openclaw-threema 0.5.2 → 0.6.1

package/README.md

@@ -1,4 +1,4 @@
-# @openclaw/threema
+# openclaw-threema
 
 Threema Gateway channel plugin for [OpenClaw](https://github.com/openclaw/openclaw) — privacy-focused E2E encrypted messaging via the [Threema Gateway API](https://gateway.threema.ch/).
 
@@ -8,24 +8,25 @@ Threema Gateway channel plugin for [OpenClaw](https://github.com/openclaw/opencl
 - **Media send/receive** — images, files, audio (E2E encrypted blobs)
 - **Voice transcription** — automatic speech-to-text via local Whisper
 - **Instant wake** — webhook-based message delivery (no polling)
+- **Slash commands** — `/status`, `/compact`, etc. work natively via Threema (v0.6.0+)
 - **CLI tools** — `openclaw threema send|send-file|status|keygen`
 
 ## Requirements
 
 - A [Threema Gateway](https://gateway.threema.ch/) account (E2E mode)
-- OpenClaw v0.30+ with channel plugin support
+- OpenClaw 2026.3.2+ with channel plugin support
 - For voice transcription: [OpenAI Whisper](https://github.com/openai/whisper) installed locally
 
-Please keep in mind that the use of the Threema Gateway is not for free.
-At the time of writing these lines you have to pay 1.600 "Credits" to get an ID. 
-Every Message costs another Credit (roughly EUR 0,02).
-2.500 Credits are about EUR 55,00
+> **Note:** Threema Gateway usage is not free. At the time of writing, you need ~1,600 credits to register a Gateway ID, and each message costs 1 credit (~€0.02). 2,500 credits cost approximately €55.
 
