@limits/openclaw 0.0.1 → 0.0.3

package/README.md

@@ -23,6 +23,7 @@
 - [Security](#security-openclaw--limits)
 - [Development](#development)
 - [Migration from limits-enforcer](#migration-from-limits-enforcer)
+- [Troubleshooting](#troubleshooting)
 - [License](#license)
 
 ---
@@ -46,6 +47,7 @@ Then register the plugin with OpenClaw:
 ```bash
 openclaw plugins install ./node_modules/@limits/openclaw
 openclaw plugins enable "@limits/openclaw"
+openclaw gateway restart
 ```
 
 ---
@@ -59,6 +61,12 @@ openclaw plugins enable "@limits/openclaw"
 openclaw limits configure
 ```
 
+If you see **`error: unknown command 'limits'`**, the OpenClaw CLI may not load plugin commands in your environment. Run the configure script directly (from a directory where the package is installed):
+
+```bash
+node node_modules/@limits/openclaw/scripts/configure.js
+```
+
 Or set config manually:
 
 ```json
@@ -282,6 +290,34 @@ If you were using the plugin under the old name **limits-enforcer**, update your
 
 After renaming, reinstall the plugin and enable `"@limits/openclaw"`.
 
+---
+
+## Troubleshooting
+
+- **Config warning "plugin id mismatch (manifest uses '@limits/openclaw', entry hints 'openclaw')"**  
+  Some OpenClaw gateways install scoped packages under `extensions/openclaw` instead of `extensions/@limits/openclaw`. The gateway then infers the plugin id from the folder name (`openclaw`), which does not match the manifest id `@limits/openclaw`, so the plugin may not load and `openclaw limits configure` shows **unknown command 'limits'**.
+
+  **Workaround — install under the scoped path so the gateway matches the config entry:**
+  ```bash
+  # Create the scope directory and install the package there (adjust if you use npm -g or another path)
+  mkdir -p ~/.openclaw/extensions/@limits
+  cp -r ./node_modules/@limits/openclaw ~/.openclaw/extensions/@limits/
+
+  # Tell OpenClaw to load the plugin from that path
+  openclaw plugins install ~/.openclaw/extensions/@limits/openclaw
+  openclaw plugins enable "@limits/openclaw"
+  openclaw gateway restart
+  ```
+  Then run `openclaw limits configure`.
+
+- **`error: unknown command 'limits'`**  
+  The plugin did not load (often due to the id mismatch above). Use the workaround above, or run the configure wizard without the OpenClaw CLI:
+  ```bash
+  node node_modules/@limits/openclaw/scripts/configure.js
+  ```
+  Or from the plugin repo: `npm run configure`.
+
+
 ---
 
 ## License

package/dist/src/config.js

@@ -0,0 +1,38 @@
+/**
+ * Plugin config: loaded from gateway config with env var overrides.
+ */
+const STATIC_BASE_URL = "https://extensionally-jettisonable-rosann.ngrok-free.dev";
+const DEFAULTS = {
+    baseUrl: STATIC_BASE_URL,
+    timeoutMs: 2500,
+    failMode: "allow",
+    tokenSource: "event.metadata.apiToken",
+    redactLogs: true,
+};
+export function loadConfig(api) {
+    const raw = api.config?.plugins?.entries?.["@limits/openclaw"]?.config ?? {};
+    // baseUrl defaults to static; not in wizard or schema so users don't edit it (config override only for tests/advanced)
+    const baseUrl = raw.baseUrl ?? DEFAULTS.baseUrl;
+    const timeoutMs = typeof process.env.LIMITS_ENFORCER_TIMEOUT_MS === "string"
+        ? parseInt(process.env.LIMITS_ENFORCER_TIMEOUT_MS, 10)
+        : raw.timeoutMs ?? DEFAULTS.timeoutMs;
+    const failMode = process.env.LIMITS_ENFORCER_FAIL_MODE ??
+        raw.failMode ??
+        DEFAULTS.failMode;
+    const tokenSource = process.env.LIMITS_ENFORCER_TOKEN_SOURCE ??
+        raw.tokenSource ??
+        DEFAULTS.tokenSource;
+    const redactLogs = process.env.LIMITS_ENFORCER_REDACT_LOGS !== undefined
+        ? process.env.LIMITS_ENFORCER_REDACT_LOGS === "true" ||
+            process.env.LIMITS_ENFORCER_REDACT_LOGS === "1"
+        : raw.redactLogs ?? DEFAULTS.redactLogs;
+    const apiToken = process.env.LIMITS_ENFORCER_API_TOKEN ?? raw.apiToken ?? undefined;
+    return {
+        baseUrl,
+        timeoutMs: Number.isNaN(timeoutMs) ? DEFAULTS.timeoutMs : timeoutMs,
+        failMode: failMode === "block" ? "block" : "allow",
+        tokenSource: typeof tokenSource === "string" ? tokenSource : DEFAULTS.tokenSource,
+        redactLogs: Boolean(redactLogs),
+        ...(typeof apiToken === "string" && apiToken.length > 0 && { apiToken }),
+    };
+}

