openclaw-observability 1.0.0

package/dist/web/ui.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ui.js","sourceRoot":"","sources":["../../src/web/ui.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;AAEH,gCAmBC;AAnBD,SAAgB,UAAU;IACxB,OAAO,mBAAmB;QAC5B,oBAAoB;QACpB,UAAU;QACV,0BAA0B;QAC1B,0EAA0E;QAC1E,wCAAwC;QACxC,mDAAmD;QACnD,WAAW;QACX,GAAG;QACH,YAAY;QACZ,WAAW;QACX,UAAU;QACV,wBAAwB;QACxB,YAAY;QACZ,SAAS;QACT,aAAa;QACb,WAAW;QACX,SAAS,CAAC;AACV,CAAC;AAED,wEAAwE;AACxE,yEAAyE;AACzE,wEAAwE;AAExE,MAAM,GAAG,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAqRX,CAAC;AAEF,wEAAwE;AACxE,wEAAwE;AACxE,wEAAwE;AAExE,MAAM,SAAS,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAm/BjB,CAAC"}

package/openclaw.plugin.json

@@ -0,0 +1,231 @@
+{
+  "id": "audit-duckdb",
+  "name": "openclaw-plugin-audit",
+  "version": "1.0.5",
+  "description": "Conversation model action audit plugin — full-chain traceability with built-in visualization",
+  "entry": "dist/index.js",
+  "slots": [
+    "before_model_resolve",
+    "before_prompt_build",
+    "llm_input",
+    "llm_output",
+    "before_tool_call",
+    "after_tool_call",
+    "tool_result_persist",
+    "message_received",
+    "message_sending",
+    "message_sent",
+    "agent_end",
+    "before_compaction",
+    "after_compaction",
+    "before_reset",
+    "session_start",
+    "session_end",
+    "subagent_spawned",
+    "subagent_ended",
+    "gateway_start",
+    "gateway_stop"
+  ],
+  "uiHints": {
+    "mode": {
+      "label": "Storage Mode",
+      "help": "local = embedded local DB (zero config) | remote = external MySQL database"
+    },
+    "duckdb.path": {
+      "label": "Local DB File Path",
+      "placeholder": "~/.openclaw/audit.duckdb",
+      "help": "Local database file path (only effective in local mode)"
+    },
+    "mysql.host": {
+      "label": "MySQL Host",
+      "placeholder": "rm-xxx.mysql.rds.aliyuncs.com",
+      "help": "MySQL host address (only effective in remote mode)"
+    },
+    "mysql.port": {
+      "label": "MySQL Port",
+      "placeholder": "3306"
+    },
+    "mysql.user": {
+      "label": "MySQL User",
+      "placeholder": "root"
+    },
+    "mysql.password": {
+      "label": "MySQL Password",
+      "sensitive": true,
+      "placeholder": "••••••••",
+      "help": "Database password (displayed as password field in Dashboard)"
+    },
+    "mysql.database": {
+      "label": "Database Name",
+      "placeholder": "openclaw_audit",
+      "help": "Audit database name (auto-created if not exists)"
+    },
+    "buffer.batchSize": {
+      "label": "Batch Size",
+      "placeholder": "50",
+      "help": "Number of records to accumulate before batch write",
+      "advanced": true
+    },
+    "buffer.flushIntervalMs": {
+      "label": "Flush Interval (ms)",
+      "placeholder": "30000",
+      "help": "Flush interval in milliseconds (default: 30s)",
+      "advanced": true
+    },
+    "redaction.enabled": {
+      "label": "Enable Redaction",
+      "help": "Automatically redact sensitive fields like API keys and passwords"
+    },
+    "redaction.patterns": {
+      "label": "Redaction Patterns",
+      "help": "Redaction regex patterns (case-insensitive)",
+      "advanced": true
+    },
+    "security.enabled": {
+      "label": "Enable Security Scanning",
+      "help": "Enable security audit scanning (secret leaks, dangerous commands, prompt injection, etc.)"
+    },
+    "security.rules.secretLeakage": {
+      "label": "Secret Leakage Detection",
+      "help": "Detect AK/SK, private keys, JWT and other secret leaks",
+      "advanced": true
+    },
+    "security.rules.highRiskOps": {
+      "label": "High-Risk Ops Detection",
+      "help": "Detect high-risk operations like rm -rf, sudo, sensitive file access",
+      "advanced": true
+    },
+    "security.rules.promptInjection": {
+      "label": "Prompt Injection Detection",
+      "help": "Detect prompt injection attacks in tool outputs",
+      "advanced": true
+    },
+    "security.rules.chainDetection": {
+      "label": "Attack Chain Detection",
+      "help": "Cross-action behavior chain detection (e.g. read sensitive file -> exfiltrate data)",
+      "advanced": true
+    },
+    "security.domainWhitelist": {
