agent-relay 3.1.6 → 3.1.8

package/packages/openclaw/src/config.ts

@@ -1,14 +1,14 @@
 import { readFile, writeFile, mkdir } from 'node:fs/promises';
-import { join } from 'node:path';
+import { join, dirname, basename } from 'node:path';
 import { homedir } from 'node:os';
-import { existsSync } from 'node:fs';
+import { existsSync, readFileSync } from 'node:fs';
 
 import type { GatewayConfig } from './types.js';
 
 export interface OpenClawDetection {
   /** Whether OpenClaw is installed. */
   installed: boolean;
-  /** Path to ~/.openclaw/ */
+  /** Path to ~/.openclaw/ (or ~/.clawdbot/ for Clawdbot variant) */
   homeDir: string;
   /** Path to ~/.openclaw/workspace/ */
   workspaceDir: string;
@@ -16,19 +16,105 @@ export interface OpenClawDetection {
   configFile: string | null;
   /** Parsed openclaw.json (if exists). */
   config: Record<string, unknown> | null;
+  /** Detected variant: 'clawdbot' or 'openclaw'. */
+  variant: 'clawdbot' | 'openclaw';
+  /** Config filename (e.g. 'clawdbot.json' or 'openclaw.json'). */
+  configFilename: string;
 }
 
-/** Default OpenClaw config directory. Prefers OPENCLAW_HOME env var. */
+/**
+ * Determine whether a directory has a valid, parseable config file.
+ * Uses sync I/O — only called during startup, not on hot path.
+ */
+function hasValidConfig(dir: string, filename: string): boolean {
+  const configPath = join(dir, filename);
+  if (!existsSync(configPath)) return false;
+  try {
+    const raw = readFileSync(configPath, 'utf-8');
+    JSON.parse(raw);
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+/** Default OpenClaw config directory. Checks env vars and probes for Clawdbot variant. */
 export function openclawHome(): string {
-  return process.env.OPENCLAW_HOME || join(homedir(), '.openclaw');
+  if (process.env.OPENCLAW_CONFIG_PATH) {
+    // Direct config file path — return its parent directory
+    return dirname(process.env.OPENCLAW_CONFIG_PATH);
+  }
+  if (process.env.OPENCLAW_HOME) {
+    return process.env.OPENCLAW_HOME;
+  }
+  // Probe by valid config file presence (not just directory existence).
+  // When both dirs exist, prefer the one with a valid config file.
+  const clawdbotHome = join(homedir(), '.clawdbot');
+  const openclawHomePath = join(homedir(), '.openclaw');
+  const clawdbotValid = hasValidConfig(clawdbotHome, 'clawdbot.json');
+  const openclawValid = hasValidConfig(openclawHomePath, 'openclaw.json');
+
+  if (clawdbotValid && !openclawValid) return clawdbotHome;
+  if (openclawValid && !clawdbotValid) return openclawHomePath;
+  // Both valid or neither valid — prefer clawdbot if its dir exists (marketplace image)
+  if (existsSync(clawdbotHome)) return clawdbotHome;
+  return openclawHomePath;
 }
 