package/dist/src/configure-wizard.js

@@ -0,0 +1,117 @@
+import { createInterface } from "node:readline";
+import { spawn } from "node:child_process";
+import { dirname, join } from "node:path";
+import { fileURLToPath } from "node:url";
+import fs from "node:fs";
+import os from "node:os";
+const CONFIG_PREFIX = 'plugins.entries["@limits/openclaw"].config';
+const SKILL_NAME = "limits-policy-generator";
+function getPluginRoot() {
+    const currentDir = dirname(fileURLToPath(import.meta.url));
+    return join(currentDir, "..");
+}
+function getWorkspaceSkillsDest() {
+    const workspaceRoot = process.env.OPENCLAW_WORKSPACE || join(os.homedir(), ".openclaw", "workspace");
+    return join(workspaceRoot, "skills", SKILL_NAME);
+}
+function copySkillToWorkspace() {
+    const pluginRoot = getPluginRoot();
+    const source = join(pluginRoot, "skills", SKILL_NAME);
+    const dest = getWorkspaceSkillsDest();
+    if (!fs.existsSync(source)) {
+        console.log("\nSkill source not found, skipping.");
+        return;
+    }
+    try {
+        fs.mkdirSync(dest, { recursive: true });
+        fs.cpSync(source, dest, { recursive: true });
+        console.log(`\nCopied ${SKILL_NAME} to ${dest}.`);
+    }
+    catch (err) {
+        console.error("\nFailed to copy skill:", err instanceof Error ? err.message : String(err));
+    }
+}
+export function ask(rl, question, defaultValue = "") {
+    const prompt = defaultValue ? `${question} [${defaultValue}]: ` : `${question}: `;
+    return new Promise((resolve) => {
+        rl.question(prompt, (answer) => {
+            resolve(typeof answer === "string" && answer.trim() !== "" ? answer.trim() : defaultValue);
+        });
+    });
+}
+function runConfigSet(key, value) {
+    return new Promise((resolve, reject) => {
+        const fullKey = `${CONFIG_PREFIX}.${key}`;
+        const child = spawn("openclaw", ["config", "set", fullKey, value], {
+            stdio: "inherit",
+            shell: true,
+        });
+        child.on("close", (code) => code === 0 ? resolve() : reject(new Error(`openclaw config set exited ${code}`)));
+        child.on("error", reject);
+    });
+}
+function runConfigGet(fullKey) {
+    return new Promise((resolve) => {
+        const child = spawn("openclaw", ["config", "get", fullKey], {
+            stdio: ["inherit", "pipe", "inherit"],
+            shell: true,
+        });
+        let out = "";
+        child.stdout?.on("data", (d) => (out += d.toString()));
+        child.on("close", () => resolve(out.trim()));
+        child.on("error", () => resolve(""));
+    });
+}
+function runConfigSetFull(fullKey, value) {
+    return new Promise((resolve, reject) => {
+        const child = spawn("openclaw", ["config", "set", fullKey, value], {
+            stdio: "inherit",
+            shell: true,
+        });
+        child.on("close", (code) => code === 0 ? resolve() : reject(new Error(`openclaw config set exited ${code}`)));
+        child.on("error", reject);
+    });
+}
+/**
+ * Run the configure wizard (interactive prompts, then openclaw config set).
+ * Call this when the user runs `openclaw limits configure` or after link.
+ */
+export async function runConfigureWizard() {
+    const rl = createInterface({ input: process.stdin, output: process.stdout });
+    console.log("\n🦞 Limits OpenClaw — configure plugin (API token)");
+    console.log("   Base URL is fixed. apiToken is used for /openclaw/enforce and policy-generator tools. Run after: openclaw plugins install -l <path>\n");
+    const apiToken = await ask(rl, "Organization API key (apiToken) — required for enforce and policy-generator tools", process.env.LIMITS_ENFORCER_API_TOKEN ?? "");
+    const sandboxAnswer = await ask(rl, "Do you run agents inside a sandbox?", "N");
+    const addSkillAnswer = await ask(rl, "Add limits-policy-generator skill to OpenClaw workspace?", "Y");
+    rl.close();
+    if (apiToken)
+        await runConfigSet("apiToken", JSON.stringify(apiToken));
+    const sandboxYes = /^y(es)?$/i.test(sandboxAnswer.trim());
+    if (sandboxYes) {
+        const SANDBOX_ALLOW_KEY = "tools.sandbox.tools.allow";
+        const raw = await runConfigGet(SANDBOX_ALLOW_KEY);
+        let allow = [];
+        if (raw) {
+            try {
+                const parsed = JSON.parse(raw);
+                allow = Array.isArray(parsed) ? parsed : [];
+            }
+            catch {
+                allow = [];
+            }
+        }
+        if (allow.includes("@limits/openclaw")) {
+            console.log("\n@limits/openclaw is already in tools.sandbox.tools.allow, skipping.");
+        }
+        else {
+            allow.push("@limits/openclaw");
+            await runConfigSetFull(SANDBOX_ALLOW_KEY, JSON.stringify(allow));
+            console.log("\nAdded @limits/openclaw to tools.sandbox.tools.allow.");
+        }
+    }
+    const addSkillYes = /^y(es)?$/i.test(addSkillAnswer.trim());
+    if (addSkillYes)
+        copySkillToWorkspace();
+    console.log("\nDone. Restart the gateway if it is running.");
+    console.log('Verify: openclaw config get plugins.entries["@limits/openclaw"]\n');
+}

