@swarmclawai/swarmclaw 0.4.5 → 0.5.0

package/README.md

@@ -25,7 +25,10 @@ Inspired by [OpenClaw](https://github.com/openclaw).
 
 - **15 Built-in Providers** — Claude Code CLI, OpenAI Codex CLI, OpenCode CLI, Anthropic, OpenAI, Google Gemini, DeepSeek, Groq, Together AI, Mistral AI, xAI (Grok), Fireworks AI, Ollama, plus custom OpenAI-compatible endpoints
 - **OpenClaw Gateway** — Per-agent toggle to connect any agent to a local or remote OpenClaw gateway. Each agent gets its own gateway URL and token — run a swarm of OpenClaws from one dashboard. The `openclaw` CLI ships as a bundled dependency (no separate install needed)
+- **OpenClaw Control Plane** — Built-in gateway connection controls, reload mode switching (hot/hybrid/full), config issue detection/repair, remote history sync, and live execution approval handling
 - **Agent Builder** — Create agents with custom personalities (soul), system prompts, tools, and skills. AI-powered generation from a description
+- **Agent Inspector Panel** — Per-agent side panel for OpenClaw file editing (`SOUL.md`, `IDENTITY.md`, `USER.md`, etc.), guided personality editing, skill install/enable/remove, permission presets, sandbox env allowlist, and cron automations
+- **Agent Fleet Management** — Avatar seeds with generated avatars, running/approval fleet filters, soft-delete agent trash with restore/permanent delete, and approval counters in agent cards
 - **Agent Tools** — Shell, process control for long-running commands, files, edit file, send file, web search, web fetch, CLI delegation (Claude/Codex/OpenCode), Playwright browser automation, persistent memory, and sandboxed code execution (JS/TS via Deno, Python)
 - **Platform Tools** — Agents can manage other agents, tasks, schedules, skills, connectors, sessions, and encrypted secrets via built-in platform tools
 - **Orchestration** — Multi-agent workflows powered by LangGraph with automatic sub-agent routing, checkpointed execution, and rich delegation cards that link to sub-agent chat threads
@@ -35,6 +38,9 @@ Inspired by [OpenClaw](https://github.com/openclaw).
 - **Scheduling** — Cron-based agent scheduling with human-friendly presets
 - **Loop Runtime Controls** — Switch between bounded and ongoing loops with configurable step caps, runtime guards, heartbeat cadence, and timeout budgets
 - **Session Run Queue** — Per-session queued runs with followup/steer/collect modes, collect coalescing for bursty inputs, and run-state APIs
+- **Chat Iteration Workflow** — Edit-and-resend user turns, fork a new session from any message, bookmark key messages, use contextual follow-up suggestion chips, and auto-continue after tool access grants
+- **Live Chat Telemetry** — Thinking/tool/responding stream phases, live main-loop status badges, connector activity presence, tone indicator, and optional sound notifications
+- **Preview-Rich Chat UI** — Side preview panel for tool outputs (image/browser/html/code), inline code/PDF previews for attachments, and image lightbox support
 - **Voice Settings** — Per-instance ElevenLabs API key + voice ID for TTS replies, plus configurable speech recognition language for chat input
 - **Chat Connectors** — Bridge agents to Discord, Slack, Telegram, WhatsApp, BlueBubbles (iMessage), Signal, Microsoft Teams, Google Chat, Matrix, and OpenClaw with media-aware inbound handling
 - **Skills System** — Discover local skills, import skills from URL, and load OpenClaw `SKILL.md` files (frontmatter-compatible)
@@ -53,7 +59,7 @@ Inspired by [OpenClaw](https://github.com/openclaw).
 
 ## Requirements
 
-- **Node.js** 20+
+- **Node.js** 22.6+
 - **npm** 10+
 - **Claude Code CLI** (optional, for `claude-cli` provider) — [Install](https://docs.anthropic.com/en/docs/claude-code/overview)
 - **OpenAI Codex CLI** (optional, for `codex-cli` provider) — [Install](https://github.com/openai/codex)
@@ -75,7 +81,7 @@ curl -fsSL https://raw.githubusercontent.com/swarmclawai/swarmclaw/main/install.
