@jonathangu/openclawbrain 0.3.0 → 0.3.1

package/docs/evidence/2026-03-16/d93f09feea123a08d020fcad8a4523b6c1d26507/status.json

@@ -0,0 +1,276 @@
+{
+  "command": "openclaw",
+  "args": [
+    "status",
+    "--json",
+    "--timeout",
+    "10000"
+  ],
+  "cwd": "/Users/cormorantai/openclawbrain",
+  "exitCode": 0,
+  "signal": null,
+  "ok": true,
+  "stdout": "[plugins] [openclawbrain] Plugin loaded (enabled=true, db=/Users/cormorantai/.openclaw-ocbphase1/lcm.db, threshold=0.75)\n{\n  \"runtimeVersion\": \"2026.3.13\",\n  \"heartbeat\": {\n    \"defaultAgentId\": \"main\",\n    \"agents\": [\n      {\n        \"agentId\": \"main\",\n        \"enabled\": true,\n        \"every\": \"30m\",\n        \"everyMs\": 1800000\n      }\n    ]\n  },\n  \"channelSummary\": [],\n  \"queuedSystemEvents\": [],\n  \"sessions\": {\n    \"paths\": [\n      \"/Users/cormorantai/.openclaw-ocbphase1/agents/main/sessions/sessions.json\"\n    ],\n    \"count\": 1,\n    \"defaults\": {\n      \"model\": \"qwen2.5:7b-instruct\",\n      \"contextTokens\": 262144\n    },\n    \"recent\": [\n      {\n        \"agentId\": \"main\",\n        \"key\": \"agent:main:main\",\n        \"kind\": \"direct\",\n        \"sessionId\": \"475abd74-ed4f-4334-a896-8ffd7d81eec7\",\n        \"updatedAt\": 1773635277472,\n        \"age\": 16057669,\n        \"abortedLastRun\": false,\n        \"inputTokens\": 15733,\n        \"outputTokens\": 280,\n        \"cacheRead\": 0,\n        \"cacheWrite\": 0,\n        \"totalTokens\": 15733,\n        \"totalTokensFresh\": true,\n        \"remainingTokens\": 246411,\n        \"percentUsed\": 6,\n        \"model\": \"qwen2.5:7b-instruct\",\n        \"contextTokens\": 262144,\n        \"flags\": [\n          \"id:475abd74-ed4f-4334-a896-8ffd7d81eec7\"\n        ]\n      }\n    ],\n    \"byAgent\": [\n      {\n        \"agentId\": \"main\",\n        \"path\": \"/Users/cormorantai/.openclaw-ocbphase1/agents/main/sessions/sessions.json\",\n        \"count\": 1,\n        \"recent\": [\n          {\n            \"agentId\": \"main\",\n            \"key\": \"agent:main:main\",\n            \"kind\": \"direct\",\n            \"sessionId\": \"475abd74-ed4f-4334-a896-8ffd7d81eec7\",\n            \"updatedAt\": 1773635277472,\n            \"age\": 16057669,\n            \"abortedLastRun\": false,\n            \"inputTokens\": 15733,\n            \"outputTokens\": 280,\n            \"cacheRead\": 0,\n            \"cacheWrite\": 0,\n            \"totalTokens\": 15733,\n            \"totalTokensFresh\": true,\n            \"remainingTokens\": 246411,\n            \"percentUsed\": 6,\n            \"model\": \"qwen2.5:7b-instruct\",\n            \"contextTokens\": 262144,\n            \"flags\": [\n              \"id:475abd74-ed4f-4334-a896-8ffd7d81eec7\"\n            ]\n          }\n        ]\n      }\n    ]\n  },\n  \"os\": {\n    \"platform\": \"darwin\",\n    \"arch\": \"arm64\",\n    \"release\": \"25.3.0\",\n    \"label\": \"macos 26.3 (arm64)\"\n  },\n  \"update\": {\n    \"root\": \"/Users/cormorantai/opencormorant\",\n    \"installKind\": \"git\",\n    \"packageManager\": \"pnpm\",\n    \"git\": {\n      \"root\": \"/Users/cormorantai/opencormorant\",\n      \"sha\": \"66e02b296fa7c18c04dc94fe071d916042a30137\",\n      \"tag\": null,\n      \"branch\": \"main\",\n      \"upstream\": \"origin/main\",\n      \"dirty\": false,\n      \"ahead\": 0,\n      \"behind\": 544,\n      \"fetchOk\": true\n    },\n    \"deps\": {\n      \"manager\": \"pnpm\",\n      \"status\": \"stale\",\n      \"lockfilePath\": \"/Users/cormorantai/opencormorant/pnpm-lock.yaml\",\n      \"markerPath\": \"/Users/cormorantai/opencormorant/node_modules/.modules.yaml\",\n      \"reason\": \"lockfile newer than install marker\"\n    },\n    \"registry\": {\n      \"latestVersion\": \"2026.3.13\"\n    }\n  },\n  \"updateChannel\": \"dev\",\n  \"updateChannelSource\": \"git-branch\",\n  \"memory\": {\n    \"agentId\": \"main\",\n    \"backend\": \"builtin\",\n    \"files\": 0,\n    \"chunks\": 0,\n    \"dirty\": true,\n    \"workspaceDir\": \"/Users/cormorantai/.openclaw/workspace-ocbphase1\",\n    \"dbPath\": \"/Users/cormorantai/.openclaw-ocbphase1/memory/main.sqlite\",\n    \"provider\": \"gemini\",\n    \"model\": \"gemini-embedding-001\",\n    \"requestedProvider\": \"auto\",\n    \"sources\": [\n      \"memory\"\n    ],\n    \"extraPaths\": [],\n    \"sourceCounts\": [\n      {\n        \"source\": \"memory\",\n        \"files\": 0,\n        \"chunks\": 0\n      }\n    ],\n    \"cache\": {\n      \"enabled\": true,\n      \"entries\": 0\n    },\n    \"fts\": {\n      \"enabled\": true,\n      \"available\": true\n    },\n    \"vector\": {\n      \"enabled\": true,\n      \"available\": true,\n      \"extensionPath\": \"/Users/cormorantai/opencormorant/node_modules/.pnpm/sqlite-vec@0.1.7-alpha.2/node_modules/sqlite-vec-darwin-arm64/vec0.dylib\"\n    },\n    \"batch\": {\n      \"enabled\": false,\n      \"failures\": 0,\n      \"limit\": 2,\n      \"wait\": true,\n      \"concurrency\": 2,\n      \"pollIntervalMs\": 2000,\n      \"timeoutMs\": 3600000\n    },\n    \"custom\": {\n      \"searchMode\": \"hybrid\",\n      \"readonlyRecovery\": {\n        \"attempts\": 0,\n        \"successes\": 0,\n        \"failures\": 0\n      }\n    }\n  },\n  \"memoryPlugin\": {\n    \"enabled\": true,\n    \"slot\": \"memory-core\"\n  },\n  \"gateway\": {\n    \"mode\": \"local\",\n    \"url\": \"ws://127.0.0.1:19031\",\n    \"urlSource\": \"local loopback\",\n    \"misconfigured\": false,\n    \"reachable\": false,\n    \"connectLatencyMs\": null,\n    \"self\": null,\n    \"error\": \"connect failed: connect ECONNREFUSED 127.0.0.1:19031\",\n    \"authWarning\": null\n  },\n  \"gatewayService\": {\n    \"label\": \"LaunchAgent\",\n    \"installed\": false,\n    \"managedByOpenClaw\": false,\n    \"externallyManaged\": false,\n    \"loadedText\": \"not loaded\",\n    \"runtimeShort\": \"unknown\"\n  },\n  \"nodeService\": {\n    \"label\": \"LaunchAgent\",\n    \"installed\": false,\n    \"managedByOpenClaw\": false,\n    \"externallyManaged\": false,\n    \"loadedText\": \"not loaded\",\n    \"runtimeShort\": \"unknown\"\n  },\n  \"agents\": {\n    \"defaultId\": \"main\",\n    \"agents\": [\n      {\n        \"id\": \"main\",\n        \"workspaceDir\": \"/Users/cormorantai/.openclaw/workspace-ocbphase1\",\n        \"bootstrapPending\": true,\n        \"sessionsPath\": \"/Users/cormorantai/.openclaw-ocbphase1/agents/main/sessions/sessions.json\",\n        \"sessionsCount\": 1,\n        \"lastUpdatedAt\": 1773635277472,\n        \"lastActiveAgeMs\": 16057665\n      }\n    ],\n    \"totalSessions\": 1,\n    \"bootstrapPendingCount\": 1\n  },\n  \"securityAudit\": {\n    \"ts\": 1773651337689,\n    \"summary\": {\n      \"critical\": 3,\n      \"warn\": 1,\n      \"info\": 1\n    },\n    \"findings\": [\n      {\n        \"checkId\": \"summary.attack_surface\",\n        \"severity\": \"info\",\n        \"title\": \"Attack surface summary\",\n        \"detail\": \"groups: open=0, allowlist=0\\ntools.elevated: enabled\\nhooks.webhooks: disabled\\nhooks.internal: disabled\\nbrowser control: enabled\\ntrust model: personal assistant (one trusted operator boundary), not hostile multi-tenant on one shared gateway\"\n      },\n      {\n        \"checkId\": \"gateway.trusted_proxies_missing\",\n        \"severity\": \"warn\",\n        \"title\": \"Reverse proxy headers are not trusted\",\n        \"detail\": \"gateway.bind is loopback and gateway.trustedProxies is empty. If you expose the Control UI through a reverse proxy, configure trusted proxies so local-client checks cannot be spoofed.