multiclaws 0.4.36 → 0.4.38

package/dist/service/a2a-adapter.js

@@ -2,6 +2,53 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.OpenClawAgentExecutor = void 0;
 const gateway_client_1 = require("../infra/gateway-client");
+/* ------------------------------------------------------------------ */
+/*  Risk classification                                                */
+/* ------------------------------------------------------------------ */
+/**
+ * Heuristic risk classifier. Returns "safe" only when the task is
+ * clearly a read-only query; defaults to "risky" for anything ambiguous.
+ *
+ * This drives the permission gate: risky tasks require explicit human
+ * approval before a sub-agent is spawned to execute them.
+ */
+function classifyTaskRisk(taskText) {
+    const text = taskText.toLowerCase();
+    // Explicit risky patterns (write / modify / execute / send)
+    const riskyPatterns = [
+        // English — word-boundary matched to avoid false positives
+        /\b(write|creat|delet|remov|modif|edit|updat|install|execut|deploy|push|commit|send|post|drop|format|rename|overwrite|reset|wipe|destroy|kill|terminat|rm|mkdir|touch|mv)\b/i,
+        // Chinese — multi-character phrases to avoid single-char false positives
+        // e.g. 安 alone would match 安排(schedule) or 安全(safe)
+        /写入|写文件|写邮件|写信|创建|新建|删除|移除|修改|更改|编辑|更新|升级|安装|部署|执行|运行命令|发送|发邮件|提交|推送|重命名|覆盖|重置|清空|清除|销毁|终止|停止服务|kill进程/,
+    ];
+    // Explicitly safe read-only patterns — checked BEFORE risky to avoid false positives
+    // (e.g. "查询并发送报告" is risky overall, but "查询" alone should be safe)
+    const safePatterns = [
+        // English read-only verbs
+        /\b(list|show|get|check|view|read|query|find|search|display|fetch|retriev|look|what|which|count|how many|summariz|describ|explain|analyz|report)\b/i,
+        // Chinese read-only verbs (multi-char to be specific)
+        /查看|查询|获取|搜索|显示|检查|列出|列举|统计|描述|分析|报告|读取|浏览/,
+        // Calendar / scheduling queries
+        /\b(calendar|schedule|event|meeting|free|busy|availab|appointment)\b/i,
+        /日历|日程|会议|空闲|忙碌|可用时间|时间段|什么时候|哪个时间|安排会议|约会|预约/,
+        // Process / system info queries
+        /\b(process|pid|cpu|memory|disk|uptime|version|status|running|service|log)\b/i,
+        /进程|内存|磁盘|系统状态|运行状态|版本信息|日志|监控/,
+    ];
+    // Safe check first — if clearly a read query, don't let ambiguous chars trigger risky
+    if (safePatterns.some((p) => p.test(text))) {
+        return "safe";
+    }
+    if (riskyPatterns.some((p) => p.test(text))) {
+        return "risky";
+    }
+    // Default: treat as risky if uncertain
+    return "risky";
+}
+/* ------------------------------------------------------------------ */
+/*  Helpers                                                            */
+/* ------------------------------------------------------------------ */
 function extractTextFromMessage(message) {
     if (!message.parts)
         return "";
@@ -15,22 +62,28 @@ function extractTextFromMessage(message) {
  *
  * When a remote agent sends a task via A2A `message/send`,
  * this executor:
- * 1. Records the task via TaskTracker
- * 2. Calls OpenClaw's `sessions_spawn` (run mode) to start execution
- * 3. Waits for the sub-agent to call back via `multiclaws_a2a_callback`
- * 4. Returns the final result as a Message
+ * 1. Classifies the task risk (safe vs risky)
+ * 2. Notifies the local human owner
+ * 3. For risky tasks: waits for explicit human approval
+ *    For safe tasks: executes immediately
+ * 4. Calls OpenClaw's `sessions_spawn` (run mode) to start execution
+ * 5. Waits for the sub-agent to call back via `multiclaws_a2a_callback`
+ * 6. Returns the final result as a Message
  */
 class OpenClawAgentExecutor {
     gatewayConfig;
     taskTracker;
     getNotificationTargets;
+    registerDiscoveredTarget;
     logger;
     cwd;
     pendingCallbacks = new Map();
+    pendingApprovals = new Map();
     constructor(options) {
         this.gatewayConfig = options.gatewayConfig;
         this.taskTracker = options.taskTracker;
         this.getNotificationTargets = options.getNotificationTargets ?? (() => new Map());
+        this.registerDiscoveredTarget = options.registerDiscoveredTarget;
         this.logger = options.logger;
         this.cwd = options.cwd || process.cwd();
     }
@@ -61,10 +114,49 @@ class OpenClawAgentExecutor {