 /**
  * Detect whether OpenClaw is installed and return paths/config.
  */
 export async function detectOpenClaw(): Promise<OpenClawDetection> {
-  const homeDir = openclawHome();
-  const configPath = join(homeDir, 'openclaw.json');
+  // Determine variant and config filename
+  let homeDir: string;
+  let variant: 'clawdbot' | 'openclaw';
+  let configFilename: string;
+
+  if (process.env.OPENCLAW_CONFIG_PATH) {
+    // Direct config file path provided
+    homeDir = dirname(process.env.OPENCLAW_CONFIG_PATH);
+    const base = basename(process.env.OPENCLAW_CONFIG_PATH);
+    configFilename = base;
+    variant = base === 'clawdbot.json' ? 'clawdbot' : 'openclaw';
+  } else if (process.env.OPENCLAW_HOME) {
+    homeDir = process.env.OPENCLAW_HOME;
+    // Check if the home dir looks like a Clawdbot installation
+    const clawdbotConfig = join(homeDir, 'clawdbot.json');
+    if (existsSync(clawdbotConfig)) {
+      variant = 'clawdbot';
+      configFilename = 'clawdbot.json';
+    } else {
+      variant = 'openclaw';
+      configFilename = 'openclaw.json';
+    }
+  } else {
+    // Probe by valid config file, not just directory existence.
+    const clawdbotHome = join(homedir(), '.clawdbot');
+    const openclawHomePath = join(homedir(), '.openclaw');
+    const clawdbotValid = hasValidConfig(clawdbotHome, 'clawdbot.json');
+    const openclawValid = hasValidConfig(openclawHomePath, 'openclaw.json');
+
+    if (clawdbotValid && !openclawValid) {
+      homeDir = clawdbotHome;
+      variant = 'clawdbot';
+      configFilename = 'clawdbot.json';
+    } else if (openclawValid && !clawdbotValid) {
+      homeDir = openclawHomePath;
+      variant = 'openclaw';
+      configFilename = 'openclaw.json';
+    } else if (existsSync(clawdbotHome)) {
+      // Both valid or neither — prefer clawdbot if present (marketplace image)
+      homeDir = clawdbotHome;
+      variant = 'clawdbot';
+      configFilename = 'clawdbot.json';
+    } else {
+      homeDir = openclawHomePath;
+      variant = 'openclaw';
+      configFilename = 'openclaw.json';
+    }
+  }
+
+  const configPath = join(homeDir, configFilename);
   const workspaceDir = join(homeDir, 'workspace');
 
   const installed = existsSync(homeDir);
@@ -45,7 +131,7 @@ export async function detectOpenClaw(): Promise<OpenClawDetection> {
     }
   }
 
-  return { installed, homeDir, workspaceDir, configFile, config };
+  return { installed, homeDir, workspaceDir, configFile, config, variant, configFilename };
 }
 
 /**

package/packages/openclaw/src/gateway.ts

@@ -1,4 +1,4 @@
-import { createHash, createPrivateKey, generateKeyPairSync, sign, type KeyObject } from 'node:crypto';
+import { createHash, createPrivateKey, createPublicKey, generateKeyPairSync, sign, type KeyObject } from 'node:crypto';
 import { chmod, readFile, rename, writeFile, mkdir } from 'node:fs/promises';
 import { createServer, type Server as HttpServer, type IncomingMessage, type ServerResponse } from 'node:http';
 import { join } from 'node:path';
@@ -49,13 +49,75 @@ function normalizeChannelName(channel: string): string {
 // Ed25519 device identity for OpenClaw gateway WebSocket auth
 // ---------------------------------------------------------------------------
 