 ```
 
 The installer resolves the latest stable release tag and installs that version by default.
-To pin a version: `SWARMCLAW_VERSION=v0.1.0 curl ... | bash`
+To pin a version: `SWARMCLAW_VERSION=v0.5.0 curl ... | bash`
 
 Or run locally from the repo (friendly for non-technical users):
 

package/bin/server-cmd.js

@@ -17,14 +17,15 @@ const PID_FILE = path.join(SWARMCLAW_HOME, 'server.pid')
 const LOG_FILE = path.join(SWARMCLAW_HOME, 'server.log')
 const DATA_DIR = path.join(SWARMCLAW_HOME, 'data')
 
-// Files/directories to symlink from the npm package into SWARMCLAW_HOME
-const SYMLINKS = [
+// Files/directories to copy from the npm package into SWARMCLAW_HOME
+const BUILD_COPY_ENTRIES = [
   'src',
   'public',
   'next.config.ts',
   'tsconfig.json',
   'postcss.config.mjs',
   'package.json',
+  'package-lock.json',
 ]
 
 // ---------------------------------------------------------------------------
@@ -61,16 +62,13 @@ function isProcessRunning(pid) {
   }
 }
 
-function symlink(src, dest) {
-  // Remove existing symlink/file if present
-  try {
-    const stat = fs.lstatSync(dest)
-    if (stat.isSymbolicLink() || stat.isFile()) {
-      fs.unlinkSync(dest)
-    }
-  } catch {
-    // doesn't exist
-  }
+function copyPath(src, dest, { dereference = true } = {}) {
+  fs.rmSync(dest, { recursive: true, force: true })
+  fs.cpSync(src, dest, { recursive: true, dereference })
+}
+
+function symlinkPath(src, dest) {
+  fs.rmSync(dest, { recursive: true, force: true })
   fs.symlinkSync(src, dest)
 }
 
@@ -89,8 +87,9 @@ function runBuild() {
   ensureDir(SWARMCLAW_HOME)
   ensureDir(DATA_DIR)
 
-  // Create symlinks from PKG_ROOT into SWARMCLAW_HOME
-  for (const entry of SYMLINKS) {
+  // Copy source/config into SWARMCLAW_HOME. Turbopack build currently rejects
+  // app source symlinks that point outside the workspace root.
+  for (const entry of BUILD_COPY_ENTRIES) {
     const src = path.join(PKG_ROOT, entry)
     const dest = path.join(SWARMCLAW_HOME, entry)
 
@@ -99,23 +98,33 @@ function runBuild() {
       continue
     }
 
-    symlink(src, dest)
+    copyPath(src, dest)
   }
 
-  // Symlink node_modules
+  // Reuse package dependencies via symlink to avoid multi-GB duplication in
+  // SWARMCLAW_HOME. Build runs with webpack mode for symlink compatibility.
   const nmSrc = path.join(PKG_ROOT, 'node_modules')
   const nmDest = path.join(SWARMCLAW_HOME, 'node_modules')
   if (fs.existsSync(nmSrc)) {
-    symlink(nmSrc, nmDest)
+    symlinkPath(nmSrc, nmDest)
   } else {
     // If node_modules doesn't exist at PKG_ROOT, install
     log('Installing dependencies...')
-    execSync('npm install --omit=dev', { cwd: SWARMCLAW_HOME, stdio: 'inherit' })
+    execSync('npm install', { cwd: SWARMCLAW_HOME, stdio: 'inherit' })
   }
 
   // Run Next.js build
   log('Building Next.js application (this may take a minute)...')
-  execSync('npx next build', { cwd: SWARMCLAW_HOME, stdio: 'inherit' })
+  // Use webpack for production build reliability in packaged/fresh-install
+  // environments (Turbopack has intermittently failed during prerender).