             eventBus.finished();
             return;
         }
-        // Notify local user about incoming task
-        const notifyTargets = this.getNotificationTargets();
-        this.logger.info(`[a2a-adapter] task ${taskId} notifying user (${notifyTargets.size} targets)`);
-        void this.notifyUser(`📨 收到来自 **${fromAgentName}** 的委派任务：${taskText.slice(0, 200)}`);
+        // Classify risk and gate accordingly
+        const risk = classifyTaskRisk(taskText);
+        this.logger.info(`[a2a-adapter] task ${taskId} risk=${risk}`);
+        if (risk === "risky") {
+            // Notify with approval request and wait
+            const approvalTimeoutMs = 5 * 60 * 1000; // 5 minutes
+            const approvalPromise = this.createApprovalCallback(taskId, approvalTimeoutMs);
+            this.logger.info(`[a2a-adapter] task ${taskId} requesting human approval (timeout=${approvalTimeoutMs / 1000}s)`);
+            void this.notifyUser(buildApprovalRequest(taskId, fromAgentName, taskText));
+            let approved;
+            try {
+                approved = await approvalPromise;
+            }
+            catch (err) {
+                const isCanceled = err instanceof Error && err.message === "canceled";
+                if (isCanceled) {
+                    // Task was explicitly canceled — use the canonical "canceled" message
+                    this.logger.info(`[a2a-adapter] task ${taskId} canceled during approval wait`);
+                    this.taskTracker.update(taskId, { status: "failed", error: "canceled" });
+                    this.publishMessage(eventBus, "Task was canceled.");
+                    eventBus.finished();
+                    return;
+                }
+                // Approval timed out → auto-reject
+                approved = false;
+                this.logger.warn(`[a2a-adapter] task ${taskId} approval timed out — auto-rejected`);
+            }
+            if (!approved) {
+                const reason = "用户拒绝或未在超时时间内授权。";
+                this.logger.info(`[a2a-adapter] task ${taskId} rejected`);
+                this.taskTracker.update(taskId, { status: "failed", error: reason });
+                this.publishMessage(eventBus, `任务已被拒绝：${reason}`);
+                eventBus.finished();
+                return;
+            }
+            this.logger.info(`[a2a-adapter] task ${taskId} approved by user`);
+            void this.notifyUser(`✅ 已授权，开始执行来自 **${fromAgentName}** 的任务…`);
+        }
+        else {
+            // Safe task: notify but auto-execute
+            this.logger.info(`[a2a-adapter] task ${taskId} safe query — auto-executing`);
+            void this.notifyUser(`📨 收到来自 **${fromAgentName}** 的查询任务（安全，自动执行）：\n\n${taskText.slice(0, 300)}`);
+        }
         try {
             // Create a promise that resolves when sub-agent calls multiclaws_a2a_callback
             const timeoutMs = 180_000;
@@ -88,15 +180,17 @@ class OpenClawAgentExecutor {
             this.logger.info(`[a2a-adapter] task ${taskId} waiting for callback from sub-agent...`);
             // Wait for the sub-agent to call back
             const output = await resultPromise;
-            // Return result
+            // Return result and notify user
             this.taskTracker.update(taskId, { status: "completed", result: output });
             this.logger.info(`[a2a-adapter] ✓ task ${taskId} completed — resultLen=${output.length}, preview=${output.slice(0, 120)}`);
+            void this.notifyUser(`✅ **来自 ${fromAgentName} 的任务已完成**\n\n${output.slice(0, 800)}`);
             this.publishMessage(eventBus, output || "Task completed with no output.");
         }
         catch (err) {
             const errorMsg = err instanceof Error ? err.message : String(err);
             this.logger.error(`[a2a-adapter] ✗ task ${taskId} failed: ${errorMsg}`);
             this.taskTracker.update(taskId, { status: "failed", error: errorMsg });
+            void this.notifyUser(`❌ 来自 **${fromAgentName}** 的任务执行失败：${errorMsg}`);
             this.publishMessage(eventBus, `Error: ${errorMsg}`);
         }
         this.logger.info(`[a2a-adapter] task ${taskId} eventBus.finished()`);
@@ -118,8 +212,32 @@ class OpenClawAgentExecutor {
         pending.resolve(result);
         return true;
     }
+    /**
+     * Called when the local human owner approves or rejects a pending risky task.