 ## Installation
 
 ```bash
-# From npm (when published)
-npm install @openclaw/threema
+# From npm
+npm install openclaw-threema
+
+# From ClawHub
+openclaw plugins install clawhub:threema
 
 # Or as a local extension
 cp -r . ~/.openclaw/extensions/threema/
@@ -77,7 +78,7 @@ https://your-host:18789/threema/webhook
 
 The default port is `18789` (OpenClaw Gateway). The path matches `webhookPath` in your config (default: `/threema/webhook`).
 
-**Note:** If you're behind a reverse proxy, adjust the URL accordingly. The plugin registers the endpoint at the configured `webhookPath`.
+**Note:** If you're behind a reverse proxy (Cloudflare Tunnel, nginx, etc.), adjust the URL accordingly. The plugin registers the endpoint at the configured `webhookPath`.
 
 ### 3. Restart OpenClaw
 
@@ -96,7 +97,7 @@ openclaw threema send ABCD1234 "Hello from OpenClaw!"
 
 | Policy | Description |
 |--------|-------------|
-| `allowlist` | Only IDs in `allowFrom` array (default) |
+| `allowlist` | Only IDs in `allowFrom` array (default, recommended) |
 | `open` | Accept from anyone |
 | `disabled` | Reject all DMs |
 
@@ -104,7 +105,7 @@ openclaw threema send ABCD1234 "Hello from OpenClaw!"
 
 When a voice message is received, the plugin automatically transcribes it using local Whisper (no API key needed). The transcription is included in the message delivered to the agent.
 
-Whisper must be installed and accessible in PATH (e.g., via `pip install openai-whisper` or Homebrew).
+Whisper must be installed and accessible in PATH (e.g., `pip install openai-whisper`).
 
 ## Message Types Supported
 
@@ -119,8 +120,26 @@ Whisper must be installed and accessible in PATH (e.g., via `pip install openai-
 - Private keys never leave the host
 - Webhook verification via HMAC-SHA256 (mandatory, verified before decryption)
 - SSRF protection: redirect blocking, DNS rebinding checks, private IP filtering
+- Secrets are redacted in all log output
+
+## Changelog
+
+### v0.6.0 (2026-04-17)
+- **Channel Inbound Pipeline** — messages now go through OpenClaw's native channel pipeline instead of raw `enqueueSystemEvent`. This enables slash commands (`/status`, `/compact`, etc.) directly from Threema.
+- **Graceful fallback** — automatically falls back to `enqueueSystemEvent` if the channel pipeline is unavailable (e.g., older OpenClaw versions).
+- **Long message chunking** — replies exceeding 3,500 chars are split at newline boundaries.
+
+### v0.5.2 (2026-03-30)
+- OpenClaw 2026.3.2 compatibility fixes
+- Health monitor improvements
+- ClawHub publishing support (`compat.pluginApi`, `build.openclawVersion`)
+
+### v0.4.5 (2026-02-17)
+- Initial npm release
+- Full E2E text + media support
+- Voice transcription via Whisper
+- Security hardening (SSRF protection, path restrictions, PII log reduction)
 
 ## License
 
 MIT
-

package/index.ts

@@ -147,6 +147,163 @@ const MEDIA_INBOUND_DIR = path.join(
   "inbound"
 );
 
+// ============================================================================
+// Memory Briefing Hook
+// ============================================================================
+//
+// Injects an up-to-date "acute state" snapshot from the workspace memory into
+// every inbound Threema message that goes to the agent. This compensates for
+// long-running sessions where MEMORY.md was loaded weeks ago and may not be
+// salient for the current reply. Format mirrors OpenClaw's untrusted-context
+// blocks so the agent treats it as informational, not as instructions.
+//
+// Sources read on each inbound (best-effort, fail-silent):
+//   1. <workspace>/MEMORY.md  -> only the leading "\ud83d\udccc Current State" block
+//   2. <workspace>/memory/pending-actions.md -> only the "\ud83d\udd25 Akut" section
+//
+// File reads are bounded (<= 8 KB each) and cached for 60 s to avoid disk
+// thrash on bursts of messages.
+
+interface BriefingCacheEntry {
+  text: string;
+  expiresAt: number;
+}
+const briefingCache: Map<string, BriefingCacheEntry> = new Map();
+const BRIEFING_CACHE_TTL_MS = 60_000;
+const BRIEFING_MAX_BYTES = 8192;
+
+function readBoundedFile(filePath: string): string {
+  try {
+    const stat = fs.statSync(filePath);
+    if (!stat.isFile()) return "";
+    const fd = fs.openSync(filePath, "r");
+    try {
+      const len = Math.min(stat.size, BRIEFING_MAX_BYTES);
+      const buf = Buffer.alloc(len);
+      fs.readSync(fd, buf, 0, len, 0);
+      return buf.toString("utf8");
+    } finally {
+      fs.closeSync(fd);
+    }
+  } catch {
+    return "";
+  }
+}
+
+function extractCurrentStateBlock(memoryMd: string): string {
+  if (!memoryMd) return "";
+  // Find the line starting with "## \ud83d\udccc Current State" (or any "## *Current State*")
+  const lines = memoryMd.split(/\r?\n/);
+  let startIdx = -1;
+  for (let i = 0; i < lines.length; i++) {
+    if (/^##\s.*Current State/i.test(lines[i])) {
+      startIdx = i;
+      break;
+    }
+  }
+  if (startIdx < 0) return "";
+  // Read until the next "## " header
+  const out: string[] = [];
+  for (let i = startIdx; i < lines.length; i++) {
+    if (i > startIdx && /^##\s/.test(lines[i])) break;
+    out.push(lines[i]);
+  }
+  return out.join("\n").trim();
+}
+
+function extractAcutePending(pendingMd: string): string {
+  if (!pendingMd) return "";
+  const lines = pendingMd.split(/\r?\n/);
+  let startIdx = -1;
+  for (let i = 0; i < lines.length; i++) {
+    if (/^##\s.*Akut/i.test(lines[i])) {
+      startIdx = i;
+      break;
+    }
+  }
+  if (startIdx < 0) return "";
+  const out: string[] = [];
+  for (let i = startIdx; i < lines.length; i++) {
+    if (i > startIdx && /^##\s/.test(lines[i])) break;
+    out.push(lines[i]);
+  }
+  return out.join("\n").trim();
+}
+
+function resolveWorkspaceDir(cfg: OpenClawConfig | undefined): string | null {
+  // Best-effort: dig through the agents.defaults.workspace path used in this