+  execSync('npx next build --webpack', {
+    cwd: SWARMCLAW_HOME,
+    stdio: 'inherit',
+    env: {
+      ...process.env,
+      SWARMCLAW_BUILD_MODE: '1',
+    },
+  })
 
   // Write built marker
   fs.writeFileSync(BUILT_MARKER, JSON.stringify({ builtAt: new Date().toISOString(), version: getVersion() }))

package/next.config.ts

@@ -11,6 +11,11 @@ function getGitSha(): string {
 
 const nextConfig: NextConfig = {
   output: 'standalone',
+  experimental: {
+    // Disable Turbopack persistent cache — concurrent HMR writes cause
+    // "Another write batch or compaction is already active" errors
+    turbopackFileSystemCacheForDev: false,
+  },
   env: {
     NEXT_PUBLIC_GIT_SHA: getGitSha(),
     NEXT_PUBLIC_WS_PORT: String((Number(process.env.PORT) || 3456) + 1),

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@swarmclawai/swarmclaw",
-  "version": "0.4.5",
+  "version": "0.5.0",
   "description": "Self-hosted AI agent orchestration dashboard — manage LLM providers, orchestrate agent swarms, schedule tasks, and bridge agents to chat platforms.",
   "license": "MIT",
   "repository": {
@@ -58,6 +58,7 @@
     "@langchain/core": "^1.1.26",
     "@langchain/langgraph": "^1.1.5",
     "@langchain/openai": "^1.2.8",
+    "@multiavatar/multiavatar": "^1.0.7",
     "@playwright/mcp": "^0.0.68",
     "@slack/bolt": "^4.6.0",
     "@whiskeysockets/baileys": "^7.0.0-rc.9",

package/src/app/api/agents/[id]/route.ts

@@ -1,10 +1,10 @@
 import { NextResponse } from 'next/server'
-import { loadAgents, saveAgents, deleteAgent } from '@/lib/server/storage'
+import { loadAgents, saveAgents, loadSessions, saveSessions } from '@/lib/server/storage'
 import { normalizeProviderEndpoint } from '@/lib/openclaw-endpoint'
-import { mutateItem, deleteItem, notFound, type CollectionOps } from '@/lib/server/collection-helpers'
+import { mutateItem, notFound, type CollectionOps } from '@/lib/server/collection-helpers'
 
 // eslint-disable-next-line @typescript-eslint/no-explicit-any
-const ops: CollectionOps<any> = { load: loadAgents, save: saveAgents, deleteFn: deleteAgent, topic: 'agents' }
+const ops: CollectionOps<any> = { load: () => loadAgents({ includeTrashed: true }), save: saveAgents, topic: 'agents' }
 
 export async function PUT(req: Request, { params }: { params: Promise<{ id: string }> }) {
   const { id } = await params
@@ -27,6 +27,24 @@ export async function PUT(req: Request, { params }: { params: Promise<{ id: stri
 
 export async function DELETE(_req: Request, { params }: { params: Promise<{ id: string }> }) {
   const { id } = await params
-  if (!deleteItem(ops, id)) return notFound()
-  return NextResponse.json({ ok: true })
+  // Soft delete — set trashedAt instead of removing the record
+  const result = mutateItem(ops, id, (agent) => {
+    agent.trashedAt = Date.now()
+    return agent
+  })
+  if (!result) return notFound()
+
+  // Detach sessions from the trashed agent
+  const sessions = loadSessions()
+  let detachedSessions = 0
+  for (const session of Object.values(sessions) as Array<Record<string, unknown>>) {
+    if (!session || session.agentId !== id) continue
+    session.agentId = null
+    detachedSessions += 1
+  }
+  if (detachedSessions > 0) {
+    saveSessions(sessions)
+  }
+
+  return NextResponse.json({ ok: true, detachedSessions })
 }

package/src/app/api/agents/trash/route.ts

@@ -0,0 +1,44 @@
+import { NextResponse } from 'next/server'
+import { loadTrashedAgents, loadAgents, saveAgents, deleteAgent } from '@/lib/server/storage'
+import { notify } from '@/lib/server/ws-hub'
+import { badRequest, notFound } from '@/lib/server/collection-helpers'
+
+/** GET — list trashed agents */
+export async function GET() {
+  return NextResponse.json(loadTrashedAgents())
+}
+
+/** POST { id } — restore a trashed agent */
+export async function POST(req: Request) {
+  const body = await req.json()
+  const id = body?.id as string | undefined