+     * Returns true if a pending approval was found.
+     */
+    resolveApproval(taskId, approved) {
+        const pending = this.pendingApprovals.get(taskId);
+        if (!pending) {
+            this.logger.warn(`[a2a-adapter] resolveApproval: no pending approval for taskId=${taskId}`);
+            return false;
+        }
+        clearTimeout(pending.timer);
+        this.pendingApprovals.delete(taskId);
+        this.logger.info(`[a2a-adapter] resolveApproval: taskId=${taskId} approved=${approved}`);
+        pending.resolve(approved);
+        return true;
+    }
     async cancelTask(taskId, eventBus) {
         this.logger.info(`[a2a-adapter] cancelTask(taskId=${taskId})`);
+        // Reject pending approval if any — distinct from user-rejection, uses Error("canceled")
+        const approval = this.pendingApprovals.get(taskId);
+        if (approval) {
+            clearTimeout(approval.timer);
+            this.pendingApprovals.delete(taskId);
+            approval.reject(new Error("canceled"));
+            this.logger.info(`[a2a-adapter] cancelTask: pending approval canceled for taskId=${taskId}`);
+        }
         // Reject pending callback if any
         const pending = this.pendingCallbacks.get(taskId);
         if (pending) {
@@ -149,11 +267,78 @@ class OpenClawAgentExecutor {
             this.pendingCallbacks.set(taskId, { resolve, reject, timer });
         });
     }
+    /**
+     * Create a pending approval that resolves when the human owner responds,
+     * or rejects on timeout or cancellation.
+     */
+    createApprovalCallback(taskId, timeoutMs) {
+        return new Promise((resolve, reject) => {
+            const timer = setTimeout(() => {
+                this.pendingApprovals.delete(taskId);
+                this.logger.warn(`[a2a-adapter] task ${taskId} approval timed out after ${timeoutMs / 1000}s`);
+                reject(new Error(`approval timed out after ${timeoutMs / 1000}s`));
+            }, timeoutMs);
+            this.pendingApprovals.set(taskId, { resolve, reject, timer });
+        });
+    }
+    /**
+     * Discover the most recently active non-internal session via sessions_list.
+     * Used as fallback when no notification targets have been registered yet
+     * (e.g. right after a gateway restart before the user sends their first message).
+     */
+    async discoverActiveSession() {
+        if (!this.gatewayConfig)
+            return null;
+        try {
+            const result = await (0, gateway_client_1.invokeGatewayTool)({
+                gateway: this.gatewayConfig,
+                tool: "sessions_list",
+                args: { limit: 10, activeMinutes: 120 },
+                timeoutMs: 5_000,
+            });
+            const INTERNAL_PREFIXES = ["delegate-", "a2a-"];
+            const session = result?.sessions?.find((s) => s.sessionKey &&
+                !INTERNAL_PREFIXES.some((p) => s.sessionKey.startsWith(p)));
+            return session?.sessionKey ?? null;
+        }
+        catch (err) {
+            this.logger.warn(`[a2a-adapter] discoverActiveSession failed: ${err instanceof Error ? err.message : String(err)}`);
+            return null;
+        }
+    }
     /** Send a notification to all known targets. Individual failures are silently ignored. */
     async notifyUser(message) {
         const targets = this.getNotificationTargets();
-        if (!this.gatewayConfig || targets.size === 0) {
-            this.logger.info(`[a2a-adapter] notifyUser: skipped (gateway=${!!this.gatewayConfig}, targets=${targets.size})`);
+        if (!this.gatewayConfig) {
+            this.logger.info(`[a2a-adapter] notifyUser: skipped (no gateway config)`);
+            return;
+        }
+        // Fallback: no registered targets yet (e.g. right after gateway restart).
