@riddledc/openclaw-riddledc 0.3.3 → 0.4.0

package/CHECKSUMS.txt

@@ -0,0 +1,4 @@
+008b101829a770aab04361a6432304b6fe7edf4173fed1185339d6f53969b418  dist/index.cjs
+94ce04f0e2d84bf64dd68f0500dfdd2f951287a3deccec87f197261961927f6f  dist/index.d.cts
+94ce04f0e2d84bf64dd68f0500dfdd2f951287a3deccec87f197261961927f6f  dist/index.d.ts
+52e59ee4fd2c37fd503c9e52add79ef76e5959fdef1d0c5e191b132eba4027db  dist/index.js

package/README.md

@@ -1,34 +1,92 @@
 # @riddledc/openclaw-riddledc
 
-OpenClaw integration package for RiddleDC. No secrets. No assumption about MCP.
+[![npm version](https://img.shields.io/npm/v/@riddledc/openclaw-riddledc.svg)](https://www.npmjs.com/package/@riddledc/openclaw-riddledc)
+[![Build Status](https://github.com/riddledc/integrations/actions/workflows/release.yml/badge.svg)](https://github.com/riddledc/integrations/actions)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+
+OpenClaw plugin for [Riddle](https://riddledc.com) - hosted browser automation API. Take screenshots, run Playwright scripts, and automate web interactions from your OpenClaw agent.
 
 ## Install
 
-```
+```bash
+# 1. Install the plugin
 openclaw plugins install @riddledc/openclaw-riddledc
-openclaw plugins enable openclaw-riddledc
+
+# 2. Add to allowlist and enable
+openclaw config set plugins.allow --json '["discord","telegram","memory-core","openclaw-riddledc"]'
+openclaw config set tools.alsoAllow --json '["openclaw-riddledc"]'
+
+# 3. Set your API key
+openclaw config set plugins.entries.openclaw-riddledc.config.apiKey "YOUR_RIDDLE_API_KEY"
+
+# 4. Restart gateway
+openclaw gateway restart
+# Or if using systemd: systemctl restart openclaw-gateway
 ```
 
-## OpenClaw plugin metadata
+Get your API key at [riddledc.com](https://riddledc.com).
 
-This package ships `openclaw.plugin.json` for OpenClaw registration.
+## Tools
 
-The plugin id is `openclaw-riddledc`.
+| Tool | Description |
+|------|-------------|
+| `riddle_screenshot` | Take a screenshot of a single URL |
+| `riddle_screenshots` | Take screenshots of multiple URLs in one job |
+| `riddle_steps` | Run a workflow using steps (goto/click/fill/etc.) |
+| `riddle_script` | Run full Playwright code |
+| `riddle_run` | Low-level pass-through to the Riddle API |
 
-## Configuration
+All tools return screenshots + console logs by default. Pass `include: ["har"]` to also capture network traffic.
 
-The plugin accepts:
-- `apiKey` (or `RIDDLE_API_KEY` env var)
-- `baseUrl` (defaults to `https://api.riddledc.com`)
+## How It Works
 
-## Tools
+Screenshots are automatically saved to `~/.openclaw/workspace/riddle/screenshots/` and the tool returns a file reference instead of inline base64. This keeps agent context small and prevents token overflow.
+
+Example response:
+```json
+{
+  "ok": true,
+  "job_id": "job_abc123",
+  "screenshot": { "saved": "riddle/screenshots/job_abc123.png", "sizeBytes": 45000 },
+  "console": []
+}
+```
+
+## Configuration
 
-- `riddle_run`
-- `riddle_screenshot`
-- `riddle_screenshots`
-- `riddle_steps`
-- `riddle_script`
+| Option | Description |
+|--------|-------------|
+| `apiKey` | Your Riddle API key (or set `RIDDLE_API_KEY` env var) |
+| `baseUrl` | API endpoint (defaults to `https://api.riddledc.com`) |
 
 ## Security
 
-Do not hardcode keys. Provide credentials via env vars or your secret manager.