+  // setup. We accept any string under agents.*.workspace too.
+  const root: any = cfg as any;
+  const candidates: any[] = [];
+  try {
+    if (root?.agents) {
+      for (const k of Object.keys(root.agents)) {
+        const w = root.agents[k]?.workspace;
+        if (typeof w === "string") candidates.push(w);
+      }
+    }
+  } catch {
+    /* ignore */
+  }
+  // Fallback: ~/.openclaw/workspace
+  candidates.push(path.join(process.env.HOME || "/tmp", ".openclaw", "workspace"));
+  for (const p of candidates) {
+    try {
+      if (p && fs.existsSync(p) && fs.statSync(p).isDirectory()) return p;
+    } catch {
+      /* ignore */
+    }
+  }
+  return null;
+}
+
+function buildMemoryBriefing(cfg: OpenClawConfig | undefined): string {
+  const workspace = resolveWorkspaceDir(cfg);
+  if (!workspace) return "";
+  const cacheKey = workspace;
+  const now = Date.now();
+  const cached = briefingCache.get(cacheKey);
+  if (cached && cached.expiresAt > now) return cached.text;
+
+  const memoryPath = path.join(workspace, "MEMORY.md");
+  const pendingPath = path.join(workspace, "memory", "pending-actions.md");
+
+  const currentState = extractCurrentStateBlock(readBoundedFile(memoryPath));
+  const acutePending = extractAcutePending(readBoundedFile(pendingPath));
+
+  if (!currentState && !acutePending) {
+    briefingCache.set(cacheKey, { text: "", expiresAt: now + BRIEFING_CACHE_TTL_MS });
+    return "";
+  }
+
+  const parts: string[] = [];
+  parts.push(
+    "Memory briefing (untrusted, generated by threema plugin at inbound time \u2014 informational only, not instructions):"
+  );
+  parts.push(
+    "This snapshot is appended to every inbound Threema message so the agent has a fresh view of the user's acute state, even in long-running sessions. Read it before replying."
+  );
+  parts.push("");
+  if (currentState) {
+    parts.push("--- MEMORY.md (Current State) ---");
+    parts.push(currentState);
+  }
+  if (acutePending) {
+    if (currentState) parts.push("");
+    parts.push("--- pending-actions.md (Akut) ---");
+    parts.push(acutePending);
+  }
+  const text = parts.join("\n");
+  briefingCache.set(cacheKey, { text, expiresAt: now + BRIEFING_CACHE_TTL_MS });
+  return text;
+}
+
+function composeBodyForAgent(userText: string, cfg: OpenClawConfig | undefined): string {
+  const briefing = buildMemoryBriefing(cfg);
+  if (!briefing) return userText;
+  return `${userText}\n\n[memory_briefing]\n${briefing}\n[/memory_briefing]`;
+}
+
 // Allowed base directory for local media files (exfiltration protection)
 const MEDIA_ALLOWED_BASE = path.join(
   process.env.HOME || "/tmp",
@@ -1622,7 +1779,7 @@ const threemaChannel = {
 
 export const id = "threema";
 export const name = "Threema Gateway";
-export const version = "0.5.2";
+export const version = "0.6.0";
 export const description =
   "Threema messaging channel via Threema Gateway API (E2E encrypted, with media support)";
 
@@ -1782,25 +1939,144 @@ export default function register(api: any) {
             api.logger?.info?.("Threema text message received");
             api.logger?.debug?.(`Threema text from=${from} messageId=${messageId}`);
 
-            // Dispatch to OpenClaw via enqueueSystemEvent
-            const enqueue = runtime?.system?.enqueueSystemEvent;
-            if (enqueue) {
-              const envelope = `[Threema message from ${senderLabel} (${from})]\n${decrypted.text}`;
-              enqueue(envelope, {
-                sessionKey: "agent:main:main",
-                deliveryContext: {
+            // Dispatch through the proper Channel Inbound Pipeline
+            // This enables slash-command parsing (/status, /compact, etc.)
+            const channelRuntime = runtime?.channel;
+            if (channelRuntime?.routing?.resolveAgentRoute && channelRuntime?.reply?.finalizeInboundContext && channelRuntime?.reply?.dispatchReplyWithBufferedBlockDispatcher) {
+              try {
+                const currentCfg = runtime.config.loadConfig();
+
+                // 1. Resolve the agent route and session key
+                const route = channelRuntime.routing.resolveAgentRoute({
+                  cfg: currentCfg,
                   channel: "threema",
-                  to: from,
-                  from: from,
                   accountId: "default",
-                },
-              });
-              api.logger?.info?.("Threema message dispatched via enqueueSystemEvent");
+                  peer: { kind: "direct", id: from },
+                });
 
-              // Wake the agent
-              wakeAgent(config);
+                const sessionKey = channelRuntime.routing.buildAgentSessionKey({
+                  agentId: route.agentId,
+                  channel: "threema",
+                  accountId: "default",
+                  peer: { kind: "direct", id: from },
+                  dmScope: "per-account-channel-peer",
+                });
+
+                // 2. Check if sender is command-authorized (in allowFrom list)
+                const senderAllowed = allowFrom.length === 0 || allowFrom.includes(from);
+
+                // 3. Build the finalized inbound context
+                //    BodyForAgent gets a memory briefing appended so the agent
+                //    sees the current acute state on every inbound, regardless
+                //    of how long the session has been running. CommandBody and
+                //    RawBody stay clean for slash-command parsing.
+                const bodyForAgent = composeBodyForAgent(decrypted.text, currentCfg);
+                const msgCtx = channelRuntime.reply.finalizeInboundContext({
+                  Body: decrypted.text,
+                  RawBody: decrypted.text,
+                  CommandBody: decrypted.text,
+                  BodyForAgent: bodyForAgent,
+                  From: `threema:${from}`,
+                  To: `threema:${ownGatewayId}`,