+        // Discover the active session and send directly via sessions_send.
+        if (targets.size === 0) {
+            this.logger.info(`[a2a-adapter] notifyUser: no registered targets — attempting session discovery`);
+            const sessionKey = await this.discoverActiveSession();
+            if (sessionKey) {
+                this.logger.info(`[a2a-adapter] notifyUser: discovered session ${sessionKey}, sending via sessions_send`);
+                try {
+                    await (0, gateway_client_1.invokeGatewayTool)({
+                        gateway: this.gatewayConfig,
+                        tool: "sessions_send",
+                        args: { sessionKey, message },
+                        timeoutMs: 5_000,
+                    });
+                    // Also register this session for future notifications
+                    if (this.registerDiscoveredTarget) {
+                        this.registerDiscoveredTarget(sessionKey);
+                    }
+                }
+                catch (err) {
+                    this.logger.warn(`[a2a-adapter] notifyUser: sessions_send to ${sessionKey} failed: ${err instanceof Error ? err.message : String(err)}`);
+                }
+            }
+            else {
+                this.logger.warn(`[a2a-adapter] notifyUser: no active session found, message lost`);
+            }
             return;
         }
         const results = await Promise.allSettled([...targets.entries()].map(async ([key, target]) => {
@@ -167,8 +352,10 @@ class OpenClawAgentExecutor {
                         timeoutMs: 5_000,
                     })
                     : (0, gateway_client_1.invokeGatewayTool)({
+                        // sessions_send injects a message into the session so the AI
+                        // can relay it to the human (correct tool; was "chat.send" before)
                         gateway: this.gatewayConfig,
-                        tool: "chat.send",
+                        tool: "sessions_send",
                         args: { sessionKey: target.sessionKey, message },
                         timeoutMs: 5_000,
                     }));
@@ -194,28 +381,50 @@ class OpenClawAgentExecutor {
     }
 }
 exports.OpenClawAgentExecutor = OpenClawAgentExecutor;
+/* ------------------------------------------------------------------ */
+/*  Prompt builders                                                    */
+/* ------------------------------------------------------------------ */
+/**
+ * Build the approval request message injected into the human's active session.
+ * The AI in that session will relay it and handle the human's approve/reject response.
+ */
+function buildApprovalRequest(taskId, fromAgentName, taskText) {
+    const preview = taskText.length > 600 ? taskText.slice(0, 600) + "…" : taskText;
+    return `[MultiClaws] 收到来自 **${fromAgentName}** 的委派任务，需要授权
+
+**任务内容：**
+${preview}
+
+⚠️ 该任务涉及写操作或高风险操作，需要您授权才能执行。
+
+请询问用户是否同意执行，并根据回复调用对应工具：
+- 同意：\`multiclaws_task_respond(taskId="${taskId}", approved=true)\`
+- 拒绝：\`multiclaws_task_respond(taskId="${taskId}", approved=false)\`
+
+授权等待时间：5 分钟，超时自动拒绝。`;
+}
 /**
  * Build the prompt for the sub-agent that handles an incoming A2A task.
  * The sub-agent must call `multiclaws_a2a_callback` to report its result.
  */
 function buildA2ASubagentPrompt(taskId, taskText) {
-    return `你收到了一个来自远端智能体的委派任务。请完成任务并汇报结果。
-
-## 任务内容
-
-${taskText}
-
-## 完成后必做
-
-完成任务后，你**必须**调用 \`multiclaws_a2a_callback\` 工具汇报结果：
-
-\`\`\`
-multiclaws_a2a_callback(taskId="${taskId}", result="你的完整回复内容")
-\`\`\`
-
-**重要**：
-- 无论任务成功还是失败，都必须调用 \`multiclaws_a2a_callback\`
-- result 参数填写你的完整回复文本
-- 如果任务失败，在 result 中说明失败原因
+    return `你收到了一个来自远端智能体的委派任务。请完成任务并汇报结果。
+
+## 任务内容
+
+${taskText}
+
+## 完成后必做
+
+完成任务后，你**必须**调用 \`multiclaws_a2a_callback\` 工具汇报结果：
+
+\`\`\`
+multiclaws_a2a_callback(taskId="${taskId}", result="你的完整回复内容")
+\`\`\`
+
+**重要**：
+- 无论任务成功还是失败，都必须调用 \`multiclaws_a2a_callback\`
+- result 参数填写你的完整回复文本
+- 如果任务失败，在 result 中说明失败原因
 - 这是唯一的结果回传方式，不调用则结果会丢失`;
 }

package/dist/service/multiclaws-service.d.ts

@@ -133,12 +133,19 @@ export declare class MulticlawsService extends EventEmitter {
     private extractArtifactText;
     /** Fetch with up to 2 retries and exponential backoff. */
     private fetchWithRetry;
+    /**
+     * Called by the `multiclaws_task_respond` tool when the local human
+     * approves or rejects a pending risky incoming task.