+- **Capability manifest**: See `openclaw.plugin.json` for declared permissions
+- **Network**: Only communicates with `api.riddledc.com` (hardcoded allowlist)
+- **Context**: No access to conversation history, other tools, or user profile
+- **Filesystem**: Only writes to `~/.openclaw/workspace/riddle/`
+- **Secrets**: Only requires `RIDDLE_API_KEY` (use env var, not config file)
+
+For defense in depth, run your agent with sandboxing:
+
+```yaml
+agents:
+  defaults:
+    sandbox: true
+```
+
+See [SECURITY.md](./SECURITY.md) for full threat model, data flow diagram, and capability details.
+
+## Reproducible Builds
+
+To verify a build matches the published package:
+
+1. Clone the repo at the tagged version
+2. Run: `pnpm install && pnpm build`
+3. Compare checksums: `shasum -a 256 dist/*`
+
+Expected checksums are in `CHECKSUMS.txt`.
+
+## License
+
+MIT

package/SECURITY.md

@@ -0,0 +1,131 @@
+# Security Model
+
+## Plugin vs Skill: What This Is
+
+This is a **plugin** (code), not a **skill** (prompt). Understanding the difference matters for trust:
+
+| Type | What it is | Trust implications |
+|------|------------|-------------------|
+| **Plugin** | Node.js code that runs in-process with OpenClaw | Has full process privileges; can access env vars, filesystem, network |
+| **Skill** | Markdown/prompt instructions that guide the LLM | No direct system access; influences agent via tool invocation |
+
+**This package is a plugin.** It runs as code inside the OpenClaw process. That means:
+
+- It *could* read any env var, file, or make any network call (plugins are trusted code)
+- We *choose* to constrain ourselves via hardcoded allowlists and explicit capability limits
+- You should audit the source or trust the npm provenance
+
+**This plugin does NOT bundle any skills.** It only provides tools. No prompt instructions are injected into your agent's context.
+
+## Data Flow
+
+```
+┌─────────────────┐     HTTPS only      ┌──────────────────┐
+│  OpenClaw Agent │ ──────────────────► │ api.riddledc.com │
+│                 │   POST /v1/run      │                  │
+│  - RIDDLE_API_KEY                     │  - Runs browser  │
+│  - User prompts │ ◄────────────────── │  - Returns data  │
+└─────────────────┘   JSON response     └──────────────────┘
+        │
+        ▼
+┌─────────────────┐
+│ Local Workspace │
+│ ~/.openclaw/    │
+│ workspace/riddle│  Screenshots saved
+│ /screenshots/   │  as files (not inline)
+└─────────────────┘
+```
+
+## What This Plugin CAN Do
+
+- Send requests to api.riddledc.com (hardcoded, cannot be changed)
+- Read your RIDDLE_API_KEY from config or environment
+- Write screenshot/HAR files to your workspace directory
+- Execute Playwright scripts on Riddle's remote browser
+
+## What This Plugin CANNOT Do
+
+- Send your API key to any other domain (blocked by `assertAllowedBaseUrl`)
+- Access your filesystem outside the workspace directory
+- Make network requests to arbitrary URLs from your machine
+- Run code locally (all execution happens on Riddle's servers)
+
+## Agent Context Access
+
+This plugin has **no access** to:
+
+| Context | Access |
+|---------|--------|
+| Conversation history | ❌ None |
+| Other tools' outputs | ❌ None |
+| User profile / preferences | ❌ None |
+| Other plugins' data | ❌ None |
+| System environment (except RIDDLE_API_KEY) | ❌ None |
+
+The plugin only sees data explicitly passed to its tools by the agent. It does not hook into message events, read logs, or access the agent's memory/context.
+
+## Capability Manifest
+
+This plugin declares its capabilities in `openclaw.plugin.json`. Key constraints:
+
+- **Network egress**: Only `api.riddledc.com` (hardcoded, enforced at runtime)
+- **Filesystem**: Write only to `~/.openclaw/workspace/riddle/`
+- **Tools**: Provides 5 tools; invokes no other agent tools
+- **Secrets**: Only `RIDDLE_API_KEY` required
+
+## Security Controls
+
+### 1. Hardcoded Domain Allowlist
+
+```typescript
+function assertAllowedBaseUrl(baseUrl: string) {
+  const url = new URL(baseUrl);
+  if (url.protocol !== "https:")
+    throw new Error(`Riddle baseUrl must be https`);
+  if (url.hostname !== "api.riddledc.com")
+    throw new Error(`Refusing to use non-official Riddle host`);
+}
+```
+
+This runs on EVERY request. Even if config is manipulated, keys never leave riddledc.com.