+  if (!id) return badRequest('Missing agent id')
+
+  const all = loadAgents({ includeTrashed: true })
+  const agent = all[id]
+  if (!agent) return notFound()
+  if (!agent.trashedAt) return badRequest('Agent is not trashed')
+
+  delete agent.trashedAt
+  agent.updatedAt = Date.now()
+  all[id] = agent
+  saveAgents(all)
+  notify('agents')
+  return NextResponse.json(agent)
+}
+
+/** DELETE { id } — permanently delete a trashed agent */
+export async function DELETE(req: Request) {
+  const body = await req.json()
+  const id = body?.id as string | undefined
+  if (!id) return badRequest('Missing agent id')
+
+  const all = loadAgents({ includeTrashed: true })
+  const agent = all[id]
+  if (!agent) return notFound()
+  if (!agent.trashedAt) return badRequest('Agent must be trashed before permanent deletion')
+
+  deleteAgent(id)
+  notify('agents')
+  return NextResponse.json({ ok: true })
+}

package/src/app/api/connectors/[id]/route.ts

@@ -9,14 +9,17 @@ export async function GET(_req: Request, { params }: { params: Promise<{ id: str
   const connector = connectors[id]
   if (!connector) return notFound()
 
-  // Merge runtime status and QR code
+  // Merge runtime status, QR code, and presence
   try {
-    const { getConnectorStatus, getConnectorQR, isConnectorAuthenticated, hasConnectorCredentials } = await import('@/lib/server/connectors/manager')
+    const { getConnectorStatus, getConnectorQR, isConnectorAuthenticated, hasConnectorCredentials, getConnectorPresence } = await import('@/lib/server/connectors/manager')
     connector.status = getConnectorStatus(id)
     const qr = getConnectorQR(id)
     if (qr) connector.qrDataUrl = qr
     connector.authenticated = isConnectorAuthenticated(id)
     connector.hasCredentials = hasConnectorCredentials(id)
+    if (connector.status === 'running') {
+      connector.presence = getConnectorPresence(id)
+    }
   } catch { /* ignore */ }
 
   return NextResponse.json(connector)
@@ -41,10 +44,10 @@ export async function PUT(req: Request, { params }: { params: Promise<{ id: stri
       } else {
         await manager.repairConnector(id)
       }
-    } catch (err: any) {
+    } catch (err: unknown) {
       // Re-read to get the error state saved by startConnector
       const fresh = loadConnectors()
-      return NextResponse.json(fresh[id] || { error: err.message }, { status: 500 })
+      return NextResponse.json(fresh[id] || { error: err instanceof Error ? err.message : String(err) }, { status: 500 })
     }
     // Re-read the connector after manager modified it
     const fresh = loadConnectors()

package/src/app/api/connectors/[id]/webhook/route.ts

@@ -58,6 +58,7 @@ export async function POST(req: Request, { params }: { params: Promise<{ id: str
   try {
     if (connector.platform === 'teams') {
       const handlerKey = `__swarmclaw_teams_handler_${connector.id}__`
+      // eslint-disable-next-line @typescript-eslint/no-explicit-any -- dynamic globalThis handler registered at runtime by connector
       const handler = (globalThis as any)[handlerKey]
       if (typeof handler !== 'function') {
         return NextResponse.json({ error: 'Teams connector is not running or not ready' }, { status: 409 })
@@ -68,6 +69,7 @@ export async function POST(req: Request, { params }: { params: Promise<{ id: str
 
     if (connector.platform === 'googlechat') {
       const handlerKey = `__swarmclaw_googlechat_handler_${connector.id}__`
+      // eslint-disable-next-line @typescript-eslint/no-explicit-any -- dynamic globalThis handler registered at runtime by connector
       const handler = (globalThis as any)[handlerKey]
       if (typeof handler !== 'function') {
         return NextResponse.json({ error: 'Google Chat connector is not running or not ready' }, { status: 409 })
@@ -81,6 +83,7 @@ export async function POST(req: Request, { params }: { params: Promise<{ id: str
 
     if (connector.platform === 'bluebubbles') {