package/dist/src/enforcer.js

@@ -0,0 +1,49 @@
+/**
+ * SaaS HTTP client: POST /openclaw/enforce with timeout and retries.
+ * Never logs request body or apiToken.
+ */
+const RETRY_DELAYS_MS = [200, 400];
+function isRetryableStatus(status) {
+    return status === 429 || (status >= 500 && status < 600);
+}
+export async function callEnforce(config, body) {
+    const url = `${config.baseUrl.replace(/\/$/, "")}/openclaw/enforce`;
+    for (let attempt = 0; attempt <= RETRY_DELAYS_MS.length; attempt++) {
+        const controller = new AbortController();
+        const timeoutId = setTimeout(() => controller.abort(), config.timeoutMs);
+        try {
+            const res = await fetch(url, {
+                method: "POST",
+                headers: { "Content-Type": "application/json" },
+                body: JSON.stringify(body),
+                signal: controller.signal,
+            });
+            clearTimeout(timeoutId);
+            if (!res.ok) {
+                if (isRetryableStatus(res.status) && attempt < RETRY_DELAYS_MS.length) {
+                    await new Promise((r) => setTimeout(r, RETRY_DELAYS_MS[attempt] ?? 0));
+                    continue;
+                }
+                return null;
+            }
+            const data = (await res.json());
+            if (data &&
+                typeof data === "object" &&
+                "action" in data &&
+                typeof data.action === "string") {
+                return data;
+            }
+            return null;
+        }
+        catch (err) {
+            clearTimeout(timeoutId);
+            const isAbort = err.name === "AbortError";
+            if (!isAbort && attempt < RETRY_DELAYS_MS.length) {
+                await new Promise((r) => setTimeout(r, RETRY_DELAYS_MS[attempt] ?? 0));
+                continue;
+            }
+            return null;
+        }
+    }
+    return null;
+}