+
+### 2. No Inline Base64
+
+Screenshots are saved to disk, not returned inline. This prevents:
+
+- Context overflow attacks
+- Memory exhaustion
+- Accidental key leakage in logs
+
+### 3. Minimal Permissions
+
+Only requires one secret: `RIDDLE_API_KEY`. No OAuth, no cookies, no session state.
+
+## Threat Model
+
+| Threat | Mitigation |
+|--------|------------|
+| API key exfiltration to attacker server | Hardcoded domain check blocks all non-riddledc.com requests |
+| Malicious config injection | Domain check runs at request time, not config time |
+| Supply chain attack (npm) | npm provenance + checksums + reproducible builds |
+| Build tampering | CHECKSUMS.txt with SHA256 hashes |
+| Local file access | Plugin only writes to designated workspace subdirectory |
+| Context/conversation leakage | Plugin has no access to agent context (see above) |
+| Prompt injection via tool output | Screenshots saved as file refs, not inline content |
+
+## Recommended: Run in Sandbox
+
+For defense in depth, consider running your agent with sandboxing enabled:
+
+```yaml
+# In your OpenClaw config
+agents:
+  defaults:
+    sandbox: true
+```
+
+This runs tools like `exec` in a Docker container, limiting blast radius if any plugin or skill misbehaves. While this plugin doesn't require sandboxing (it only calls a remote API), sandboxing protects against other plugins or prompt injection attacks.
+
+## Reporting Security Issues
+
+Email: security@riddledc.com

package/dist/index.cjs

@@ -221,10 +221,20 @@ function register(api) {
   api.registerTool(
     {
       name: "riddle_screenshot",
-      description: 'Riddle: take a screenshot of a single URL. Returns screenshot + console by default; pass include:["har"] to opt in to HAR capture.',
+      description: 'Riddle: take a screenshot of a single URL. Supports authenticated screenshots via cookies/localStorage. Returns screenshot + console by default; pass include:["har"] to opt in to HAR capture.',
       parameters: import_typebox.Type.Object({
         url: import_typebox.Type.String(),
         timeout_sec: import_typebox.Type.Optional(import_typebox.Type.Number()),
+        cookies: import_typebox.Type.Optional(import_typebox.Type.Array(import_typebox.Type.Object({
+          name: import_typebox.Type.String(),
+          value: import_typebox.Type.String(),
+          domain: import_typebox.Type.String(),
+          path: import_typebox.Type.Optional(import_typebox.Type.String()),
+          secure: import_typebox.Type.Optional(import_typebox.Type.Boolean()),
+          httpOnly: import_typebox.Type.Optional(import_typebox.Type.Boolean())
+        }), { description: "Cookies to inject for authenticated sessions" })),
+        localStorage: import_typebox.Type.Optional(import_typebox.Type.Record(import_typebox.Type.String(), import_typebox.Type.String(), { description: "localStorage key-value pairs to inject (e.g., JWT tokens)" })),
+        headers: import_typebox.Type.Optional(import_typebox.Type.Record(import_typebox.Type.String(), import_typebox.Type.String(), { description: "HTTP headers to send with requests" })),
         options: import_typebox.Type.Optional(import_typebox.Type.Record(import_typebox.Type.String(), import_typebox.Type.Any())),
         include: import_typebox.Type.Optional(import_typebox.Type.Array(import_typebox.Type.String())),
         harInline: import_typebox.Type.Optional(import_typebox.Type.Boolean())
@@ -233,7 +243,11 @@ function register(api) {
         if (!params.url || typeof params.url !== "string") throw new Error("url must be a string");
         const payload = { url: params.url };
         if (params.timeout_sec) payload.timeout_sec = params.timeout_sec;
-        if (params.options) payload.options = params.options;
+        const opts = { ...params.options || {} };
+        if (params.cookies) opts.cookies = params.cookies;
+        if (params.localStorage) opts.localStorage = params.localStorage;
+        if (params.headers) opts.headers = params.headers;
+        if (Object.keys(opts).length > 0) payload.options = opts;
         if (params.include) payload.include = params.include;
         if (params.harInline) payload.harInline = params.harInline;
