@cored-im/openclaw-plugin 0.1.7 → 0.1.11

package/src/config.test.ts

@@ -61,15 +61,12 @@ describe("resolveAccountConfig", () => {
     const account = resolveAccountConfig(cfg);
     expect(account).toEqual({
       accountId: "default",
-      enabled: true,
       appId: "app_1",
       appSecret: "secret_1",
       backendUrl: "https://your-backend-url.com",
+      enabled: true,
       enableEncryption: true,
       requestTimeout: 30_000,
-      requireMention: true,
-      botUserId: undefined,
-      inboundWhitelist: [],
     });
   });
 
@@ -82,7 +79,7 @@ describe("resolveAccountConfig", () => {
               appId: "app_bot1",
               appSecret: "secret_bot1",
               backendUrl: "http://localhost:11000",
-              requireMention: false,
+              enableEncryption: false,
             },
           },
         },
@@ -91,8 +88,7 @@ describe("resolveAccountConfig", () => {
     const account = resolveAccountConfig(cfg, "bot1");
     expect(account.accountId).toBe("bot1");
     expect(account.appId).toBe("app_bot1");
-    expect(account.requireMention).toBe(false);
-    expect(account.enableEncryption).toBe(true); // default
+    expect(account.enableEncryption).toBe(false);
   });
 
   it("falls back to env vars when config values are missing", () => {
@@ -136,14 +132,12 @@ describe("resolveAccountConfig", () => {
 describe("validateAccountConfig", () => {
   const validConfig = {
     accountId: "default",
-    enabled: true,
     appId: "app_1",
     appSecret: "secret_1",
     backendUrl: "https://api.cored.im",
+    enabled: true,
     enableEncryption: true,
     requestTimeout: 30_000,
-    requireMention: true,
-    inboundWhitelist: [],
   };
 
   it("returns no errors for valid config", () => {

package/src/config.ts

@@ -6,8 +6,6 @@ import type { CoredChannelConfig, CoredAccountConfig } from "./types.js";
 const DEFAULTS = {
   enableEncryption: true,
   requestTimeout: 30_000,
-  requireMention: true,
-  inboundWhitelist: [] as string[],
 } as const;
 
 const ENV_PREFIX = "CORED_";
@@ -35,10 +33,6 @@ function readEnvConfig(): Partial<CoredAccountConfig> {
       env[`${ENV_PREFIX}ENABLE_ENCRYPTION`] !== "false";
   if (env[`${ENV_PREFIX}REQUEST_TIMEOUT`])
     result.requestTimeout = Number(env[`${ENV_PREFIX}REQUEST_TIMEOUT`]);
-  if (env[`${ENV_PREFIX}REQUIRE_MENTION`] !== undefined)
-    result.requireMention = env[`${ENV_PREFIX}REQUIRE_MENTION`] !== "false";
-  if (env[`${ENV_PREFIX}BOT_USER_ID`])
-    result.botUserId = env[`${ENV_PREFIX}BOT_USER_ID`];
 
   return result;
 }
@@ -69,18 +63,14 @@ export function resolveAccountConfig(
 
   return {
     accountId: id,
-    enabled: raw?.enabled ?? true,
     appId: raw?.appId ?? envConfig.appId ?? "",
     appSecret: raw?.appSecret ?? envConfig.appSecret ?? "",
     backendUrl: raw?.backendUrl ?? envConfig.backendUrl ?? "",
+    enabled: raw?.enabled ?? true,
     enableEncryption:
       raw?.enableEncryption ?? envConfig.enableEncryption ?? DEFAULTS.enableEncryption,
     requestTimeout:
       raw?.requestTimeout ?? envConfig.requestTimeout ?? DEFAULTS.requestTimeout,
-    requireMention:
-      raw?.requireMention ?? envConfig.requireMention ?? DEFAULTS.requireMention,
-    botUserId: raw?.botUserId ?? envConfig.botUserId,
-    inboundWhitelist: raw?.inboundWhitelist ?? [...DEFAULTS.inboundWhitelist],
   };
 }
 

package/src/index.ts

@@ -1,7 +1,7 @@
 // Copyright (c) 2026 Cored Limited
 // SPDX-License-Identifier: Apache-2.0
 