+// ---------------------------------------------------------------------------
+// Auth profile system — deterministic profile selection for WS auth across
+// OpenClaw/Clawdbot versions. Profiles define key encoding, signature format,
+// and payload canonicalization for the device auth handshake.
+// ---------------------------------------------------------------------------
+
+interface AuthProfile {
+  /** Human-readable profile name (logged on each auth attempt). */
+  name: string;
+  /** Encoding for the public key sent in the connect message. */
+  publicKeyFormat: 'raw-base64url' | 'spki-pem';
+  /** Encoding for the Ed25519 signature. */
+  signatureEncoding: 'base64url' | 'base64';
+}
+
+const AUTH_PROFILES: Record<string, AuthProfile> = {
+  default: {
+    name: 'default',
+    publicKeyFormat: 'raw-base64url',
+    signatureEncoding: 'base64url',
+  },
+  'clawdbot-v1': {
+    name: 'clawdbot-v1',
+    publicKeyFormat: 'spki-pem',
+    signatureEncoding: 'base64',
+  },
+};
+
+/**
+ * Resolve the auth profile to use. Selection priority:
+ * 1. Explicit env var `OPENCLAW_WS_AUTH_COMPAT` (manual override, highest priority)
+ * 2. Variant detection: `~/.clawdbot/` detected → clawdbot-v1
+ * 3. Default profile (standard OpenClaw, unchanged)
+ */
+function resolveAuthProfile(): AuthProfile {
+  // 1. Manual override (highest priority)
+  const envVal = process.env.OPENCLAW_WS_AUTH_COMPAT;
+  if (envVal === 'clawdbot' || envVal === 'clawdbot-v1') {
+    return AUTH_PROFILES['clawdbot-v1'];
+  }
+  if (envVal && AUTH_PROFILES[envVal]) {
+    return AUTH_PROFILES[envVal];
+  }
+
+  // 2. Variant detection via config path
+  const home = process.env.OPENCLAW_HOME || process.env.OPENCLAW_CONFIG_PATH || '';
+  if (home.includes('.clawdbot') || home.includes('clawdbot')) {
+    return AUTH_PROFILES['clawdbot-v1'];
+  }
+
+  // 3. Default
+  return AUTH_PROFILES['default'];
+}
+
+/** Backward-compat helper — returns 'clawdbot' when using clawdbot profile. */
+type WsAuthCompat = 'clawdbot' | undefined;
+function getWsAuthCompat(): WsAuthCompat {
+  const profile = resolveAuthProfile();
+  return profile.name === 'clawdbot-v1' ? 'clawdbot' : undefined;
+}
+
 interface DeviceIdentity {
-  publicKeyB64: string;    // base64url-encoded raw Ed25519 public key
+  publicKeyB64: string;    // base64url-encoded raw Ed25519 public key (default mode)
+  publicKeyPem?: string;   // PEM-encoded SPKI public key (clawdbot compat mode)
   privateKeyObj: KeyObject; // Node.js KeyObject for signing
   deviceId: string;         // SHA-256 hex of the raw public key
 }
 
-function generateDeviceIdentity(): DeviceIdentity {
+function generateDeviceIdentity(compat?: WsAuthCompat): DeviceIdentity {
   const { publicKey, privateKey } = generateKeyPairSync('ed25519');
 
   // Extract raw 32-byte public key from SPKI DER (12-byte header for Ed25519)
@@ -64,11 +126,17 @@ function generateDeviceIdentity(): DeviceIdentity {
   const deviceId = createHash('sha256').update(rawPublicBytes).digest('hex');
   const publicKeyB64 = Buffer.from(rawPublicBytes).toString('base64url');
 
-  return {
+  const identity: DeviceIdentity = {
     publicKeyB64,
     privateKeyObj: privateKey,
     deviceId,
   };
+
+  if (compat === 'clawdbot') {
+    identity.publicKeyPem = publicKey.export({ type: 'spki', format: 'pem' }) as string;
+  }
+
+  return identity;
 }
 
 /** Path to persisted device identity file. */
@@ -80,6 +148,10 @@ interface PersistedDevice {
   publicKeyB64: string;
   privateKeyPkcs8B64: string; // base64-encoded PKCS#8 DER
   deviceId: string;
+  /** PEM-encoded SPKI public key — present when generated with clawdbot compat mode. */
+  publicKeyPem?: string;
+  /** PEM-encoded PKCS#8 private key — present when generated with clawdbot compat mode. */
+  privateKeyPem?: string;
 }
 
 /**
@@ -89,6 +161,7 @@ interface PersistedDevice {
  */
 async function loadOrCreateDeviceIdentity(): Promise<DeviceIdentity> {
   const filePath = deviceIdentityPath();
+  const compat = getWsAuthCompat();
 