         const result = await runWithDefaults(api, payload, { include: ["screenshot", "console"] });
@@ -245,10 +259,20 @@ function register(api) {
   api.registerTool(
     {
       name: "riddle_screenshots",
-      description: 'Riddle: take screenshots for multiple URLs in one job. Returns screenshots + console by default; pass include:["har"] to opt in to HAR capture.',
+      description: 'Riddle: take screenshots for multiple URLs in one job. Supports authenticated sessions via cookies/localStorage (shared across all URLs). Returns screenshots + console by default; pass include:["har"] to opt in to HAR capture.',
       parameters: import_typebox.Type.Object({
         urls: import_typebox.Type.Array(import_typebox.Type.String()),
         timeout_sec: import_typebox.Type.Optional(import_typebox.Type.Number()),
+        cookies: import_typebox.Type.Optional(import_typebox.Type.Array(import_typebox.Type.Object({
+          name: import_typebox.Type.String(),
+          value: import_typebox.Type.String(),
+          domain: import_typebox.Type.String(),
+          path: import_typebox.Type.Optional(import_typebox.Type.String()),
+          secure: import_typebox.Type.Optional(import_typebox.Type.Boolean()),
+          httpOnly: import_typebox.Type.Optional(import_typebox.Type.Boolean())
+        }), { description: "Cookies to inject for authenticated sessions" })),
+        localStorage: import_typebox.Type.Optional(import_typebox.Type.Record(import_typebox.Type.String(), import_typebox.Type.String(), { description: "localStorage key-value pairs to inject (e.g., JWT tokens)" })),
+        headers: import_typebox.Type.Optional(import_typebox.Type.Record(import_typebox.Type.String(), import_typebox.Type.String(), { description: "HTTP headers to send with requests" })),
         options: import_typebox.Type.Optional(import_typebox.Type.Record(import_typebox.Type.String(), import_typebox.Type.Any())),
         include: import_typebox.Type.Optional(import_typebox.Type.Array(import_typebox.Type.String())),
         harInline: import_typebox.Type.Optional(import_typebox.Type.Boolean())
@@ -259,7 +283,11 @@ function register(api) {
         }
         const payload = { urls: params.urls };
         if (params.timeout_sec) payload.timeout_sec = params.timeout_sec;
-        if (params.options) payload.options = params.options;
+        const opts = { ...params.options || {} };
+        if (params.cookies) opts.cookies = params.cookies;
+        if (params.localStorage) opts.localStorage = params.localStorage;
+        if (params.headers) opts.headers = params.headers;
+        if (Object.keys(opts).length > 0) payload.options = opts;
         if (params.include) payload.include = params.include;
         if (params.harInline) payload.harInline = params.harInline;
         const result = await runWithDefaults(api, payload, { include: ["screenshot", "console"] });
@@ -271,10 +299,20 @@ function register(api) {
   api.registerTool(
     {
       name: "riddle_steps",
-      description: 'Riddle: run a workflow in steps mode (goto/click/fill/etc.). Returns screenshot + console by default; pass include:["har"] to opt in to HAR capture.',
+      description: 'Riddle: run a workflow in steps mode (goto/click/fill/etc.). Supports authenticated sessions via cookies/localStorage. Returns screenshot + console by default; pass include:["har"] to opt in to HAR capture.',
       parameters: import_typebox.Type.Object({
         steps: import_typebox.Type.Array(import_typebox.Type.Record(import_typebox.Type.String(), import_typebox.Type.Any())),
         timeout_sec: import_typebox.Type.Optional(import_typebox.Type.Number()),
+        cookies: import_typebox.Type.Optional(import_typebox.Type.Array(import_typebox.Type.Object({
+          name: import_typebox.Type.String(),
+          value: import_typebox.Type.String(),
+          domain: import_typebox.Type.String(),
+          path: import_typebox.Type.Optional(import_typebox.Type.String()),
+          secure: import_typebox.Type.Optional(import_typebox.Type.Boolean()),
+          httpOnly: import_typebox.Type.Optional(import_typebox.Type.Boolean())