-import { defineChannelPluginEntry, type PluginApi } from "openclaw/plugin-sdk/core";
+import { defineChannelPluginEntry } from "openclaw/plugin-sdk/core";
 import { coredPlugin } from "./channel.js";
 import { listEnabledAccountConfigs, validateAccountConfig } from "./config.js";
 import {
@@ -9,64 +9,58 @@ import {
   destroyAllClients,
   clientCount,
 } from "./core/cored-client.js";
-import { processInboundMessage, type ExtendedPluginApi } from "./messaging/inbound.js";
+import type { OpenClawPluginApi } from "openclaw/plugin-sdk/core";
+import { processInboundMessage } from "./messaging/inbound.js";
 import { makeDeliver, setTyping, clearTyping, readMessage } from "./messaging/outbound.js";
 import type { CoredAccountConfig, CoredMessageEvent } from "./types.js";
 
-// Extended PluginApi with config type for service registration
-interface ServicePluginApi extends ExtendedPluginApi {
-  config: { channels?: Record<string, unknown> };
-}
-
 export default defineChannelPluginEntry({
   id: "cored",
   name: "Cored",
   description: "Connect OpenClaw with Cored",
   plugin: coredPlugin,
   registerFull(api) {
-    const typedApi = api as ServicePluginApi;
-
-    typedApi.registerService({
+    api.registerService({
       id: "cored-sdk",
       start: async () => {
         if (clientCount() > 0) return;
 
-        const accounts = listEnabledAccountConfigs(typedApi.config);
+        const accounts = listEnabledAccountConfigs(api.config);
         if (accounts.length === 0) {
-          typedApi.logger?.warn?.("[cored] no enabled account config found — service idle");
+          api.logger?.warn?.("[cored] no enabled account config found — service idle");
           return;
         }
 
         for (const account of accounts) {
           const errors = validateAccountConfig(account);
           if (errors.length > 0) {
-            typedApi.logger?.warn?.(
+            api.logger?.warn?.(
               `[cored] skipping account=${account.accountId}: ${errors.map((e) => e.message).join("; ")}`,
             );
             continue;
           }
 
           try {
-            await startAccount(typedApi, account);
-            typedApi.logger?.info?.(
+            await startAccount(api, account);
+            api.logger?.info?.(
               `[cored] account=${account.accountId} connected (appId=${account.appId})`,
             );
           } catch (err) {
-            typedApi.logger?.error?.(
+            api.logger?.error?.(
               `[cored] account=${account.accountId} failed to start: ${err instanceof Error ? err.message : String(err)}`,
             );
           }
         }
 
-        typedApi.logger?.info?.(`[cored] service started with ${clientCount()} account(s)`);
+        api.logger?.info?.(`[cored] service started with ${clientCount()} account(s)`);
       },
       stop: async () => {
         await destroyAllClients();
-        typedApi.logger?.info?.("[cored] service stopped — all clients disconnected");
+        api.logger?.info?.("[cored] service stopped — all clients disconnected");
       },
     });
 
-    typedApi.logger?.info?.("[cored] plugin registered");
+    api.logger?.info?.("[cored] plugin registered");
   },
 });
 
@@ -74,7 +68,7 @@ export default defineChannelPluginEntry({
  * Start a single account — create client, subscribe to inbound events.
  */
 async function startAccount(
-  api: ServicePluginApi,
+  api: OpenClawPluginApi,
   account: CoredAccountConfig,
 ): Promise<void> {
   const deliver = makeDeliver(account.accountId, (msg) => api.logger?.warn?.(msg));
@@ -97,7 +91,7 @@ async function startAccount(
  * Handle a single inbound message with typing indicator lifecycle.
  */
 async function handleInbound(
-  api: ServicePluginApi,
+  api: OpenClawPluginApi,
   account: CoredAccountConfig,
   event: CoredMessageEvent,
   deliver: (chatId: string, text: string) => Promise<void>,

package/src/messaging/inbound.test.ts

@@ -5,7 +5,6 @@ import { describe, it, expect, beforeEach, vi } from "vitest";
 import {
   parseMessageEvent,
   checkMessageGate,
-  isBotMentioned,
   isDuplicate,
   _resetDedup,
   buildContext,
@@ -14,8 +13,8 @@ import {
 import type {
   CoredAccountConfig,
   CoredMessageEvent,
-  PluginApi,
 } from "../types.js";
+import type { InboundPluginApi } from "./inbound.js";
 