\",\n        \"remediation\": \"Set gateway.trustedProxies to your proxy IPs or keep the Control UI local-only.\"\n      },\n      {\n        \"checkId\": \"gateway.loopback_no_auth\",\n        \"severity\": \"critical\",\n        \"title\": \"Gateway auth missing on loopback\",\n        \"detail\": \"gateway.bind is loopback but no gateway auth secret is configured. If the Control UI is exposed through a reverse proxy, unauthenticated access is possible.\",\n        \"remediation\": \"Set gateway.auth (token recommended) or keep the Control UI local-only.\"\n      },\n      {\n        \"checkId\": \"browser.control_no_auth\",\n        \"severity\": \"critical\",\n        \"title\": \"Browser control has no auth\",\n        \"detail\": \"Browser control HTTP routes are enabled but no gateway.auth token/password is configured. Any local process (or SSRF to loopback) can call browser control endpoints.\",\n        \"remediation\": \"Set gateway.auth.token (recommended) or gateway.auth.password so browser control HTTP routes require authentication. Restarting the gateway will auto-generate gateway.auth.token when browser control is enabled.\"\n      },\n      {\n        \"checkId\": \"models.small_params\",\n        \"severity\": \"critical\",\n        \"title\": \"Small models require sandboxing and web tools disabled\",\n        \"detail\": \"Small models (<=300B params) detected:\\n- ollama/qwen2.5:7b-instruct (7B) @ agents.defaults.model.primary (unsafe; sandbox=off; web=[web_search, web_fetch, browser])\\nUncontrolled input tools allowed: web_search, web_fetch, browser.\\nSmall models are not recommended for untrusted inputs.\",\n        \"remediation\": \"If you must use small models, enable sandboxing for all sessions (agents.defaults.sandbox.mode=\\\"all\\\") and disable web_search/web_fetch/browser (tools.deny=[\\\"group:web\\\",\\\"browser\\\"]).\"\n      }\n    ]\n  },\n  \"secretDiagnostics\": []\n}\n",
+  "stderr": "Config warnings:\\n- plugins.entries.ollama: plugin ollama: plugin id mismatch (manifest uses \"ollama\", entry hints \"ollama-provider\")\n- plugins.entries.sglang: plugin sglang: plugin id mismatch (manifest uses \"sglang\", entry hints \"sglang-provider\")\n- plugins.entries.vllm: plugin vllm: plugin id mismatch (manifest uses \"vllm\", entry hints \"vllm-provider\")\n[plugins] plugins.allow is empty; discovered non-bundled plugins may auto-load: openclawbrain (/Users/cormorantai/openclawbrain/index.ts). Set plugins.allow to explicit trusted ids.\n[plugins] [brain] Embedding model is unset; learned retrieval is disabled until init/configuration is complete\nConfig warnings:\\n- plugins.entries.ollama: plugin ollama: plugin id mismatch (manifest uses \"ollama\", entry hints \"ollama-provider\")\n- plugins.entries.sglang: plugin sglang: plugin id mismatch (manifest uses \"sglang\", entry hints \"sglang-provider\")\n- plugins.entries.vllm: plugin vllm: plugin id mismatch (manifest uses \"vllm\", entry hints \"vllm-provider\")\n",
+  "error": null,
+  "parsed": {
+    "runtimeVersion": "2026.3.13",
+    "heartbeat": {