package/dist/src/index.js

@@ -0,0 +1,299 @@
+/**
+ * @limits/openclaw: register(api) entrypoint — wires before_tool_call and after_tool_call.
+ */
+import { loadConfig } from "./config.js";
+import { callEnforce } from "./enforcer.js";
+import { log } from "./logger.js";
+import { extractToken } from "./token.js";
+import { runConfigureWizard } from "./configure-wizard.js";
+let firstPreFired = false;
+function getEventAndCtx(args) {
+    if (args.length >= 2) {
+        return { event: args[0], ctx: args[1] };
+    }
+    const payload = args[0];
+    if (payload && typeof payload === "object" && "event" in payload) {
+        const p = payload;
+        return { event: p.event, ctx: p.ctx ?? p.context };
+    }
+    return { event: payload, ctx: undefined };
+}
+function getToolFromEvent(event) {
+    if (!event || typeof event !== "object")
+        return {};
+    const e = event;
+    return {
+        name: typeof e.toolName === "string" ? e.toolName : undefined,
+        args: e.toolParams ?? e.args ?? e.arguments,
+        toolCallId: typeof e.toolCallId === "string"
+            ? e.toolCallId
+            : typeof e.id === "string"
+                ? e.id
+                : undefined,
+    };
+}
+function buildContext(event, ctx) {
+    const e = event && typeof event === "object" ? event : {};
+    const c = ctx && typeof ctx === "object" ? ctx : {};
+    const requestId = (e.requestId ?? c.requestId);
+    const runId = (e.runId ?? c.runId);
+    const sessionKey = (e.sessionKey ?? c.sessionKey);
+    const agentId = (e.agentId ?? c.agentId);
+    const channel = (e.channel ?? c.channel);
+    const userMessageSummary = (e.userMessageSummary ?? c.userMessageSummary);
+    if (requestId === undefined &&
+        runId === undefined &&
+        sessionKey === undefined &&
+        agentId === undefined &&
+        channel === undefined &&
+        userMessageSummary === undefined) {
+        return undefined;
+    }
+    return {
+        ...(typeof requestId === "string" && { requestId }),
+        ...(typeof runId === "string" && { runId }),
+        ...(typeof sessionKey === "string" && { sessionKey }),
+        ...(typeof agentId === "string" && { agentId }),
+        ...(typeof channel === "string" && { channel }),
+        ...(typeof userMessageSummary === "string" && { userMessageSummary }),
+    };
+}
+function getResultFromPayload(args) {
+    const payload = args[0];
+    if (payload && typeof payload === "object" && "result" in payload) {
+        return payload.result;
+    }
+    if (args.length >= 2)
+        return args[1];
+    return undefined;
+}
+function textResult(text) {
+    return { content: [{ type: "text", text }] };
+}
+const POLICY_MODES = ["INSTRUCTIONS", "CONDITIONS", "GUARDRAIL"];
+function registerPolicyTools(api) {
+    const config = loadConfig(api);
+    const baseUrl = config.baseUrl.replace(/\/$/, "");
+    const apiKey = config.apiToken;
+    if (!baseUrl || !apiKey || typeof api.registerTool !== "function") {
+        return;
+    }
+    api.registerTool({
+        name: "limits_generate_create_policy",
+        description: "Generate a new policy from natural language and create it on the Limits backend. Use when the user wants to add a new policy (e.g. block payment tools, add a guardrail).",
+        parameters: {
+            type: "object",
+            properties: {
+                input: {
+                    type: "string",
+                    description: "Natural-language description of the policy (what to block, allow, or require).",
+                },
+                mode: {
+                    type: "string",
+                    enum: POLICY_MODES,
+                    description: "INSTRUCTIONS | CONDITIONS | GUARDRAIL. Default INSTRUCTIONS. Use GUARDRAIL for rules that scan tool output.",
+                },
+                tools: {
+                    type: "array",
+                    items: { type: "string" },
+                    description: 'Required. Specifies which tool calls this policy applies to. Use ["*"] to apply to all tools / all requests. Use exact tool names (e.g. "read_file") or dot-star prefix patterns (e.g. "stripe_.*") for specific tools. The backend also accepts "stripe_*" and normalizes it to "stripe_.*". Examples: ["*"], ["read_file"], ["stripe_.*", "payment_.*"].',
+                },
+            },
+            required: ["input", "tools"],
+        },
+        async execute(_id, params) {
+            const input = String(params?.input ?? "").trim();
+            if (!input)
+                return textResult("Error: input is required.");
+            const toolsRaw = params?.tools;
+            if (!Array.isArray(toolsRaw) ||
+                toolsRaw.length === 0 ||
+                !toolsRaw.every((t) => typeof t === "string" && t.trim() !== "")) {
+                return textResult('Error: tools is required and must be a non-empty array of strings. Use ["*"] for all tools / all requests, or specific tool names / prefix patterns (e.g. ["stripe_.*"]).');
+            }
+            const tools = toolsRaw;
+            const mode = params?.mode && POLICY_MODES.includes(params.mode) ? params.mode : "INSTRUCTIONS";
+            try {
+                const res = await fetch(`${baseUrl}/api/policies/generatecreate`, {
+                    method: "POST",
+                    headers: {
+                        Authorization: `Bearer ${apiKey}`,
+                        "Content-Type": "application/json",
+                    },
+                    body: JSON.stringify({ input, mode, tools }),
+                });
+                const body = await res.text();
+                if (!res.ok)
+                    return textResult(`Limits API error (${res.status}): ${body || res.statusText}`);
+                return textResult(body || "Policy created.");
+            }
+            catch (err) {
+                return textResult(`Request failed: ${String(err)}`);
+            }
+        }
+    }, { optional: true });
+    api.registerTool({
+        name: "limits_generate_update_policy",
+        description: "Generate updates from natural language and apply them to an existing policy on the Limits backend. Use when the user wants to change an existing policy.",
+        parameters: {
+            type: "object",