+        }), { description: "Cookies to inject for authenticated sessions" })),
+        localStorage: import_typebox.Type.Optional(import_typebox.Type.Record(import_typebox.Type.String(), import_typebox.Type.String(), { description: "localStorage key-value pairs to inject (e.g., JWT tokens)" })),
+        headers: import_typebox.Type.Optional(import_typebox.Type.Record(import_typebox.Type.String(), import_typebox.Type.String(), { description: "HTTP headers to send with requests" })),
         options: import_typebox.Type.Optional(import_typebox.Type.Record(import_typebox.Type.String(), import_typebox.Type.Any())),
         include: import_typebox.Type.Optional(import_typebox.Type.Array(import_typebox.Type.String())),
         harInline: import_typebox.Type.Optional(import_typebox.Type.Boolean()),
@@ -285,7 +323,11 @@ function register(api) {
         const payload = { steps: params.steps };
         if (typeof params.sync === "boolean") payload.sync = params.sync;
         if (params.timeout_sec) payload.timeout_sec = params.timeout_sec;
-        if (params.options) payload.options = params.options;
+        const opts = { ...params.options || {} };
+        if (params.cookies) opts.cookies = params.cookies;
+        if (params.localStorage) opts.localStorage = params.localStorage;
+        if (params.headers) opts.headers = params.headers;
+        if (Object.keys(opts).length > 0) payload.options = opts;
         if (params.include) payload.include = params.include;
         if (params.harInline) payload.harInline = params.harInline;
         const result = await runWithDefaults(api, payload, { include: ["screenshot", "console", "result"] });
@@ -297,10 +339,20 @@ function register(api) {
   api.registerTool(
     {
       name: "riddle_script",
-      description: 'Riddle: run full Playwright code (script mode). Returns screenshot + console by default; pass include:["har"] to opt in to HAR capture.',
+      description: 'Riddle: run full Playwright code (script mode). Supports authenticated sessions via cookies/localStorage. In scripts, use `await injectLocalStorage()` after navigating to the origin to apply localStorage values. Returns screenshot + console by default; pass include:["har"] to opt in to HAR capture.',
       parameters: import_typebox.Type.Object({
         script: import_typebox.Type.String(),
         timeout_sec: import_typebox.Type.Optional(import_typebox.Type.Number()),
+        cookies: import_typebox.Type.Optional(import_typebox.Type.Array(import_typebox.Type.Object({
+          name: import_typebox.Type.String(),
+          value: import_typebox.Type.String(),
+          domain: import_typebox.Type.String(),
+          path: import_typebox.Type.Optional(import_typebox.Type.String()),
+          secure: import_typebox.Type.Optional(import_typebox.Type.Boolean()),
+          httpOnly: import_typebox.Type.Optional(import_typebox.Type.Boolean())
+        }), { description: "Cookies to inject for authenticated sessions" })),
+        localStorage: import_typebox.Type.Optional(import_typebox.Type.Record(import_typebox.Type.String(), import_typebox.Type.String(), { description: "localStorage key-value pairs; use injectLocalStorage() in script after goto to apply" })),
+        headers: import_typebox.Type.Optional(import_typebox.Type.Record(import_typebox.Type.String(), import_typebox.Type.String(), { description: "HTTP headers to send with requests" })),
         options: import_typebox.Type.Optional(import_typebox.Type.Record(import_typebox.Type.String(), import_typebox.Type.Any())),
         include: import_typebox.Type.Optional(import_typebox.Type.Array(import_typebox.Type.String())),
         harInline: import_typebox.Type.Optional(import_typebox.Type.Boolean()),
@@ -311,7 +363,11 @@ function register(api) {
         const payload = { script: params.script };
         if (typeof params.sync === "boolean") payload.sync = params.sync;
         if (params.timeout_sec) payload.timeout_sec = params.timeout_sec;
-        if (params.options) payload.options = params.options;
+        const opts = { ...params.options || {} };
+        if (params.cookies) opts.cookies = params.cookies;