       const handlerKey = `__swarmclaw_bluebubbles_handler_${connector.id}__`
+      // eslint-disable-next-line @typescript-eslint/no-explicit-any -- dynamic globalThis handler registered at runtime by connector
       const handler = (globalThis as any)[handlerKey]
       if (typeof handler !== 'function') {
         return NextResponse.json({ error: 'BlueBubbles connector is not running or not ready' }, { status: 409 })
@@ -93,7 +96,8 @@ export async function POST(req: Request, { params }: { params: Promise<{ id: str
     }
 
     return NextResponse.json({ error: `Platform "${connector.platform}" does not support connector webhook ingress.` }, { status: 400 })
-  } catch (err: any) {
-    return NextResponse.json({ error: err?.message || 'Webhook processing failed' }, { status: 500 })
+  } catch (err: unknown) {
+    const message = err instanceof Error ? err.message : 'Webhook processing failed'
+    return NextResponse.json({ error: message }, { status: 500 })
   }
 }

package/src/app/api/openclaw/agent-files/route.ts

@@ -0,0 +1,57 @@
+import { NextResponse } from 'next/server'
+import { ensureGatewayConnected } from '@/lib/server/openclaw-gateway'
+
+const AGENT_FILES = ['SOUL.md', 'IDENTITY.md', 'USER.md', 'TOOLS.md', 'HEARTBEAT.md', 'MEMORY.md', 'AGENTS.md'] as const
+
+/** GET ?agentId=X — fetch all agent files from gateway */
+export async function GET(req: Request) {
+  const { searchParams } = new URL(req.url)
+  const agentId = searchParams.get('agentId')
+  if (!agentId) {
+    return NextResponse.json({ error: 'Missing agentId' }, { status: 400 })
+  }
+
+  const gw = await ensureGatewayConnected()
+  if (!gw) {
+    return NextResponse.json({ error: 'OpenClaw gateway not connected' }, { status: 503 })
+  }
+
+  const files: Record<string, { content: string; error?: string }> = {}
+  await Promise.all(
+    AGENT_FILES.map(async (filename) => {
+      try {
+        const result = await gw.rpc('agents.files.get', { agentId, filename }) as { content?: string } | undefined
+        files[filename] = { content: result?.content ?? '' }
+      } catch (err: unknown) {
+        files[filename] = { content: '', error: err instanceof Error ? err.message : String(err) }
+      }
+    }),
+  )
+
+  return NextResponse.json(files)
+}
+
+/** PUT { agentId, filename, content } — save an agent file */
+export async function PUT(req: Request) {
+  const body = await req.json()
+  const { agentId, filename, content } = body as { agentId?: string; filename?: string; content?: string }
+  if (!agentId || !filename) {
+    return NextResponse.json({ error: 'Missing agentId or filename' }, { status: 400 })
+  }
+  if (!AGENT_FILES.includes(filename as typeof AGENT_FILES[number])) {
+    return NextResponse.json({ error: `Invalid filename: ${filename}` }, { status: 400 })
+  }
+
+  const gw = await ensureGatewayConnected()
+  if (!gw) {
+    return NextResponse.json({ error: 'OpenClaw gateway not connected' }, { status: 503 })
+  }
+
+  try {
+    await gw.rpc('agents.files.set', { agentId, filename, content: content ?? '' })
+    return NextResponse.json({ ok: true })
+  } catch (err: unknown) {
+    const message = err instanceof Error ? err.message : String(err)
+    return NextResponse.json({ error: message }, { status: 502 })
+  }
+}

package/src/app/api/openclaw/approvals/route.ts

@@ -0,0 +1,46 @@
+import { NextResponse } from 'next/server'
+import { ensureGatewayConnected } from '@/lib/server/openclaw-gateway'
+import type { PendingExecApproval, ExecApprovalDecision } from '@/types'
+
+/** GET — fetch pending execution approvals from gateway */
+export async function GET() {
+  const gw = await ensureGatewayConnected()
+  if (!gw) {
+    return NextResponse.json([], { status: 200 })
+  }
+
+  try {
+    const result = await gw.rpc('exec.approvals.get') as PendingExecApproval[] | undefined
+    return NextResponse.json(result ?? [])
