = resolveConversationId();
+    if (config.debug) {
+      debugLog(`Subagent spawned: ${event.agentId} (${event.mode}${event.label ? `, label=${event.label}` : ""})`);
+    }
+    void sendEvent({
+      eventType: "subagent_start",
+      agent: config.agentName,
+      hookType: "subagent_spawned",
+      sessionId: conversationId,
+      conversationId,
+      subagentType: event.agentId,
+      subagentMode: event.mode,
+      subagentLabel: event.label,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    }, config, pluginFilePath);
+  });
+  api.on("subagent_ended", async (event, ctx) => {
+    const conversationId = resolveConversationId();
+    if (config.debug) {
+      debugLog(`Subagent ended: ${event.targetKind} reason=${event.reason}${event.outcome ? `, outcome=${event.outcome}` : ""}`);
+    }
+    void sendEvent({
+      eventType: "subagent_stop",
+      agent: config.agentName,
+      hookType: "subagent_ended",
+      sessionId: conversationId,
+      conversationId,
+      status: event.outcome || event.reason,
+      subagentType: event.targetKind,
+      response: event.error || void 0,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString()
+    }, config, pluginFilePath);
+  });
   api.registerHook(
     ["command:new", "command:stop", "command:reset"],
     async (event) => {
@@ -575,13 +920,17 @@ function register(api) {
         stop: "session_end",
         reset: "session_start"
       };
+      if (config.debug) {
+        debugLog(`Command event: ${event.action}`);
+      }
       void sendEvent({
         toolName: `command:${event.action}`,
         toolType: "command",
         eventType: eventTypeMap[event.action] || "command_event",
         agent: config.agentName,
         hookType: "command_event",
-        sessionId: gatewaySessionId,
+        sessionId: resolveConversationId(),
+        conversationId: resolveConversationId(),
         timestamp: event.timestamp.toISOString()
       }, config, pluginFilePath);
     },
@@ -594,37 +943,40 @@ function register(api) {
       const provider = event.context.channelId;
       const peer = isInbound ? event.context.from : event.context.to;
       const channelLabel = [provider, peer].filter(Boolean).join(":") || void 0;
+      if (config.debug) {
+        debugLog(`Message event: ${event.action} ${channelLabel || "(no channel)"}`);
+      }
       const payload = {
         toolName: `message:${event.action}`,
         toolType: "message_event",
-        eventType: isInbound ? "prompt_submitted" : "response",
+        eventType: isInbound ? "user_prompt" : "response",
         agent: config.agentName,
         hookType: "session_event",
-        sessionId: gatewaySessionId,
+        sessionId: resolveConversationId(),
+        conversationId: resolveConversationId(),
         timestamp: event.timestamp.toISOString(),
         cwd: channelLabel
       };
       const content = event.context.content;
       if (content) {
-        if (config.privacyTier === "full") {
-          payload.textPreview = content.slice(0, 200);
-        } else if (config.privacyTier === "summary") {
-          payload.textPreview = content.slice(0, 50);
-        }
+        payload.text = content;
+        payload.textPreview = content.slice(0, 200);
+        payload.textLength = content.length;
         if (isInbound && peer) {
-          payload.prompt = `${peer}: ${content}`.slice(0, 200);
+          payload.prompt = `${peer}: ${content}`;
         }
       }
       void sendEvent(payload, config, pluginFilePath);
     },
     { name: "agentapprove-session-monitor", description: "Log message events to Agent Approve" }
   );
-  api.logger.info("Agent Approve: Registered before_tool_call, after_tool_call, and event monitoring hooks");
+  const hookCount = 10;
+  api.logger.info(`Agent Approve: Registered ${hookCount} plugin hooks + event monitoring`);
 }
 var index_default = {
   id: "openclaw",
   name: "Agent Approve",
-  description: "Mobile approval for AI agent tool execution",
+  description: "Agent Approve mobile approval for AI agent tool execution",
   register
 };
 export {

package/openclaw.plugin.json

@@ -2,7 +2,7 @@
   "id": "openclaw",
   "name": "Agent Approve",
   "description": "Mobile approval for AI agent tool execution. Approve or deny tool calls from your iPhone and Apple Watch.",
-  "version": "0.1.3",
+  "version": "0.1.5",
   "homepage": "https://agentapprove.com",
   "configSchema": {
     "type": "object",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agentapprove/openclaw",
-  "version": "0.1.3",
+  "version": "0.1.5",
   "description": "Agent Approve plugin for OpenClaw - approve or deny AI agent tool calls from your iPhone and Apple Watch",
   "main": "dist/index.js",
   "scripts": {