   // Attempt to load existing identity (no existsSync — just try the read)
   try {
@@ -102,11 +175,31 @@ async function loadOrCreateDeviceIdentity(): Promise<DeviceIdentity> {
     // Ensure permissions are tight even if file was created with looser perms
     await chmod(filePath, 0o600).catch(() => {});
     console.log(`[openclaw-ws] Loaded persisted device identity (deviceId=${persisted.deviceId.slice(0, 12)}...)`);
-    return {
+
+    const identity: DeviceIdentity = {
       publicKeyB64: persisted.publicKeyB64,
       privateKeyObj,
       deviceId: persisted.deviceId,
     };
+
+    // If compat mode is clawdbot but the persisted device has no PEM keys,
+    // derive them on-the-fly from the existing DER key material.
+    if (compat === 'clawdbot') {
+      if (persisted.publicKeyPem) {
+        identity.publicKeyPem = persisted.publicKeyPem;
+      } else {
+        // Reconstruct SPKI public key from the stored base64url raw bytes
+        const rawPublicBytes = Buffer.from(persisted.publicKeyB64, 'base64url');
+        // Ed25519 SPKI DER = 12-byte header + 32-byte raw key
+        const spkiHeader = Buffer.from('302a300506032b6570032100', 'hex');
+        const spkiDer = Buffer.concat([spkiHeader, rawPublicBytes]);
+        const publicKeyObj = createPublicKey({ key: spkiDer, format: 'der', type: 'spki' });
+        identity.publicKeyPem = publicKeyObj.export({ type: 'spki', format: 'pem' }) as string;
+        console.log('[openclaw-ws] Derived PEM public key from existing DER key for clawdbot compat mode');
+      }
+    }
+
+    return identity;
   } catch (err) {
     // ENOENT is expected on first run; other errors mean corruption
     if ((err as NodeJS.ErrnoException).code !== 'ENOENT') {
@@ -115,7 +208,7 @@ async function loadOrCreateDeviceIdentity(): Promise<DeviceIdentity> {
   }
 
   // Generate fresh and persist via atomic write-then-rename
-  const identity = generateDeviceIdentity();
+  const identity = generateDeviceIdentity(compat);
   const pkcs8Der = identity.privateKeyObj.export({ type: 'pkcs8', format: 'der' });
   const persisted: PersistedDevice = {
     publicKeyB64: identity.publicKeyB64,
@@ -123,6 +216,11 @@ async function loadOrCreateDeviceIdentity(): Promise<DeviceIdentity> {
     deviceId: identity.deviceId,
   };
 
+  if (compat === 'clawdbot' && identity.publicKeyPem) {
+    persisted.publicKeyPem = identity.publicKeyPem;
+    persisted.privateKeyPem = identity.privateKeyObj.export({ type: 'pkcs8', format: 'pem' }) as string;
+  }
+
   try {
     const dir = join(openclawHome(), 'workspace', 'relaycast');
     await mkdir(dir, { recursive: true });
@@ -151,6 +249,8 @@ function signConnectPayload(
     nonce: string;
   },
 ): string {
+  const profile = resolveAuthProfile();
+
   // v3 payload format: v3|deviceId|clientId|clientMode|role|scopes|signedAtMs|token|nonce|platform|deviceFamily
   const payload = [
     'v3',
@@ -168,9 +268,14 @@ function signConnectPayload(
 
   const payloadBytes = Buffer.from(payload, 'utf-8');
 
+  // Diagnostic logging: selected profile + pre-auth fingerprint (no secrets).
+  const payloadHash = createHash('sha256').update(payloadBytes).digest('hex').slice(0, 16);
+  console.log(`[ws-auth] profile=${profile.name} deviceId=${device.deviceId.slice(0, 16)}... keyFormat=${profile.publicKeyFormat} sigEncoding=${profile.signatureEncoding} payloadHash=${payloadHash}`);
+
   // Ed25519 sign — no hash algorithm needed (null), it's built into Ed25519
   const signature = sign(null, payloadBytes, device.privateKeyObj);
-  return Buffer.from(signature).toString('base64url');
+
+  return Buffer.from(signature).toString(profile.signatureEncoding);
 }
 
 
@@ -206,11 +311,13 @@ export class OpenClawGatewayClient {
   private static readonly MAX_CONSECUTIVE_FAILURES = 5;
   private static readonly BASE_RECONNECT_MS = 3_000;
   private static readonly MAX_RECONNECT_MS = 30_000;
+  /** Slow retry interval after pairing rejection or max failures (60s). */
+  private static readonly PAIRING_RETRY_MS = 60_000;
 
   constructor(token: string, port: number, device?: DeviceIdentity) {
     this.token = token;
     this.port = port;
-    this.device = device ?? generateDeviceIdentity();
+    this.device = device ?? generateDeviceIdentity(getWsAuthCompat());
   }
 