+        if (params.localStorage) opts.localStorage = params.localStorage;
+        if (params.headers) opts.headers = params.headers;
+        if (Object.keys(opts).length > 0) payload.options = opts;
         if (params.include) payload.include = params.include;
         if (params.harInline) payload.harInline = params.harInline;
         const result = await runWithDefaults(api, payload, { include: ["screenshot", "console", "result"] });

package/dist/index.js

@@ -197,10 +197,20 @@ function register(api) {
   api.registerTool(
     {
       name: "riddle_screenshot",
-      description: 'Riddle: take a screenshot of a single URL. Returns screenshot + console by default; pass include:["har"] to opt in to HAR capture.',
+      description: 'Riddle: take a screenshot of a single URL. Supports authenticated screenshots via cookies/localStorage. Returns screenshot + console by default; pass include:["har"] to opt in to HAR capture.',
       parameters: Type.Object({
         url: Type.String(),
         timeout_sec: Type.Optional(Type.Number()),
+        cookies: Type.Optional(Type.Array(Type.Object({
+          name: Type.String(),
+          value: Type.String(),
+          domain: Type.String(),
+          path: Type.Optional(Type.String()),
+          secure: Type.Optional(Type.Boolean()),
+          httpOnly: Type.Optional(Type.Boolean())
+        }), { description: "Cookies to inject for authenticated sessions" })),
+        localStorage: Type.Optional(Type.Record(Type.String(), Type.String(), { description: "localStorage key-value pairs to inject (e.g., JWT tokens)" })),
+        headers: Type.Optional(Type.Record(Type.String(), Type.String(), { description: "HTTP headers to send with requests" })),
         options: Type.Optional(Type.Record(Type.String(), Type.Any())),
         include: Type.Optional(Type.Array(Type.String())),
         harInline: Type.Optional(Type.Boolean())
@@ -209,7 +219,11 @@ function register(api) {
         if (!params.url || typeof params.url !== "string") throw new Error("url must be a string");
         const payload = { url: params.url };
         if (params.timeout_sec) payload.timeout_sec = params.timeout_sec;
-        if (params.options) payload.options = params.options;
+        const opts = { ...params.options || {} };
+        if (params.cookies) opts.cookies = params.cookies;
+        if (params.localStorage) opts.localStorage = params.localStorage;
+        if (params.headers) opts.headers = params.headers;
+        if (Object.keys(opts).length > 0) payload.options = opts;
         if (params.include) payload.include = params.include;
         if (params.harInline) payload.harInline = params.harInline;
         const result = await runWithDefaults(api, payload, { include: ["screenshot", "console"] });
@@ -221,10 +235,20 @@ function register(api) {
   api.registerTool(
     {
       name: "riddle_screenshots",
-      description: 'Riddle: take screenshots for multiple URLs in one job. Returns screenshots + console by default; pass include:["har"] to opt in to HAR capture.',
+      description: 'Riddle: take screenshots for multiple URLs in one job. Supports authenticated sessions via cookies/localStorage (shared across all URLs). Returns screenshots + console by default; pass include:["har"] to opt in to HAR capture.',
       parameters: Type.Object({
         urls: Type.Array(Type.String()),
         timeout_sec: Type.Optional(Type.Number()),
+        cookies: Type.Optional(Type.Array(Type.Object({
+          name: Type.String(),
+          value: Type.String(),
+          domain: Type.String(),
+          path: Type.Optional(Type.String()),
+          secure: Type.Optional(Type.Boolean()),
+          httpOnly: Type.Optional(Type.Boolean())
+        }), { description: "Cookies to inject for authenticated sessions" })),
+        localStorage: Type.Optional(Type.Record(Type.String(), Type.String(), { description: "localStorage key-value pairs to inject (e.g., JWT tokens)" })),
+        headers: Type.Optional(Type.Record(Type.String(), Type.String(), { description: "HTTP headers to send with requests" })),
         options: Type.Optional(Type.Record(Type.String(), Type.Any())),