 // ---------------------------------------------------------------------------
 // Helpers
@@ -26,15 +25,12 @@ function makeAccount(
 ): CoredAccountConfig {
   return {
     accountId: "test-account",
-    enabled: true,
     appId: "app_test",
     appSecret: "secret",
     backendUrl: "https://your-backend-url.com",
+    enabled: true,
     enableEncryption: true,
     requestTimeout: 30_000,
-    requireMention: true,
-    botUserId: "bot_user_001",
-    inboundWhitelist: [],
     ...overrides,
   };
 }
@@ -56,7 +52,7 @@ function makeEvent(
   };
 }
 
-function makeMockApi(): PluginApi {
+function makeMockApi(): InboundPluginApi {
   return {
     registerChannel: vi.fn(),
     registerService: vi.fn(),
@@ -197,112 +193,11 @@ describe("parseMessageEvent", () => {
 describe("checkMessageGate", () => {
   it("passes a normal direct message", () => {
     const msg = parseMessageEvent(makeEvent())!;
-    const account = makeAccount({ requireMention: false });
-    const result = checkMessageGate(msg, account);
-    expect(result.pass).toBe(true);
-  });
-
-  it("blocks self-messages", () => {
-    const event = makeEvent({
-      sender: { userId: "bot_user_001" },
-    });
-    const msg = parseMessageEvent(event)!;
     const account = makeAccount();
     const result = checkMessageGate(msg, account);
-    expect(result.pass).toBe(false);
-    expect(result.reason).toBe("self-message");
-  });
-
-  it("blocks sender not in whitelist when whitelist is set", () => {
-    const msg = parseMessageEvent(makeEvent())!;
-    const account = makeAccount({
-      inboundWhitelist: ["allowed_user"],
-    });
-    const result = checkMessageGate(msg, account);
-    expect(result.pass).toBe(false);
-    expect(result.reason).toBe("sender-not-in-whitelist");
-  });
-
-  it("passes sender in whitelist", () => {
-    const msg = parseMessageEvent(makeEvent())!;
-    const account = makeAccount({
-      inboundWhitelist: ["user_sender_001"],
-      requireMention: false,
-    });
-    const result = checkMessageGate(msg, account);
     expect(result.pass).toBe(true);
   });
 
-  it("blocks group message without mention when requireMention is true", () => {
-    const event = makeEvent({ chatType: "group" });
-    const msg = parseMessageEvent(event)!;
-    const account = makeAccount({ requireMention: true });
-    const result = checkMessageGate(msg, account);
-    expect(result.pass).toBe(false);
-    expect(result.reason).toBe("group-no-mention");
-  });
-
-  it("passes group message with mention", () => {
-    const event = makeEvent({
-      chatType: "group",
-      mentionUserList: [{ userId: "bot_user_001" }],
-    });
-    const msg = parseMessageEvent(event)!;
-    const account = makeAccount({ requireMention: true });
-    const result = checkMessageGate(msg, account);
-    expect(result.pass).toBe(true);
-  });
-
-  it("passes group message when requireMention is false", () => {
-    const event = makeEvent({ chatType: "group" });
-    const msg = parseMessageEvent(event)!;
-    const account = makeAccount({ requireMention: false });
-    const result = checkMessageGate(msg, account);
-    expect(result.pass).toBe(true);
-  });
-
-  it("skips self-message check when botUserId is not set", () => {
-    const event = makeEvent({
-      sender: { userId: "any_user" },
-    });
-    const msg = parseMessageEvent(event)!;
-    const account = makeAccount({ botUserId: undefined });
-    const result = checkMessageGate(msg, account);
-    expect(result.pass).toBe(true);
-  });
-});
-
-// ---------------------------------------------------------------------------
-// isBotMentioned
-// ---------------------------------------------------------------------------
-
-describe("isBotMentioned", () => {
-  it("returns true when bot is in mentionUserIds", () => {
-    const event = makeEvent({
-      mentionUserList: [{ userId: "bot_user_001" }],
-    });
-    const msg = parseMessageEvent(event)!;
-    const account = makeAccount();
-    expect(isBotMentioned(msg, account)).toBe(true);
-  });
-
-  it("returns false when bot is not mentioned", () => {
-    const event = makeEvent({
-      mentionUserList: [{ userId: "other_user" }],
-    });
-    const msg = parseMessageEvent(event)!;
-    const account = makeAccount();
-    expect(isBotMentioned(msg, account)).toBe(false);
-  });
-
-  it("returns false when botUserId is not set", () => {
-    const event = makeEvent({
-      mentionUserList: [{ userId: "bot_user_001" }],
-    });
-    const msg = parseMessageEvent(event)!;
-    const account = makeAccount({ botUserId: undefined });
-    expect(isBotMentioned(msg, account)).toBe(false);
-  });
 });
 