+            properties: {
+                policyId: {
+                    type: "string",
+                    description: "The ID (UUID) of the existing policy to update.",
+                },
+                input: {
+                    type: "string",
+                    description: "Natural-language description of the changes or additions.",
+                },
+                mode: {
+                    type: "string",
+                    enum: POLICY_MODES,
+                    description: "INSTRUCTIONS | CONDITIONS | GUARDRAIL.",
+                },
+            },
+            required: ["policyId", "input"],
+        },
+        async execute(_id, params) {
+            const policyId = String(params?.policyId ?? "").trim();
+            const input = String(params?.input ?? "").trim();
+            if (!policyId || !input)
+                return textResult("Error: policyId and input are required.");
+            const mode = params?.mode && POLICY_MODES.includes(params.mode) ? params.mode : "INSTRUCTIONS";
+            try {
+                const res = await fetch(`${baseUrl}/api/policies/${encodeURIComponent(policyId)}/generateupdate`, {
+                    method: "POST",
+                    headers: {
+                        Authorization: `Bearer ${apiKey}`,
+                        "Content-Type": "application/json",
+                    },
+                    body: JSON.stringify({ input, mode }),
+                });
+                const body = await res.text();
+                if (!res.ok)
+                    return textResult(`Limits API error (${res.status}): ${body || res.statusText}`);
+                return textResult(body || "Policy updated.");
+            }
+            catch (err) {
+                return textResult(`Request failed: ${String(err)}`);
+            }
+        }
+    }, { optional: true });
+    log("policy-generator tools registered (limits_generate_create_policy, limits_generate_update_policy)");
+}
+export function register(api) {
+    log("@limits/openclaw loaded");
+    if (typeof api.on !== "function") {
+        log("api.on not available, hooks not registered");
+        return;
+    }
+    api.on("before_tool_call", async (...args) => {
+        if (!firstPreFired) {
+            firstPreFired = true;
+            log("before_tool_call observed");
+        }
+        const config = loadConfig(api);
+        if (!config.baseUrl) {
+            return config.failMode === "block"
+                ? { block: true, reason: "enforcement unavailable" }
+                : null;
+        }
+        const { event, ctx } = getEventAndCtx(args);
+        const apiToken = extractToken(config.tokenSource, event, ctx) ?? config.apiToken;
+        const tool = getToolFromEvent(event);
+        const context = buildContext(event, ctx);
+        const body = {
+            phase: "pre",
+            apiToken,
+            tool: { name: tool.name, args: tool.args, toolCallId: tool.toolCallId },
+            ...(context && Object.keys(context).length > 0 && { context }),
+        };
+        let response;
+        try {
+            response = await callEnforce(config, body);
+        }
+        catch {
+            response = null;
+        }
+        if (!response) {
+            if (config.failMode === "block") {
+                return { block: true, reason: "enforcement unavailable" };
+            }
+            return null;
+        }
+        if (response.action === "ALLOW")
+            return null;
+        if (response.action === "BLOCK") {
+            return {
+                block: true,
+                reason: typeof response.reason === "string"
+                    ? response.reason
+                    : "Blocked by policy",
+            };
+        }
+        if (response.action === "REWRITE" && "rewriteArgs" in response && response.rewriteArgs !== undefined) {
+            return { args: response.rewriteArgs };
+        }
+        return null;
+    });
+    api.on("after_tool_call", async (...args) => {
+        const config = loadConfig(api);
+        if (!config.baseUrl) {
+            if (config.failMode === "block") {
+                return { result: "[BLOCKED by policy — content withheld]" };
+            }
+            return null;
+        }
+        const { event, ctx } = getEventAndCtx(args);
+        const apiToken = extractToken(config.tokenSource, event, ctx) ?? config.apiToken;
+        const tool = getToolFromEvent(event);
+        const result = getResultFromPayload(args);
+        const context = buildContext(event, ctx);
+        const body = {
+            phase: "post",
+            apiToken,
+            tool: {
+                name: tool.name,
+                args: tool.args,
+                toolCallId: tool.toolCallId,
+                result,
+            },
+            ...(context && Object.keys(context).length > 0 && { context }),
+        };
+        let response;
+        try {
+            response = await callEnforce(config, body);
+        }
+        catch {
+            response = null;
+        }
+        if (!response) {
+            if (config.failMode === "block") {
+                return { result: "[BLOCKED by policy — content withheld]" };
+            }
+            return null;
+        }
+        if (response.action === "ALLOW")
+            return null;
+        if (response.action === "BLOCK") {
+            return { result: "[BLOCKED by policy — content withheld]" };
+        }
+        if (response.action === "REDACT" && response.redactedResult !== undefined) {
+            return { result: response.redactedResult };
+        }
+        if (response.action === "REWRITE" && response.rewrittenResult !== undefined) {
+            return { result: response.rewrittenResult };
+        }
+        return null;
+    });
+    registerPolicyTools(api);
+    if (typeof api.registerCli === "function") {
+        api.registerCli((opts) => {
+            const program = opts.program;
+            const root = program.command("limits").description("Limits OpenClaw plugin");
+            root.command("configure").description("Configure API token and base URL (wizard)").action(async () => {
+                await runConfigureWizard();
+            });
+        }, { commands: ["limits"] });
+    }
+}