   /**
@@ -292,7 +399,8 @@ export class OpenClawGatewayClient {
       // Detect pairing rejection: code 1008 (Policy Violation) with pairing reason
       if (code === 1008 && /pairing|not.paired/i.test(reasonStr)) {
         console.error('[openclaw-ws] Connection closed due to pairing policy. Device is not paired.');
-        console.error('[openclaw-ws] Ensure OPENCLAW_GATEWAY_TOKEN matches ~/.openclaw/openclaw.json gateway.auth.token');
+        console.error(`[openclaw-ws] Device ID: ${this.device.deviceId.slice(0, 16)}...`);
+        console.error('[openclaw-ws] Run: openclaw devices approve <requestId> (check gateway logs for requestId)');
         this.pairingRejected = true;
       }
 
@@ -310,7 +418,7 @@ export class OpenClawGatewayClient {
         this.connectReject = null;
         this.connectResolve = null;
       }
-      if (!this.stopped && !this.pairingRejected) {
+      if (!this.stopped) {
         this.scheduleReconnect();
       }
     });
@@ -360,6 +468,12 @@ export class OpenClawGatewayClient {
         nonce: payload.nonce,
       });
 
+      // Select public key format based on resolved auth profile.
+      const profile = resolveAuthProfile();
+      const publicKeyField = profile.publicKeyFormat === 'spki-pem' && this.device.publicKeyPem
+        ? this.device.publicKeyPem
+        : this.device.publicKeyB64;
+
       if (!this.ws || this.ws.readyState !== WebSocket.OPEN) {
         console.warn('[openclaw-ws] WebSocket not open when trying to send connect');
         return;
@@ -388,7 +502,7 @@ export class OpenClawGatewayClient {
           userAgent: 'relaycast-gateway/1.0.0',
           device: {
             id: this.device.deviceId,
-            publicKey: this.device.publicKeyB64,
+            publicKey: publicKeyField,
             signature,
             signedAt,
             nonce: payload.nonce,
@@ -413,8 +527,17 @@ export class OpenClawGatewayClient {
         const isPairing = /pairing.required|not.paired/i.test(errStr);
 
         if (isPairing) {
+          const errObj = msg.error as Record<string, unknown> | undefined;
+          const requestId = errObj?.requestId ?? errObj?.request_id ?? '';
           console.error('[openclaw-ws] Pairing rejected — device is not paired with the OpenClaw gateway.');
-          console.error('[openclaw-ws] Ensure OPENCLAW_GATEWAY_TOKEN matches ~/.openclaw/openclaw.json gateway.auth.token');
+          if (requestId) {
+            console.error(`[openclaw-ws] Approve this device:  openclaw devices approve ${requestId}`);
+          }
+          console.error(`[openclaw-ws] Device ID: ${this.device.deviceId.slice(0, 16)}...`);
+          const configHint = getWsAuthCompat() === 'clawdbot'
+            ? '~/.clawdbot/clawdbot.json'
+            : '~/.openclaw/openclaw.json';
+          console.error(`[openclaw-ws] Ensure OPENCLAW_GATEWAY_TOKEN matches ${configHint} gateway.auth.token`);
           this.pairingRejected = true;
         } else {
           console.warn(`[openclaw-ws] Auth rejected: ${errStr}`);
@@ -494,16 +617,27 @@ export class OpenClawGatewayClient {
   }
 