+  } catch {
+    return NextResponse.json([])
+  }
+}
+
+/** POST { id, decision } — resolve an execution approval */
+export async function POST(req: Request) {
+  const body = await req.json()
+  const { id, decision } = body as { id?: string; decision?: ExecApprovalDecision }
+
+  if (!id || !decision) {
+    return NextResponse.json({ error: 'Missing id or decision' }, { status: 400 })
+  }
+
+  const validDecisions: ExecApprovalDecision[] = ['allow-once', 'allow-always', 'deny']
+  if (!validDecisions.includes(decision)) {
+    return NextResponse.json({ error: 'Invalid decision' }, { status: 400 })
+  }
+
+  const gw = await ensureGatewayConnected()
+  if (!gw) {
+    return NextResponse.json({ error: 'OpenClaw gateway not connected' }, { status: 503 })
+  }
+
+  try {
+    await gw.rpc('exec.approvals.resolve', { id, decision })
+    return NextResponse.json({ ok: true })
+  } catch (err: unknown) {
+    const message = err instanceof Error ? err.message : String(err)
+    return NextResponse.json({ error: message }, { status: 502 })
+  }
+}

package/src/app/api/openclaw/config-sync/route.ts

@@ -0,0 +1,33 @@
+import { NextResponse } from 'next/server'
+import { detectConfigIssues, repairConfigIssue } from '@/lib/server/openclaw-config-sync'
+
+/** GET — detect configuration issues */
+export async function GET() {
+  try {
+    const issues = await detectConfigIssues()
+    return NextResponse.json({ issues })
+  } catch (err: unknown) {
+    const message = err instanceof Error ? err.message : String(err)
+    return NextResponse.json({ error: message }, { status: 502 })
+  }
+}
+
+/** POST { issueId } — repair a specific issue */
+export async function POST(req: Request) {
+  const body = await req.json()
+  const { issueId } = body as { issueId?: string }
+  if (!issueId) {
+    return NextResponse.json({ error: 'Missing issueId' }, { status: 400 })
+  }
+
+  try {
+    const result = await repairConfigIssue(issueId)
+    if (!result.ok) {
+      return NextResponse.json({ error: result.error }, { status: 502 })
+    }
+    return NextResponse.json({ ok: true })
+  } catch (err: unknown) {
+    const message = err instanceof Error ? err.message : String(err)
+    return NextResponse.json({ error: message }, { status: 502 })
+  }
+}

package/src/app/api/openclaw/cron/route.ts

@@ -0,0 +1,52 @@
+import { NextResponse } from 'next/server'
+import { ensureGatewayConnected } from '@/lib/server/openclaw-gateway'
+import type { GatewayCronJob } from '@/types'
+
+/** GET — list all cron jobs from gateway */
+export async function GET() {
+  const gw = await ensureGatewayConnected()
+  if (!gw) {
+    return NextResponse.json({ error: 'Gateway not connected' }, { status: 503 })
+  }
+
+  try {
+    const result = await gw.rpc('cron.list', { includeDisabled: true }) as GatewayCronJob[] | undefined
+    return NextResponse.json(result ?? [])
+  } catch (err: unknown) {
+    const message = err instanceof Error ? err.message : String(err)
+    return NextResponse.json({ error: message }, { status: 502 })
+  }
+}
+
+/** POST { action, ...params } — add/run/remove cron jobs */
+export async function POST(req: Request) {
+  const body = await req.json()
+  const { action, ...params } = body as { action: string; [key: string]: unknown }
+
+  const gw = await ensureGatewayConnected()
+  if (!gw) {
+    return NextResponse.json({ error: 'Gateway not connected' }, { status: 503 })
+  }
+
+  try {
+    switch (action) {
+      case 'add': {
+        const result = await gw.rpc('cron.add', params.job)
+        return NextResponse.json({ ok: true, result })
+      }
+      case 'run': {
+        const result = await gw.rpc('cron.run', { id: params.id, mode: 'force' })
+        return NextResponse.json({ ok: true, result })
+      }
+      case 'remove': {
+        await gw.rpc('cron.remove', { id: params.id })
+        return NextResponse.json({ ok: true })
+      }