package/dist/src/logger.js

@@ -0,0 +1,22 @@
+/**
+ * Safe logger for @limits/openclaw. Never logs apiToken, request body, or tool args.
+ */
+const PREFIX = "[@limits/openclaw]";
+export function log(message, ...safeArgs) {
+    const safe = safeArgs.map((a) => typeof a === "string" || typeof a === "number" || typeof a === "boolean"
+        ? a
+        : "[object]");
+    console.log(PREFIX, message, ...safe);
+}
+export function warn(message, ...safeArgs) {
+    const safe = safeArgs.map((a) => typeof a === "string" || typeof a === "number" || typeof a === "boolean"
+        ? a
+        : "[object]");
+    console.warn(PREFIX, message, ...safe);
+}
+export function error(message, ...safeArgs) {
+    const safe = safeArgs.map((a) => typeof a === "string" || typeof a === "number" || typeof a === "boolean"
+        ? a
+        : "[object]");
+    console.error(PREFIX, message, ...safe);
+}

package/dist/src/token.js

@@ -0,0 +1,36 @@
+/**
+ * Extract API token from a dot-separated path (event, ctx, or env).
+ * Never throws; returns undefined if path is missing or invalid.
+ */
+export function extractToken(tokenSource, event, ctx) {
+    if (typeof tokenSource !== "string" || !tokenSource.trim()) {
+        return undefined;
+    }
+    const path = tokenSource.trim().split(".");
+    if (path.length < 2) {
+        return undefined;
+    }
+    const [root, ...rest] = path;
+    let obj;
+    if (root === "event") {
+        obj = event;
+    }
+    else if (root === "ctx") {
+        obj = ctx;
+    }
+    else if (root === "env") {
+        const key = rest.join(".");
+        const val = process.env[key];
+        return typeof val === "string" ? val : undefined;
+    }
+    else {
+        return undefined;
+    }
+    for (const key of rest) {
+        if (obj === null || obj === undefined || typeof obj !== "object") {
+            return undefined;
+        }
+        obj = obj[key];
+    }
+    return typeof obj === "string" ? obj : undefined;
+}