         include: Type.Optional(Type.Array(Type.String())),
         harInline: Type.Optional(Type.Boolean())
@@ -235,7 +259,11 @@ function register(api) {
         }
         const payload = { urls: params.urls };
         if (params.timeout_sec) payload.timeout_sec = params.timeout_sec;
-        if (params.options) payload.options = params.options;
+        const opts = { ...params.options || {} };
+        if (params.cookies) opts.cookies = params.cookies;
+        if (params.localStorage) opts.localStorage = params.localStorage;
+        if (params.headers) opts.headers = params.headers;
+        if (Object.keys(opts).length > 0) payload.options = opts;
         if (params.include) payload.include = params.include;
         if (params.harInline) payload.harInline = params.harInline;
         const result = await runWithDefaults(api, payload, { include: ["screenshot", "console"] });
@@ -247,10 +275,20 @@ function register(api) {
   api.registerTool(
     {
       name: "riddle_steps",
-      description: 'Riddle: run a workflow in steps mode (goto/click/fill/etc.). Returns screenshot + console by default; pass include:["har"] to opt in to HAR capture.',
+      description: 'Riddle: run a workflow in steps mode (goto/click/fill/etc.). Supports authenticated sessions via cookies/localStorage. Returns screenshot + console by default; pass include:["har"] to opt in to HAR capture.',
       parameters: Type.Object({
         steps: Type.Array(Type.Record(Type.String(), Type.Any())),
         timeout_sec: Type.Optional(Type.Number()),
+        cookies: Type.Optional(Type.Array(Type.Object({
+          name: Type.String(),
+          value: Type.String(),
+          domain: Type.String(),
+          path: Type.Optional(Type.String()),
+          secure: Type.Optional(Type.Boolean()),
+          httpOnly: Type.Optional(Type.Boolean())
+        }), { description: "Cookies to inject for authenticated sessions" })),
+        localStorage: Type.Optional(Type.Record(Type.String(), Type.String(), { description: "localStorage key-value pairs to inject (e.g., JWT tokens)" })),
+        headers: Type.Optional(Type.Record(Type.String(), Type.String(), { description: "HTTP headers to send with requests" })),
         options: Type.Optional(Type.Record(Type.String(), Type.Any())),
         include: Type.Optional(Type.Array(Type.String())),
         harInline: Type.Optional(Type.Boolean()),
@@ -261,7 +299,11 @@ function register(api) {
         const payload = { steps: params.steps };
         if (typeof params.sync === "boolean") payload.sync = params.sync;
         if (params.timeout_sec) payload.timeout_sec = params.timeout_sec;
-        if (params.options) payload.options = params.options;
+        const opts = { ...params.options || {} };
+        if (params.cookies) opts.cookies = params.cookies;
+        if (params.localStorage) opts.localStorage = params.localStorage;
+        if (params.headers) opts.headers = params.headers;
+        if (Object.keys(opts).length > 0) payload.options = opts;
         if (params.include) payload.include = params.include;
         if (params.harInline) payload.harInline = params.harInline;
         const result = await runWithDefaults(api, payload, { include: ["screenshot", "console", "result"] });
@@ -273,10 +315,20 @@ function register(api) {
   api.registerTool(
     {
       name: "riddle_script",
-      description: 'Riddle: run full Playwright code (script mode). Returns screenshot + console by default; pass include:["har"] to opt in to HAR capture.',
+      description: 'Riddle: run full Playwright code (script mode). Supports authenticated sessions via cookies/localStorage. In scripts, use `await injectLocalStorage()` after navigating to the origin to apply localStorage values. Returns screenshot + console by default; pass include:["har"] to opt in to HAR capture.',
       parameters: Type.Object({
         script: Type.String(),
         timeout_sec: Type.Optional(Type.Number()),
+        cookies: Type.Optional(Type.Array(Type.Object({
+          name: Type.String(),
+          value: Type.String(),
+          domain: Type.String(),
+          path: Type.Optional(Type.String()),