 // ---------------------------------------------------------------------------
@@ -348,7 +243,7 @@ describe("buildContext", () => {
     expect(ctx.AccountId).toBe("test-account");
     expect(ctx.Body).toBe("hello world");
     expect(ctx.From).toBe("cored:user:user_sender_001");
-    expect(ctx.To).toBe("cored:bot:bot_user_001");
+    expect(ctx.To).toBe("cored:bot:app_test");
     expect(ctx.SessionKey).toBe("cored:user:user_sender_001");
     expect(ctx.CommandAuthorized).toBe(true);
     expect(ctx._cored.isGroup).toBe(false);
@@ -367,12 +262,6 @@ describe("buildContext", () => {
     expect(ctx._cored.chatId).toBe("chat_group_1");
   });
 
-  it("falls back to appId when botUserId is not set", () => {
-    const msg = parseMessageEvent(makeEvent())!;
-    const account = makeAccount({ botUserId: undefined });
-    const ctx = buildContext(msg, account);
-    expect(ctx.To).toBe("cored:bot:app_test");
-  });
 });
 
 // ---------------------------------------------------------------------------
@@ -386,7 +275,7 @@ describe("processInboundMessage", () => {
 
   it("dispatches a valid direct message", async () => {
     const api = makeMockApi();
-    const account = makeAccount({ requireMention: false });
+    const account = makeAccount();
     const event = makeEvent();
     const deliver = vi.fn().mockResolvedValue(undefined);
 
@@ -397,21 +286,9 @@ describe("processInboundMessage", () => {
     expect(api.runtime.channel.session.recordInboundSession).toHaveBeenCalledOnce();
   });
 
-  it("filters self-messages", async () => {
-    const api = makeMockApi();
-    const account = makeAccount();
-    const event = makeEvent({ sender: { userId: "bot_user_001" } });
-    const deliver = vi.fn();
-
-    const result = await processInboundMessage(api, account, event, { deliver });
-
-    expect(result).toBe(false);
-    expect(api.runtime.channel.reply.dispatchReplyWithBufferedBlockDispatcher).not.toHaveBeenCalled();
-  });
-
   it("filters duplicate messages", async () => {
     const api = makeMockApi();
-    const account = makeAccount({ requireMention: false });
+    const account = makeAccount();
     const msgId = "msg_dedup_test";
     const event = makeEvent({ messageId: msgId });
     const deliver = vi.fn();
@@ -423,31 +300,6 @@ describe("processInboundMessage", () => {
     expect(second).toBe(false);
   });
 