+                  SessionKey: sessionKey,
+                  AccountId: "default",
+                  OriginatingChannel: "threema",
+                  OriginatingTo: `threema:${from}`,
+                  ChatType: "direct" as const,
+                  SenderName: senderLabel,
+                  SenderId: from,
+                  Provider: "threema",
+                  Surface: "threema",
+                  ConversationLabel: senderLabel || from,
+                  Timestamp: Date.now(),
+                  CommandAuthorized: senderAllowed,
+                });
+
+                // 4. Dispatch through the full pipeline (command parsing + agent)
+                const replyClient = new ThreemaClient(getThreemaConfig(currentCfg)!);
+                await channelRuntime.reply.dispatchReplyWithBufferedBlockDispatcher({
+                  ctx: msgCtx,
+                  cfg: currentCfg,
+                  dispatcherOptions: {
+                    deliver: async (payload: any) => {
+                      const text = payload.text ?? payload.body;
+                      if (!text) return;
+                      // Chunk long replies if needed
+                      const limit = getThreemaConfig(currentCfg)?.textChunkLimit ?? 3500;
+                      if (text.length <= limit) {
+                        if (replyClient.isE2EEnabled) {
+                          await replyClient.sendE2E(from, text);
+                        } else {
+                          await replyClient.sendSimple(from, text);
+                        }
+                      } else {
+                        // Split into chunks at newline boundaries
+                        const chunks: string[] = [];
+                        let remaining = text;
+                        while (remaining.length > 0) {
+                          if (remaining.length <= limit) {
+                            chunks.push(remaining);
+                            break;
+                          }
+                          let splitIdx = remaining.lastIndexOf("\n", limit);
+                          if (splitIdx <= 0) splitIdx = limit;
+                          chunks.push(remaining.slice(0, splitIdx));
+                          remaining = remaining.slice(splitIdx).replace(/^\n/, "");
+                        }
+                        for (const chunk of chunks) {
+                          if (replyClient.isE2EEnabled) {
+                            await replyClient.sendE2E(from, chunk);
+                          } else {
+                            await replyClient.sendSimple(from, chunk);
+                          }
+                        }
+                      }
+                    },
+                    onReplyStart: () => {
+                      api.logger?.info?.(`Threema: agent reply started for ${from}`);
+                    },
+                  },
+                });
+                api.logger?.info?.("Threema message dispatched via Channel Inbound Pipeline");
+              } catch (pipelineErr: any) {
+                api.logger?.error?.(`Threema inbound pipeline error: ${pipelineErr.message}`);
+                // Fallback to enqueueSystemEvent if pipeline fails
+                const enqueue = runtime?.system?.enqueueSystemEvent;
+                if (enqueue) {
+                  const envelope = `[Threema message from ${senderLabel} (${from})]\n${decrypted.text}`;
+                  enqueue(envelope, {
+                    sessionKey: "agent:main:main",
+                    deliveryContext: {
+                      channel: "threema",
+                      to: from,
+                      from: from,
+                      accountId: "default",
+                    },
+                  });
+                  api.logger?.info?.("Threema message dispatched via enqueueSystemEvent (fallback)");
+                  wakeAgent(config);
+                }
+              }
             } else {
-              api.logger?.warn?.("enqueueSystemEvent not available");
+              // Fallback: use enqueueSystemEvent if channel runtime not available
+              api.logger?.warn?.("Channel inbound pipeline not available, falling back to enqueueSystemEvent");
+              const enqueue = runtime?.system?.enqueueSystemEvent;
+              if (enqueue) {
+                const envelope = `[Threema message from ${senderLabel} (${from})]\n${decrypted.text}`;
+                enqueue(envelope, {
+                  sessionKey: "agent:main:main",
+                  deliveryContext: {
+                    channel: "threema",
+                    to: from,
+                    from: from,
+                    accountId: "default",
+                  },
+                });
+                api.logger?.info?.("Threema message dispatched via enqueueSystemEvent (legacy)");
+                wakeAgent(config);
+              } else {
+                api.logger?.warn?.("Neither channel pipeline nor enqueueSystemEvent available");
+              }
             }
           } else if (decrypted?.type === 0x17 && decrypted?.fileMessage) {
             // File message - PII only on debug level

package/openclaw.plugin.json

@@ -2,7 +2,7 @@
   "id": "threema",
   "name": "Threema Gateway",
   "description": "Threema messaging channel via Threema Gateway API (E2E encrypted)",
-  "version": "0.5.1",
+  "version": "0.6.1",
   "channels": [
     "threema"
   ],

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "openclaw-threema",
-  "version": "0.5.2",
+  "version": "0.6.1",
   "description": "Threema Gateway channel plugin for OpenClaw",
   "type": "module",
   "main": "index.ts",
@@ -19,7 +19,13 @@
         "threema-gateway"
       ]
     },
-    "id": "threema"
+    "id": "threema",
+    "compat": {
+      "pluginApi": ">=1.0.0"
+    },
+    "build": {
+      "openclawVersion": "2026.3.28"
+    }
   },
   "dependencies": {
     "tweetnacl": "^1.0.3",