+      "defaultAgentId": "main",
+      "agents": [
+        {
+          "agentId": "main",
+          "enabled": true,
+          "every": "30m",
+          "everyMs": 1800000
+        }
+      ]
+    },
+    "channelSummary": [],
+    "queuedSystemEvents": [],
+    "sessions": {
+      "paths": [
+        "/Users/cormorantai/.openclaw-ocbphase1/agents/main/sessions/sessions.json"
+      ],
+      "count": 1,
+      "defaults": {
+        "model": "qwen2.5:7b-instruct",
+        "contextTokens": 262144
+      },
+      "recent": [
+        {
+          "agentId": "main",
+          "key": "agent:main:main",
+          "kind": "direct",
+          "sessionId": "475abd74-ed4f-4334-a896-8ffd7d81eec7",
+          "updatedAt": 1773635277472,
+          "age": 16057669,
+          "abortedLastRun": false,
+          "inputTokens": 15733,
+          "outputTokens": 280,
+          "cacheRead": 0,
+          "cacheWrite": 0,
+          "totalTokens": 15733,
+          "totalTokensFresh": true,
+          "remainingTokens": 246411,
+          "percentUsed": 6,
+          "model": "qwen2.5:7b-instruct",
+          "contextTokens": 262144,
+          "flags": [
+            "id:475abd74-ed4f-4334-a896-8ffd7d81eec7"
+          ]
+        }
+      ],
+      "byAgent": [
+        {
+          "agentId": "main",
+          "path": "/Users/cormorantai/.openclaw-ocbphase1/agents/main/sessions/sessions.json",
+          "count": 1,
+          "recent": [
+            {
+              "agentId": "main",
+              "key": "agent:main:main",
+              "kind": "direct",
+              "sessionId": "475abd74-ed4f-4334-a896-8ffd7d81eec7",
+              "updatedAt": 1773635277472,
+              "age": 16057669,
+              "abortedLastRun": false,
+              "inputTokens": 15733,
+              "outputTokens": 280,
+              "cacheRead": 0,
+              "cacheWrite": 0,
+              "totalTokens": 15733,
+              "totalTokensFresh": true,
+              "remainingTokens": 246411,
+              "percentUsed": 6,
+              "model": "qwen2.5:7b-instruct",
+              "contextTokens": 262144,
+              "flags": [
+                "id:475abd74-ed4f-4334-a896-8ffd7d81eec7"
+              ]
+            }
+          ]
+        }
+      ]
+    },
+    "os": {
+      "platform": "darwin",
+      "arch": "arm64",
+      "release": "25.3.0",
+      "label": "macos 26.3 (arm64)"
+    },
+    "update": {
+      "root": "/Users/cormorantai/opencormorant",
+      "installKind": "git",
+      "packageManager": "pnpm",
+      "git": {
+        "root": "/Users/cormorantai/opencormorant",
+        "sha": "66e02b296fa7c18c04dc94fe071d916042a30137",
+        "tag": null,
+        "branch": "main",
+        "upstream": "origin/main",
+        "dirty": false,
+        "ahead": 0,
+        "behind": 544,
+        "fetchOk": true
+      },
+      "deps": {
+        "manager": "pnpm",
+        "status": "stale",
+        "lockfilePath": "/Users/cormorantai/opencormorant/pnpm-lock.yaml",
+        "markerPath": "/Users/cormorantai/opencormorant/node_modules/.modules.yaml",
+        "reason": "lockfile newer than install marker"
+      },
+      "registry": {
+        "latestVersion": "2026.3.13"
+      }
+    },
+    "updateChannel": "dev",
+    "updateChannelSource": "git-branch",
+    "memory": {
+      "agentId": "main",
+      "backend": "builtin",
+      "files": 0,
+      "chunks": 0,
+      "dirty": true,
+      "workspaceDir": "/Users/cormorantai/.openclaw/workspace-ocbphase1",
+      "dbPath": "/Users/cormorantai/.openclaw-ocbphase1/memory/main.sqlite",