-  it("filters group messages without mention when required", async () => {
-    const api = makeMockApi();
-    const account = makeAccount({ requireMention: true });
-    const event = makeEvent({ chatType: "group" });
-    const deliver = vi.fn();
-
-    const result = await processInboundMessage(api, account, event, { deliver });
-
-    expect(result).toBe(false);
-  });
-
-  it("dispatches group message with mention", async () => {
-    const api = makeMockApi();
-    const account = makeAccount({ requireMention: true });
-    const event = makeEvent({
-      chatType: "group",
-      mentionUserList: [{ userId: "bot_user_001" }],
-    });
-    const deliver = vi.fn().mockResolvedValue(undefined);
-
-    const result = await processInboundMessage(api, account, event, { deliver });
-
-    expect(result).toBe(true);
-  });
-
   it("returns false for unparseable event", async () => {
     const api = makeMockApi();
     const account = makeAccount();
@@ -463,7 +315,7 @@ describe("processInboundMessage", () => {
     const api = makeMockApi();
     // Remove dispatch function
     (api.runtime.channel.reply as Record<string, unknown>).dispatchReplyWithBufferedBlockDispatcher = undefined;
-    const account = makeAccount({ requireMention: false });
+    const account = makeAccount();
     const event = makeEvent();
     const deliver = vi.fn();
 
@@ -482,7 +334,7 @@ describe("processInboundMessage", () => {
     });
     api.runtime.channel.reply.dispatchReplyWithBufferedBlockDispatcher = mockDispatch;
 
-    const account = makeAccount({ requireMention: false });
+    const account = makeAccount();
     const event = makeEvent({ chatId: "chat_deliver_test" });
     const deliver = vi.fn().mockResolvedValue(undefined);
 
@@ -500,7 +352,7 @@ describe("processInboundMessage", () => {
     });
     api.runtime.channel.reply.dispatchReplyWithBufferedBlockDispatcher = mockDispatch;
 
-    const account = makeAccount({ requireMention: false });
+    const account = makeAccount();
     const event = makeEvent();
     const deliver = vi.fn();
 
@@ -511,7 +363,7 @@ describe("processInboundMessage", () => {
 
   it("records session with updateLastRoute for DM", async () => {
     const api = makeMockApi();
-    const account = makeAccount({ requireMention: false });
+    const account = makeAccount();
     const event = makeEvent({ chatId: "chat_dm_001" });
     const deliver = vi.fn().mockResolvedValue(undefined);
 
@@ -528,7 +380,7 @@ describe("processInboundMessage", () => {
 
   it("does not set updateLastRoute for group messages", async () => {
     const api = makeMockApi();
-    const account = makeAccount({ requireMention: false });
+    const account = makeAccount();
     const event = makeEvent({ chatType: "group" });
     const deliver = vi.fn().mockResolvedValue(undefined);
 
@@ -547,7 +399,7 @@ describe("processInboundMessage", () => {
     });
     api.runtime.channel.reply.dispatchReplyWithBufferedBlockDispatcher = mockDispatch;
 
-    const account = makeAccount({ requireMention: false });
+    const account = makeAccount();
     const event = makeEvent();
     const deliver = vi.fn();
 

package/src/messaging/inbound.ts

@@ -14,22 +14,25 @@ import type {
   CoredAccountConfig,
   CoredMessage,
   CoredMessageEvent,
-  PluginApi,
 } from "../types.js";
 
-// Extended PluginApi with runtime surfaces used by this module
-export interface ExtendedPluginApi extends PluginApi {
+// Plugin API surface used by this module.
+// At runtime the full OpenClawPluginApi is provided by the gateway;
+// we only declare the subset we access so the module stays decoupled
+// and testable without importing the full SDK.
+export interface InboundPluginApi {
+  config: Record<string, unknown>;
   runtime?: {
     channel?: {
       reply?: {
-        dispatchReplyWithBufferedBlockDispatcher?: (opts: unknown) => Promise<void>;
+        dispatchReplyWithBufferedBlockDispatcher?: (...args: any[]) => any;
       };
       session?: {
-        recordInboundSession?: (opts: unknown) => Promise<void>;
-        resolveStorePath?: (store: unknown, opts: unknown) => string;
+        recordInboundSession?: (...args: any[]) => any;
+        resolveStorePath?: (...args: any[]) => string;
       };
       routing?: {
-        resolveAgentRoute?: (opts: unknown) => unknown;
+        resolveAgentRoute?: (...args: any[]) => unknown;
       };
     };
   };
@@ -148,41 +151,9 @@ export function checkMessageGate(
   msg: ParsedInboundMessage,
   account: CoredAccountConfig,
 ): GateResult {
-  // 1. Self-message filter: ignore messages from the bot itself
-  if (account.botUserId && msg.senderId === account.botUserId) {
-    return { pass: false, reason: "self-message" };
-  }
-
-  // 2. Whitelist filter: if whitelist is non-empty, only allow listed senders
-  if (account.inboundWhitelist.length > 0) {
-    if (!account.inboundWhitelist.includes(msg.senderId)) {
-      return { pass: false, reason: "sender-not-in-whitelist" };
-    }
-  }
-
-  // 3. Group mention filter: in group chats, require @mention if configured
-  if (
-    msg.chatType === "group" &&
-    account.requireMention &&
-    !isBotMentioned(msg, account)
-  ) {
-    return { pass: false, reason: "group-no-mention" };
-  }
-
   return { pass: true };
 }
 