+      "label": "Domain Whitelist",
+      "help": "Domain whitelist for external request detection",
+      "advanced": true
+    }
+  },
+  "configSchema": {
+    "type": "object",
+    "additionalProperties": false,
+    "properties": {
+      "mode": {
+        "type": "string",
+        "enum": ["local", "remote"],
+        "default": "local"
+      },
+      "duckdb": {
+        "type": "object",
+        "additionalProperties": false,
+        "properties": {
+          "path": {
+            "type": "string",
+            "default": "~/.openclaw/audit.duckdb"
+          }
+        }
+      },
+      "mysql": {
+        "type": "object",
+        "additionalProperties": false,
+        "properties": {
+          "host": {
+            "type": "string",
+            "default": "localhost"
+          },
+          "port": {
+            "type": "number",
+            "default": 3306
+          },
+          "user": {
+            "type": "string",
+            "default": "root"
+          },
+          "password": {
+            "type": "string",
+            "default": ""
+          },
+          "database": {
+            "type": "string",
+            "default": "openclaw_audit"
+          }
+        }
+      },
+      "buffer": {
+        "type": "object",
+        "additionalProperties": false,
+        "properties": {
+          "batchSize": {
+            "type": "number",
+            "default": 50,
+            "minimum": 1,
+            "maximum": 1000
+          },
+          "flushIntervalMs": {
+            "type": "number",
+            "default": 30000,
+            "minimum": 1000,
+            "maximum": 300000
+          }
+        }
+      },
+      "redaction": {
+        "type": "object",
+        "additionalProperties": false,
+        "properties": {
+          "enabled": {
+            "type": "boolean",
+            "default": true
+          },
+          "patterns": {
+            "type": "array",
+            "items": { "type": "string" },
+            "default": ["api_key", "api[-_]?secret", "password", "passwd", "access_token", "auth_token", "refresh_token", "bearer_token", "client_secret", "app_secret", "secret_key", "authorization", "private_key", "credential"]
+          }
+        }
+      },
+      "security": {
+        "type": "object",
+        "additionalProperties": false,
+        "properties": {
+          "enabled": {
+            "type": "boolean",
+            "default": true
+          },
+          "rules": {
+            "type": "object",
+            "additionalProperties": false,
+            "properties": {
+              "secretLeakage": {
+                "type": "boolean",
+                "default": true
+              },
+              "highRiskOps": {
+                "type": "boolean",
+                "default": true
+              },
+              "promptInjection": {
+                "type": "boolean",
+                "default": true
+              },
+              "chainDetection": {
+                "type": "boolean",
+                "default": true
+              }
+            }
+          },
+          "domainWhitelist": {
+            "type": "array",
+            "items": { "type": "string" },
+            "default": []
+          }
+        }
+      }
+    }
+  }
+}

package/package.json

@@ -0,0 +1,41 @@
+{
+  "name": "openclaw-observability",
+  "version": "1.0.0",
+  "description": "OpenClaw audit plugin — records all conversation model actions into DuckDB/MySQL for traceability, with built-in Langfuse-style visualization",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "openclaw": {
+    "extensions": [
+      "./dist/index.js"
+    ]
+  },
+  "files": [
+    "dist/",
+    "openclaw.plugin.json"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "dev": "tsc --watch",
+    "clean": "rm -rf dist",
+    "prepublishOnly": "npm run build"
+  },
+  "keywords": [
+    "openclaw",
+    "plugin",
+    "observability",
+    "audit",
+    "duckdb",
+    "mysql",
+    "trace",
+    "langfuse",
+    "security"
+  ],
+  "license": "MIT",
+  "dependencies": {
+    "@duckdb/node-api": "^1.5.0-r.1",
+    "mysql2": "^3.9.0"
+  },
+  "devDependencies": {
+    "typescript": "^5.9.3"
+  }
+}