+     */
+    respondToTask(taskId: string, approved: boolean): boolean;
     /** Resolve a pending A2A callback from sub-agent. */
     resolveA2ACallback(taskId: string, result: string): boolean;
     addNotificationTarget(key: string, target: NotificationTarget): void;
     /** Consistent name for this agent: AgentCard.name or fallback. */
     private getFormattedName;
     /** Send a notification to all known targets with detailed logging. */
+    /** Discover the most recently active non-internal session via sessions_list. */
+    private discoverActiveSession;
     notifyUser(message: string): Promise<void>;
     private log;
 }

package/dist/service/multiclaws-service.js

@@ -15,6 +15,7 @@ const express_1 = __importDefault(require("express"));
 const server_1 = require("@a2a-js/sdk/server");
 const express_2 = require("@a2a-js/sdk/server/express");
 const client_1 = require("@a2a-js/sdk/client");
+const version_1 = require("../infra/version");
 const a2a_adapter_1 = require("./a2a-adapter");
 const agent_registry_1 = require("./agent-registry");
 const agent_profile_1 = require("./agent-profile");
@@ -30,22 +31,22 @@ function buildDelegationPrompt(agent, task) {
     const bioSnippet = agent.description
         ? `\n**智能体能力**: ${agent.description.slice(0, 500)}`
         : "";
-    return `## 委派任务
-向远端智能体发送任务并汇报结果。
-
-**目标智能体**: ${agent.name} (${agent.url})${bioSnippet}
-**任务内容**: ${task}
-
-## 执行步骤
-1. 调用 multiclaws_delegate_send(agentUrl="${agent.url}", task="${task.replace(/"/g, '\\"')}") 发送任务
-2. 收到回复后，调用 multiclaws_notify(message="结果内容") 将结果推送给用户
-3. 如果需要进一步沟通，可再次调用 multiclaws_delegate_send（最多 5 轮）
-4. 每次收到回复后立即调用 multiclaws_notify 推送进展
-
-## 规则
-- 使用 multiclaws_delegate_send（不是 multiclaws_delegate）发送任务
-- 使用 multiclaws_notify（不是 message）将结果推送给用户
-- 最多 5 轮沟通
+    return `## 委派任务
+向远端智能体发送任务并汇报结果。
+
+**目标智能体**: ${agent.name} (${agent.url})${bioSnippet}
+**任务内容**: ${task}
+
+## 执行步骤
+1. 调用 multiclaws_delegate_send(agentUrl="${agent.url}", task="${task.replace(/"/g, '\\"')}") 发送任务
+2. 收到回复后，调用 multiclaws_notify(message="结果内容") 将结果推送给用户
+3. 如果需要进一步沟通，可再次调用 multiclaws_delegate_send（最多 5 轮）
+4. 每次收到回复后立即调用 multiclaws_notify 推送进展
+
+## 规则
+- 使用 multiclaws_delegate_send（不是 multiclaws_delegate）发送任务
+- 使用 multiclaws_notify（不是 message）将结果推送给用户
+- 最多 5 轮沟通
 - 遇到错误时在 multiclaws_notify 中说明失败原因`;
 }
 /* ------------------------------------------------------------------ */
@@ -120,13 +121,16 @@ class MulticlawsService extends node_events_1.EventEmitter {
                 taskTracker: this.taskTracker,
                 cwd: this.resolvedCwd,
                 getNotificationTargets: () => this.notificationTargets,
+                registerDiscoveredTarget: (sessionKey) => {
+                    this.addNotificationTarget(`web:${sessionKey}`, { type: "web", sessionKey });
+                },
                 logger,
             });
             this.agentCard = {
                 name: profile.ownerName?.trim() ? (0, agent_profile_1.formatAgentCardName)(profile.ownerName.trim()) : "OpenClaw Agent",
                 description: this.profileDescription,
                 url: this.selfUrl,
-                version: "0.3.0",
+                version: version_1.PLUGIN_VERSION,
                 protocolVersion: "0.2.2",
                 defaultInputModes: ["text/plain"],
                 defaultOutputModes: ["text/plain"],
@@ -940,6 +944,20 @@ class MulticlawsService extends node_events_1.EventEmitter {
         }
         throw lastError;
     }
+    /**
+     * Called by the `multiclaws_task_respond` tool when the local human
+     * approves or rejects a pending risky incoming task.