-/**
- * Check if the bot was @mentioned in a message.
- */
-export function isBotMentioned(
-  msg: ParsedInboundMessage,
-  account: CoredAccountConfig,
-): boolean {
-  if (!account.botUserId) return false;
-  return msg.mentionUserIds.includes(account.botUserId);
-}
-
 // ---------------------------------------------------------------------------
 // Dedup — skip already-processed message IDs
 // ---------------------------------------------------------------------------
@@ -276,7 +247,7 @@ export function buildContext(
   return {
     Body: msg.body,
     From: isGroup ? `cored:chat:${msg.chatId}` : `cored:user:${msg.senderId}`,
-    To: `cored:bot:${account.botUserId ?? account.appId}`,
+    To: `cored:bot:${account.appId}`,
     SessionKey: sessionKey,
     AccountId: account.accountId,
     ChatType: isGroup ? "group" : "direct",
@@ -314,7 +285,7 @@ export interface InboundDispatchOptions {
  * Returns `true` if the message was dispatched, `false` if filtered.
  */
 export async function processInboundMessage(
-  api: ExtendedPluginApi,
+  api: InboundPluginApi,
   account: CoredAccountConfig,
   event: CoredMessageEvent,
   opts: InboundDispatchOptions,

package/src/setup-entry.ts

@@ -2,6 +2,6 @@
 // SPDX-License-Identifier: Apache-2.0
 
 import { defineSetupPluginEntry } from "openclaw/plugin-sdk/core";
-import { coredPlugin } from "./channel.js";
+import { base } from "./channel.js";
 
-export default defineSetupPluginEntry(coredPlugin);
+export default defineSetupPluginEntry(base);

package/src/types.ts

@@ -5,39 +5,30 @@
 
 export interface CoredAccountConfig {
   accountId: string;
-  enabled: boolean;
   appId: string;
   appSecret: string;
   backendUrl: string;
+  enabled: boolean;
   enableEncryption: boolean;
   requestTimeout: number;
-  requireMention: boolean;
-  botUserId?: string;
-  inboundWhitelist: string[];
 }
 
 export interface CoredRawAccountConfig {
   appId?: string;
   appSecret?: string;
   backendUrl?: string;
+  enabled?: boolean;
   enableEncryption?: boolean;
   requestTimeout?: number;
-  requireMention?: boolean;
-  enabled?: boolean;
-  botUserId?: string;
-  inboundWhitelist?: string[];
 }
 
 export interface CoredChannelConfig {
   appId?: string;
   appSecret?: string;
   backendUrl?: string;
+  enabled?: boolean;
   enableEncryption?: boolean;
   requestTimeout?: number;
-  requireMention?: boolean;
-  enabled?: boolean;
-  botUserId?: string;
-  inboundWhitelist?: string[];
   accounts?: Record<string, CoredRawAccountConfig>;
 }
 
@@ -79,7 +70,3 @@ export type ConnectionState =
   | "connected"
   | "disconnecting";
 
-// --- OpenClaw Plugin API (re-export from SDK) ---
-
-// Re-export PluginApi from SDK for convenience
-export type { PluginApi } from "openclaw/plugin-sdk/core";