   private scheduleReconnect(): void {
-    if (this.stopped || this.pairingRejected || this.reconnectTimer) return;
-
-    this.consecutiveFailures++;
-
-    if (this.consecutiveFailures >= OpenClawGatewayClient.MAX_CONSECUTIVE_FAILURES) {
-      console.warn(`[openclaw-ws] ${this.consecutiveFailures} consecutive connection failures — stopping reconnect.`);
-      console.warn('[openclaw-ws] Check that the OpenClaw gateway is running and OPENCLAW_GATEWAY_TOKEN is correct.');
+    if (this.stopped || this.reconnectTimer) return;
+
+    // After pairing rejection or max failures, switch to slow periodic retry
+    // so the gateway can self-heal once pairing is approved externally.
+    if (this.pairingRejected || this.consecutiveFailures >= OpenClawGatewayClient.MAX_CONSECUTIVE_FAILURES) {
+      if (this.consecutiveFailures === OpenClawGatewayClient.MAX_CONSECUTIVE_FAILURES) {
+        console.warn(`[openclaw-ws] ${this.consecutiveFailures} consecutive failures — switching to slow retry (every 60s).`);
+        console.warn('[openclaw-ws] Check that the OpenClaw gateway is running and OPENCLAW_GATEWAY_TOKEN is correct.');
+      }
+      this.consecutiveFailures++;
+      console.log(`[openclaw-ws] Slow retry in ${OpenClawGatewayClient.PAIRING_RETRY_MS / 1000}s...`);
+      this.reconnectTimer = setTimeout(() => {
+        this.reconnectTimer = null;
+        this.pairingRejected = false; // Clear flag so connect attempt proceeds
+        this.doConnect();
+      }, OpenClawGatewayClient.PAIRING_RETRY_MS);
       return;
     }
 
+    this.consecutiveFailures++;
+
     const delay = Math.min(
       OpenClawGatewayClient.BASE_RECONNECT_MS * Math.pow(2, this.consecutiveFailures - 1),
       OpenClawGatewayClient.MAX_RECONNECT_MS,

package/packages/openclaw/src/setup.ts

@@ -5,6 +5,7 @@ import { existsSync } from 'node:fs';
 import { hostname } from 'node:os';
 import { fileURLToPath } from 'node:url';
 import { spawn as spawnProcess, execFileSync } from 'node:child_process';
+import { randomBytes } from 'node:crypto';
 
 import { RelayCast } from '@relaycast/sdk';
 
@@ -25,6 +26,23 @@ function extractNestedValue(obj: unknown, path: string): unknown {
   return current;
 }
 
+/**
+ * Set a deeply nested value in an object by dot-separated path, creating
+ * intermediate objects as needed.
+ */
+function setNestedValue(obj: Record<string, unknown>, path: string, value: unknown): void {
+  const keys = path.split('.');
+  let current: Record<string, unknown> = obj;
+  for (let i = 0; i < keys.length - 1; i++) {
+    const key = keys[i];
+    if (current[key] == null || typeof current[key] !== 'object') {
+      current[key] = {};
+    }
+    current = current[key] as Record<string, unknown>;
+  }
+  current[keys[keys.length - 1]] = value;
+}
+
 /**
  * Resolve how to invoke mcporter. Prefers a global binary, falls back to npx.
  */
@@ -98,14 +116,18 @@ export async function setup(options: SetupOptions): Promise<SetupResult> {
   const baseUrl = options.baseUrl ?? 'https://api.relaycast.dev';
   const channels = options.channels ?? ['general'];
 
+  // CLI name for restart reminder messages (based on detected variant)
+  const cliName = detection.variant === 'clawdbot' ? 'clawdbot' : 'openclaw';
+  const serviceName = detection.variant === 'clawdbot' ? 'clawdbot' : 'openclaw';
+
   if (!detection.installed) {
     // Auto-create ~/.openclaw/ if OpenClaw binary is available but the config dir
     // doesn't exist yet (common in Docker images before onboarding).
     try {
       await mkdir(detection.homeDir, { recursive: true });
       await mkdir(join(detection.homeDir, 'workspace'), { recursive: true });
-      // Write a minimal openclaw.json so MCP servers can be registered
-      const configPath = join(detection.homeDir, 'openclaw.json');
+      // Write a minimal config file so MCP servers can be registered
+      const configPath = join(detection.homeDir, detection.configFilename);
       if (!existsSync(configPath)) {
         await writeFile(configPath, JSON.stringify({ mcpServers: {} }, null, 2) + '\n', 'utf-8');
       }
@@ -126,14 +148,48 @@ export async function setup(options: SetupOptions): Promise<SetupResult> {
 