+      default:
+        return NextResponse.json({ error: `Unknown action: ${action}` }, { status: 400 })
+    }
+  } catch (err: unknown) {
+    const message = err instanceof Error ? err.message : String(err)
+    return NextResponse.json({ error: message }, { status: 502 })
+  }
+}

package/src/app/api/openclaw/directory/route.ts

@@ -3,7 +3,7 @@ export const dynamic = 'force-dynamic'
 
 export async function GET() {
   try {
-    const { listRunningConnectors, getRunningInstance } = await import('@/lib/server/connectors/manager')
+    const { listRunningConnectors } = await import('@/lib/server/connectors/manager')
     const openclawConnectors = listRunningConnectors('openclaw')
 
     if (!openclawConnectors.length) {
@@ -20,7 +20,8 @@ export async function GET() {
       })),
       note: 'Directory listing requires OpenClaw gateway directory.list RPC support.',
     })
-  } catch (err: any) {
-    return NextResponse.json({ error: err.message || 'Directory listing failed' }, { status: 500 })
+  } catch (err: unknown) {
+    const message = err instanceof Error ? err.message : 'Directory listing failed'
+    return NextResponse.json({ error: message }, { status: 500 })
   }
 }

package/src/app/api/openclaw/discover/route.ts

@@ -55,7 +55,8 @@ export async function GET() {
 
     const results = await Promise.all(probes)
     return NextResponse.json({ gateways: results })
-  } catch (err: any) {
-    return NextResponse.json({ error: err.message || 'Discovery failed' }, { status: 500 })
+  } catch (err: unknown) {
+    const message = err instanceof Error ? err.message : 'Discovery failed'
+    return NextResponse.json({ error: message }, { status: 500 })
   }
 }

package/src/app/api/openclaw/dotenv-keys/route.ts

@@ -0,0 +1,18 @@
+import { NextResponse } from 'next/server'
+import { ensureGatewayConnected } from '@/lib/server/openclaw-gateway'
+
+/** GET — list env var keys from gateway .env */
+export async function GET() {
+  const gw = await ensureGatewayConnected()
+  if (!gw) {
+    return NextResponse.json({ error: 'OpenClaw gateway not connected' }, { status: 503 })
+  }
+
+  try {
+    const result = await gw.rpc('env.keys') as string[] | undefined
+    return NextResponse.json(result ?? [])
+  } catch (err: unknown) {
+    const message = err instanceof Error ? err.message : String(err)
+    return NextResponse.json({ error: message }, { status: 502 })
+  }
+}

package/src/app/api/openclaw/exec-config/route.ts

@@ -0,0 +1,41 @@
+import { NextResponse } from 'next/server'
+import { getExecConfig, setExecConfig } from '@/lib/server/openclaw-exec-config'
+import type { ExecApprovalConfig } from '@/types'
+
+/** GET ?agentId=X — fetch exec approval config */
+export async function GET(req: Request) {
+  const { searchParams } = new URL(req.url)
+  const agentId = searchParams.get('agentId')
+  if (!agentId) {
+    return NextResponse.json({ error: 'Missing agentId' }, { status: 400 })
+  }
+
+  try {
+    const snapshot = await getExecConfig(agentId)
+    return NextResponse.json(snapshot)
+  } catch (err: unknown) {
+    const message = err instanceof Error ? err.message : String(err)
+    return NextResponse.json({ error: message }, { status: 502 })
+  }
+}
+
+/** PUT { agentId, config, baseHash } — save exec approval config */
+export async function PUT(req: Request) {
+  const body = await req.json()
+  const { agentId, config, baseHash } = body as {
+    agentId?: string
+    config?: ExecApprovalConfig
+    baseHash?: string
+  }
+  if (!agentId || !config) {
+    return NextResponse.json({ error: 'Missing agentId or config' }, { status: 400 })
+  }
+
+  try {
+    const result = await setExecConfig(agentId, config, baseHash ?? '')
+    return NextResponse.json(result)
+  } catch (err: unknown) {
+    const message = err instanceof Error ? err.message : String(err)
+    return NextResponse.json({ error: message }, { status: 502 })
+  }
+}