+     */
+    respondToTask(taskId, approved) {
+        this.log("info", `respondToTask(taskId=${taskId}, approved=${approved})`);
+        if (!this.agentExecutor) {
+            this.log("warn", `respondToTask: no agentExecutor available for taskId=${taskId}`);
+            return false;
+        }
+        const resolved = this.agentExecutor.resolveApproval(taskId, approved);
+        this.log("info", `respondToTask: ${resolved ? "✓" : "✗"} taskId=${taskId} ${resolved ? "resolved" : "no pending approval found"}`);
+        return resolved;
+    }
     /** Resolve a pending A2A callback from sub-agent. */
     resolveA2ACallback(taskId, result) {
         this.log("info", `[a2a-callback] resolveA2ACallback(taskId=${taskId}, resultLen=${result.length})`);
@@ -962,10 +980,54 @@ class MulticlawsService extends node_events_1.EventEmitter {
         return this.agentCard?.name ?? "OpenClaw Agent";
     }
     /** Send a notification to all known targets with detailed logging. */
+    /** Discover the most recently active non-internal session via sessions_list. */
+    async discoverActiveSession() {
+        if (!this.gatewayConfig)
+            return null;
+        try {
+            const result = await (0, gateway_client_1.invokeGatewayTool)({
+                gateway: this.gatewayConfig,
+                tool: "sessions_list",
+                args: { limit: 10, activeMinutes: 120 },
+                timeoutMs: 5_000,
+            });
+            const INTERNAL_PREFIXES = ["delegate-", "a2a-"];
+            const session = result?.sessions?.find((s) => s.sessionKey && !INTERNAL_PREFIXES.some((p) => s.sessionKey.startsWith(p)));
+            return session?.sessionKey ?? null;
+        }
+        catch (err) {
+            this.log("warn", `discoverActiveSession failed: ${err instanceof Error ? err.message : String(err)}`);
+            return null;
+        }
+    }
     async notifyUser(message) {
         this.log("info", `notifyUser: targets=${this.notificationTargets.size}, msg=${message.slice(0, 80)}`);
-        if (!this.gatewayConfig || this.notificationTargets.size === 0) {
-            this.log("warn", "notifyUser: skipped — no gatewayConfig or no targets");
+        if (!this.gatewayConfig) {
+            this.log("warn", "notifyUser: skipped — no gatewayConfig");
+            return;
+        }
+        // Fallback: no registered targets yet (e.g. right after gateway restart)
+        if (this.notificationTargets.size === 0) {
+            this.log("warn", "notifyUser: no registered targets — attempting session discovery");
+            const sessionKey = await this.discoverActiveSession();
+            if (sessionKey) {
+                this.log("info", `notifyUser: discovered session ${sessionKey}`);
+                try {
+                    await (0, gateway_client_1.invokeGatewayTool)({
+                        gateway: this.gatewayConfig,
+                        tool: "sessions_send",
+                        args: { sessionKey, message },
+                        timeoutMs: 5_000,
+                    });
+                    this.addNotificationTarget(`web:${sessionKey}`, { type: "web", sessionKey });
+                }
+                catch (err) {
+                    this.log("warn", `notifyUser: sessions_send to ${sessionKey} failed: ${err instanceof Error ? err.message : String(err)}`);
+                }
+            }
+            else {
+                this.log("warn", "notifyUser: no active session found, message lost");
+            }
             return;
         }
         const entries = [...this.notificationTargets.entries()];
@@ -980,8 +1042,10 @@ class MulticlawsService extends node_events_1.EventEmitter {
                         timeoutMs: 5_000,
                     })
                     : (0, gateway_client_1.invokeGatewayTool)({
+                        // sessions_send injects a message into the session so the AI
+                        // can relay it to the human (correct tool; was "chat.send" before)