   // Enable the OpenResponses HTTP API so the inbound gateway can inject
   // messages via POST /v1/responses on the local OpenClaw gateway.
-  try {
-    execFileSync('openclaw', [
+  // Try CLI names in order: openclaw, clawdbot, clawdbot-cli.sh.
+  // If all CLI calls fail, mutate the config JSON directly.
+  let configMutated = false;
+  {
+    const httpEndpointArgs = [
       'config', 'set',
       'gateway.http.endpoints.responses.enabled', 'true',
-    ], { stdio: 'pipe' });
-  } catch {
-    console.warn('Could not enable OpenResponses API (non-fatal). Enable manually:');
-    console.warn('  openclaw config set gateway.http.endpoints.responses.enabled true');
+    ];
+    const cliCandidates = ['openclaw', 'clawdbot', 'clawdbot-cli.sh'];
+    let cliSuccess = false;
+
+    for (const cli of cliCandidates) {
+      try {
+        execFileSync(cli, httpEndpointArgs, { stdio: 'pipe' });
+        cliSuccess = true;
+        break;
+      } catch {
+        // Try next candidate
+      }
+    }
+
+    if (!cliSuccess) {
+      // Fall back to direct JSON config file mutation
+      if (detection.configFile) {
+        try {
+          const raw = await readFile(detection.configFile, 'utf-8');
+          const cfg = JSON.parse(raw) as Record<string, unknown>;
+          setNestedValue(cfg, 'gateway.http.endpoints.responses.enabled', true);
+          await writeFile(detection.configFile, JSON.stringify(cfg, null, 2) + '\n', 'utf-8');
+          // Reload config in detection
+          detection.config = cfg;
+          configMutated = true;
+          console.log('[setup] Enabled gateway.http.endpoints.responses.enabled via config file.');
+        } catch (writeErr) {
+          console.warn('Could not enable OpenResponses API (non-fatal). Enable manually:');
+          console.warn(`  ${cliName} config set gateway.http.endpoints.responses.enabled true`);
+        }
+      } else {
+        console.warn('Could not enable OpenResponses API (non-fatal). Enable manually:');
+        console.warn(`  ${cliName} config set gateway.http.endpoints.responses.enabled true`);
+      }
+    }
   }
 
   // Resolve API key: use provided key or create a new workspace
@@ -220,19 +276,63 @@ export async function setup(options: SetupOptions): Promise<SetupResult> {
     );
   }
 
-  // Extract gateway auth from openclaw.json (if available)
-  const openclawGatewayToken =
+  // Extract gateway auth from config (if available). Auto-generate if missing.
+  let openclawGatewayToken: string | undefined =
     process.env.OPENCLAW_GATEWAY_TOKEN ??
     (extractNestedValue(detection.config, 'gateway.auth.token') as string | undefined);
+
   const openclawGatewayPortRaw =
     process.env.OPENCLAW_GATEWAY_PORT ??
     (extractNestedValue(detection.config, 'gateway.port') as number | string | undefined);
   const openclawGatewayPort = openclawGatewayPortRaw ? Number(openclawGatewayPortRaw) : undefined;
 