+      "provider": "gemini",
+      "model": "gemini-embedding-001",
+      "requestedProvider": "auto",
+      "sources": [
+        "memory"
+      ],
+      "extraPaths": [],
+      "sourceCounts": [
+        {
+          "source": "memory",
+          "files": 0,
+          "chunks": 0
+        }
+      ],
+      "cache": {
+        "enabled": true,
+        "entries": 0
+      },
+      "fts": {
+        "enabled": true,
+        "available": true
+      },
+      "vector": {
+        "enabled": true,
+        "available": true,
+        "extensionPath": "/Users/cormorantai/opencormorant/node_modules/.pnpm/sqlite-vec@0.1.7-alpha.2/node_modules/sqlite-vec-darwin-arm64/vec0.dylib"
+      },
+      "batch": {
+        "enabled": false,
+        "failures": 0,
+        "limit": 2,
+        "wait": true,
+        "concurrency": 2,
+        "pollIntervalMs": 2000,
+        "timeoutMs": 3600000
+      },
+      "custom": {
+        "searchMode": "hybrid",
+        "readonlyRecovery": {
+          "attempts": 0,
+          "successes": 0,
+          "failures": 0
+        }
+      }
+    },
+    "memoryPlugin": {
+      "enabled": true,
+      "slot": "memory-core"
+    },
+    "gateway": {
+      "mode": "local",
+      "url": "ws://127.0.0.1:19031",
+      "urlSource": "local loopback",
+      "misconfigured": false,
+      "reachable": false,
+      "connectLatencyMs": null,
+      "self": null,
+      "error": "connect failed: connect ECONNREFUSED 127.0.0.1:19031",
+      "authWarning": null
+    },
+    "gatewayService": {
+      "label": "LaunchAgent",
+      "installed": false,
+      "managedByOpenClaw": false,
+      "externallyManaged": false,
+      "loadedText": "not loaded",
+      "runtimeShort": "unknown"
+    },
+    "nodeService": {
+      "label": "LaunchAgent",
+      "installed": false,
+      "managedByOpenClaw": false,
+      "externallyManaged": false,
+      "loadedText": "not loaded",
+      "runtimeShort": "unknown"
+    },
+    "agents": {
+      "defaultId": "main",
+      "agents": [
+        {
+          "id": "main",
+          "workspaceDir": "/Users/cormorantai/.openclaw/workspace-ocbphase1",
+          "bootstrapPending": true,
+          "sessionsPath": "/Users/cormorantai/.openclaw-ocbphase1/agents/main/sessions/sessions.json",
+          "sessionsCount": 1,
+          "lastUpdatedAt": 1773635277472,
+          "lastActiveAgeMs": 16057665
+        }
+      ],
+      "totalSessions": 1,
+      "bootstrapPendingCount": 1
+    },
+    "securityAudit": {
+      "ts": 1773651337689,
+      "summary": {
+        "critical": 3,
+        "warn": 1,
+        "info": 1
+      },
+      "findings": [
+        {
+          "checkId": "summary.attack_surface",
+          "severity": "info",
+          "title": "Attack surface summary",
+          "detail": "groups: open=0, allowlist=0\ntools.elevated: enabled\nhooks.webhooks: disabled\nhooks.internal: disabled\nbrowser control: enabled\ntrust model: personal assistant (one trusted operator boundary), not hostile multi-tenant on one shared gateway"
+        },
+        {
+          "checkId": "gateway.trusted_proxies_missing",
+          "severity": "warn",
+          "title": "Reverse proxy headers are not trusted",
+          "detail": "gateway.bind is loopback and gateway.trustedProxies is empty. If you expose the Control UI through a reverse proxy, configure trusted proxies so local-client checks cannot be spoofed.",
+          "remediation": "Set gateway.trustedProxies to your proxy IPs or keep the Control UI local-only."