+          secure: Type.Optional(Type.Boolean()),
+          httpOnly: Type.Optional(Type.Boolean())
+        }), { description: "Cookies to inject for authenticated sessions" })),
+        localStorage: Type.Optional(Type.Record(Type.String(), Type.String(), { description: "localStorage key-value pairs; use injectLocalStorage() in script after goto to apply" })),
+        headers: Type.Optional(Type.Record(Type.String(), Type.String(), { description: "HTTP headers to send with requests" })),
         options: Type.Optional(Type.Record(Type.String(), Type.Any())),
         include: Type.Optional(Type.Array(Type.String())),
         harInline: Type.Optional(Type.Boolean()),
@@ -287,7 +339,11 @@ function register(api) {
         const payload = { script: params.script };
         if (typeof params.sync === "boolean") payload.sync = params.sync;
         if (params.timeout_sec) payload.timeout_sec = params.timeout_sec;
-        if (params.options) payload.options = params.options;
+        const opts = { ...params.options || {} };
+        if (params.cookies) opts.cookies = params.cookies;
+        if (params.localStorage) opts.localStorage = params.localStorage;
+        if (params.headers) opts.headers = params.headers;
+        if (Object.keys(opts).length > 0) payload.options = opts;
         if (params.include) payload.include = params.include;
         if (params.harInline) payload.harInline = params.harInline;
         const result = await runWithDefaults(api, payload, { include: ["screenshot", "console", "result"] });

package/openclaw.plugin.json

@@ -2,8 +2,49 @@
   "id": "openclaw-riddledc",
   "name": "Riddle",
   "description": "Riddle (riddledc.com) hosted browser API tools for OpenClaw agents.",
-  "version": "0.3.3",
-  "notes": "0.3.1: Screenshots now saved to workspace files instead of inline base64 to prevent context bloat.",
+  "version": "0.4.0",
+  "notes": "0.3.4: Added capability manifest, npm provenance, checksums, SECURITY.md.",
+  "type": "plugin",
+  "bundledSkills": [],
+  "capabilities": {
+    "network": {
+      "egress": [
+        "api.riddledc.com"
+      ],
+      "enforced": true,
+      "note": "Hardcoded allowlist in assertAllowedBaseUrl() - cannot be overridden by config"
+    },
+    "filesystem": {
+      "write": [
+        "~/.openclaw/workspace/riddle/"
+      ],
+      "read": []
+    },
+    "agentContext": {
+      "conversationHistory": false,
+      "otherToolOutputs": false,
+      "userProfile": false,
+      "note": "Plugin only sees data explicitly passed to its tools"
+    },
+    "tools": {
+      "provides": [
+        "riddle_screenshot",
+        "riddle_screenshots",
+        "riddle_steps",
+        "riddle_script",
+        "riddle_run"
+      ],
+      "invokes": [],
+      "note": "Provides tools for agent use; does not invoke other agent tools"
+    },
+    "secrets": {
+      "required": [
+        "RIDDLE_API_KEY"
+      ],
+      "optional": [],
+      "note": "Key only sent to api.riddledc.com (enforced)"
+    }
+  },
   "configSchema": {
     "type": "object",
     "additionalProperties": false,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@riddledc/openclaw-riddledc",
-  "version": "0.3.3",
+  "version": "0.4.0",
   "description": "OpenClaw integration package for RiddleDC (no secrets).",
   "license": "MIT",
   "author": "RiddleDC",
@@ -22,7 +22,10 @@
   },
   "files": [
     "dist",
-    "openclaw.plugin.json"
+    "openclaw.plugin.json",
+    "CHECKSUMS.txt",
+    "SECURITY.md",
+    "LICENSE"
   ],
   "sideEffects": false,
   "engines": {
@@ -42,10 +45,11 @@
     "typescript": "^5.4.5"
   },
   "scripts": {
-    "build": "tsup src/index.ts --format cjs,esm --dts --out-dir dist",
+    "build": "npm run sync:openclaw-plugin-version && tsup src/index.ts --format cjs,esm --dts --out-dir dist",
     "clean": "rm -rf dist",
     "lint": "echo 'lint: (not configured)'",
     "test": "echo 'test: (not configured)'",
-    "sync:openclaw-plugin-version": "node scripts/sync-openclaw-plugin-version.mjs"
+    "sync:openclaw-plugin-version": "node scripts/sync-openclaw-plugin-version.mjs",
+    "checksums": "node scripts/generate-checksums.mjs"
   }
 }