   if (!openclawGatewayToken) {
-    console.warn('[setup] No gateway token found in openclaw.json or OPENCLAW_GATEWAY_TOKEN env.');
-    console.warn('[setup] Inbound gateway may fail to pair. Set it manually:');
-    console.warn('[setup]   export OPENCLAW_GATEWAY_TOKEN=$(cat ~/.openclaw/openclaw.json | jq -r .gateway.auth.token)');
+    // Generate a random token and persist it to the config file
+    const generated = randomBytes(16).toString('hex');
+    openclawGatewayToken = generated;
+    console.log('[setup] No gateway token found — generating one and writing to config file.');
+
+    if (detection.configFile) {
+      try {
+        const raw = await readFile(detection.configFile, 'utf-8');
+        const cfg = JSON.parse(raw) as Record<string, unknown>;
+        setNestedValue(cfg, 'gateway.auth.token', generated);
+        await writeFile(detection.configFile, JSON.stringify(cfg, null, 2) + '\n', 'utf-8');
+        detection.config = cfg;
+        configMutated = true;
+      } catch (writeErr) {
+        console.warn(`[setup] Could not write generated token to config file: ${writeErr instanceof Error ? writeErr.message : String(writeErr)}`);
+      }
+    } else {
+      console.warn('[setup] No config file available to persist generated token. Set manually:');
+      console.warn(`[setup]   export OPENCLAW_GATEWAY_TOKEN=${generated}`);
+    }
+  }
+
+  // Print restart reminder if any config mutations were made
+  if (configMutated) {
+    console.log('');
+    console.log('Config changes detected. Restart the gateway to apply:');
+    console.log(`  systemctl restart ${serviceName}`);
+    if (serviceName !== 'openclaw') {
+      console.log(`  # or: systemctl restart openclaw`);
+    }
+    console.log(`  # or restart manually if not using systemd`);
+    console.log('');
+  }
+
+  // Exec policy preflight warning — warn when security is missing OR not 'full'
+  {
+    const execSecurity = extractNestedValue(detection.config, 'tools.exec.security') as string | undefined;
+    if (execSecurity !== 'full') {
+      console.warn('');
+      console.warn('Warning: Execution policies may be locked down. If the agent can only chat:');
+      console.warn(`  ${cliName} config set tools.exec.host gateway`);
+      console.warn(`  ${cliName} config set tools.exec.ask off`);
+      console.warn(`  ${cliName} config set tools.exec.security full`);
+      console.warn(`  systemctl restart ${serviceName}`);
+      console.warn('');
+    }
   }
 
   // Save gateway config (.env)

package/packages/policy/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agent-relay/policy",
-  "version": "3.1.6",
+  "version": "3.1.8",
   "description": "Agent policy management with multi-level fallback (repo, local PRPM, cloud workspace)",
   "type": "module",
   "main": "dist/index.js",
@@ -22,7 +22,7 @@
     "test:watch": "vitest"
   },
   "dependencies": {
-    "@agent-relay/config": "3.1.6"
+    "@agent-relay/config": "3.1.8"
   },
   "devDependencies": {
     "@types/node": "^22.19.3",

package/packages/sdk/dist/client.js

@@ -516,6 +516,7 @@ function detectPlatformSuffix() {
     const platformMap = {
         darwin: { arm64: 'darwin-arm64', x64: 'darwin-x64' },
         linux: { arm64: 'linux-arm64', x64: 'linux-x64' },
+        win32: { x64: 'win32-x64' },
     };
     return platformMap[process.platform]?.[process.arch] ?? null;
 }
@@ -595,21 +596,18 @@ function resolveDefaultBinaryPath() {
     if (fs.existsSync(workspaceRelease)) {
         return workspaceRelease;
     }
-    // 2. Check for bundled broker binary in SDK package (npm install)
-    //    Try platform-specific name first (CI publishes per-platform binaries),
-    //    then fall back to the generic name (local dev / postinstall copy).
+    // 2. Check for bundled platform-specific broker binary in SDK package (npm install).
+    //    Only use binaries that match the current platform to avoid running
+    //    e.g. a macOS binary on Linux (or vice-versa).
     const binDir = path.resolve(moduleDir, '..', 'bin');
     const suffix = detectPlatformSuffix();
     if (suffix) {
-        const platformBinary = path.join(binDir, `agent-relay-broker-${suffix}`);
+        const ext = process.platform === 'win32' ? '.exe' : '';
+        const platformBinary = path.join(binDir, `agent-relay-broker-${suffix}${ext}`);
         if (fs.existsSync(platformBinary)) {
             return platformBinary;
         }
     }
-    const bundled = path.join(binDir, brokerExe);
-    if (fs.existsSync(bundled)) {
-        return bundled;
-    }
     // 3. Check for standalone broker binary in ~/.agent-relay/bin/ (install.sh)
     const homeDir = process.env.HOME || process.env.USERPROFILE || '';
     const standaloneBroker = path.join(homeDir, '.agent-relay', 'bin', brokerExe);