+        },
+        {
+          "checkId": "gateway.loopback_no_auth",
+          "severity": "critical",
+          "title": "Gateway auth missing on loopback",
+          "detail": "gateway.bind is loopback but no gateway auth secret is configured. If the Control UI is exposed through a reverse proxy, unauthenticated access is possible.",
+          "remediation": "Set gateway.auth (token recommended) or keep the Control UI local-only."
+        },
+        {
+          "checkId": "browser.control_no_auth",
+          "severity": "critical",
+          "title": "Browser control has no auth",
+          "detail": "Browser control HTTP routes are enabled but no gateway.auth token/password is configured. Any local process (or SSRF to loopback) can call browser control endpoints.",
+          "remediation": "Set gateway.auth.token (recommended) or gateway.auth.password so browser control HTTP routes require authentication. Restarting the gateway will auto-generate gateway.auth.token when browser control is enabled."
+        },
+        {
+          "checkId": "models.small_params",
+          "severity": "critical",
+          "title": "Small models require sandboxing and web tools disabled",
+          "detail": "Small models (<=300B params) detected:\n- ollama/qwen2.5:7b-instruct (7B) @ agents.defaults.model.primary (unsafe; sandbox=off; web=[web_search, web_fetch, browser])\nUncontrolled input tools allowed: web_search, web_fetch, browser.\nSmall models are not recommended for untrusted inputs.",
+          "remediation": "If you must use small models, enable sandboxing for all sessions (agents.defaults.sandbox.mode=\"all\") and disable web_search/web_fetch/browser (tools.deny=[\"group:web\",\"browser\"])."
+        }
+      ]
+    },
+    "secretDiagnostics": []
+  }
+}

package/docs/evidence/2026-03-16/d93f09feea123a08d020fcad8a4523b6c1d26507/summary.md

@@ -0,0 +1,13 @@
+# OpenClawBrain validation summary
+
+- commit: `d93f09feea123a08d020fcad8a4523b6c1d26507`
+- validation mode: sterile-lane
+- config path: `/Users/cormorantai/.openclaw-ocbphase1/openclaw.json`
+- state dir: `/Users/cormorantai/.openclaw-ocbphase1`
+- workspace: `/Users/cormorantai/.openclaw/workspace-ocbphase1`
+- artifact dir: `/Users/cormorantai/openclawbrain/docs/evidence/2026-03-16/d93f09feea123a08d020fcad8a4523b6c1d26507`
+
+## Assertions
+
+## Skipped
+- init-and-agent-checks: --setup-only was requested.

package/docs/evidence/2026-03-16/d93f09feea123a08d020fcad8a4523b6c1d26507/trace.json

@@ -0,0 +1,4 @@
+{
+  "skipped": true,
+  "reason": "No trace snapshot captured."
+}