                         gateway: this.gatewayConfig,
-                        tool: "chat.send",
+                        tool: "sessions_send",
                         args: { sessionKey: target.sessionKey, message },
                         timeoutMs: 5_000,
                     }));

package/openclaw.plugin.json

@@ -1,47 +1,47 @@
-{
-  "id": "multiclaws",
-  "name": "MultiClaws",
-  "description": "MultiClaws plugin for multi-instance collaboration using A2A protocol",
-  "version": "0.3.0",
-  "skills": ["./skills/multiclaws"],
-  "configSchema": {
-    "type": "object",
-    "additionalProperties": false,
-    "properties": {
-      "port": {
-        "type": "integer",
-        "minimum": 1,
-        "maximum": 65535,
-        "default": 3100
-      },
-      "displayName": {
-        "type": "string",
-        "minLength": 1
-      },
-      "selfUrl": {
-        "type": "string",
-        "description": "Publicly reachable URL for this agent. If not set, tunnel configuration is required."
-      },
-      "tunnel": {
-        "type": "object",
-        "description": "FRP tunnel configuration for cross-network connectivity. Required if selfUrl is not set.",
-        "properties": {
-          "type":           { "type": "string", "enum": ["frp"] },
-          "serverAddr":     { "type": "string", "description": "FRP server address (IP or domain)" },
-          "serverPort":     { "type": "integer", "default": 7000, "description": "FRP server bind port" },
-          "token":          { "type": "string", "description": "FRP authentication token" },
-          "portRangeStart": { "type": "integer", "description": "Start of available remote port range" },
-          "portRangeEnd":   { "type": "integer", "description": "End of available remote port range (inclusive)" }
-        },
-        "required": ["type", "serverAddr", "serverPort", "token", "portRangeStart", "portRangeEnd"]
-      },
-      "telemetry": {
-        "type": "object",
-        "additionalProperties": false,
-        "properties": {
-          "consoleExporter": { "type": "boolean", "default": false }
-        }
-      }
-    }
-  }
-}
+{
+  "id": "multiclaws",
+  "name": "MultiClaws",
+  "description": "MultiClaws plugin for multi-instance collaboration using A2A protocol",
+  "version": "0.3.0",
+  "skills": ["./skills/multiclaws", "./skills/meeting-scheduler"],
+  "configSchema": {
+    "type": "object",
+    "additionalProperties": false,
+    "properties": {
+      "port": {
+        "type": "integer",
+        "minimum": 1,
+        "maximum": 65535,
+        "default": 3100
+      },
+      "displayName": {
+        "type": "string",
+        "minLength": 1
+      },
+      "selfUrl": {
+        "type": "string",
+        "description": "Publicly reachable URL for this agent. If not set, tunnel configuration is required."
+      },
+      "tunnel": {
+        "type": "object",
+        "description": "FRP tunnel configuration for cross-network connectivity. Required if selfUrl is not set.",
+        "properties": {
+          "type":           { "type": "string", "enum": ["frp"] },
+          "serverAddr":     { "type": "string", "description": "FRP server address (IP or domain)" },
+          "serverPort":     { "type": "integer", "default": 7000, "description": "FRP server bind port" },
+          "token":          { "type": "string", "description": "FRP authentication token" },
+          "portRangeStart": { "type": "integer", "description": "Start of available remote port range" },
+          "portRangeEnd":   { "type": "integer", "description": "End of available remote port range (inclusive)" }
+        },
+        "required": ["type", "serverAddr", "serverPort", "token", "portRangeStart", "portRangeEnd"]
+      },
+      "telemetry": {
+        "type": "object",
+        "additionalProperties": false,
+        "properties": {
+          "consoleExporter": { "type": "boolean", "default": false }
+        }
+      }
+    }
+  }
+}