podwatch 1.0.2

package/LICENSE

@@ -0,0 +1,28 @@
+BSD 3-Clause License
+
+Copyright (c) 2026, Podwatch
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright notice,
+   this list of conditions and the following disclaimer in the documentation
+   and/or other materials provided with the distribution.
+
+3. Neither the name of the copyright holder nor the names of its
+   contributors may be used to endorse or promote products derived from
+   this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

package/README.md

@@ -0,0 +1,92 @@
+# Podwatch
+
+Agent security monitoring, cost tracking, and budget enforcement for [OpenClaw](https://openclaw.ai).
+
+## Quick Install
+
+```bash
+npx podwatch pw_your_api_key_here
+```
+
+That's it. The installer will validate your key, install the plugin to `~/.openclaw/extensions/podwatch/`, configure it, and restart the gateway.
+
+## What You Get
+
+- **Cost tracking** — per-call LLM cost and token monitoring
+- **Budget enforcement** — block tool calls when spend exceeds limits
+- **Security alerts** — detect risky tool usage patterns
+- **Agent pulse** — online status and heartbeat monitoring
+- **Dashboard** — [podwatch.app](https://podwatch.app)
+
+## Prerequisites
+
+- **Node.js** ≥ 16
+- **OpenClaw** ≥ v2026.2.0
+- **Linux or macOS** (Windows: use WSL)
+- A **Podwatch API key** — get one at [podwatch.app/dashboard](https://podwatch.app/dashboard)
+
+## Usage Modes
+
+### As an installer (npx)
+
+```bash
+# Install with your API key
+npx podwatch pw_abc123def456
+
+# Show help
+npx podwatch --help
+```
+
+The installer:
+1. Validates your API key
+2. Checks OpenClaw is installed and compatible
+3. Copies the plugin to `~/.openclaw/extensions/podwatch/`
+4. Configures the plugin in `~/.openclaw/openclaw.json`
+5. Restarts the gateway to activate
+
+### As an OpenClaw plugin
+
+The plugin is what gets installed to `~/.openclaw/extensions/podwatch/`. It hooks into OpenClaw's event system to capture diagnostics, enforce budgets, and send security alerts to the Podwatch dashboard.
+
+Plugin source is in `src/` (TypeScript), compiled to `dist/`.
+
+## No `npx`? No problem.
+
+```bash
+curl -sL https://podwatch.app/install.js | node - pw_your_api_key_here
+```
+
+## Development
+
+```bash
+npm run build    # Compile TypeScript
+npm run dev      # Watch mode
+npm run clean    # Remove dist/
+```
+
+## Configuration
+
+The installer adds this to `~/.openclaw/openclaw.json`:
+
+```json
+{
+  "diagnostics": { "enabled": true },
+  "plugins": {
+    "entries": {
+      "podwatch": {
+        "enabled": true,
+        "config": {
+          "apiKey": "pw_your_key",
+          "endpoint": "https://podwatch.app/api",
+          "enableBudgetEnforcement": true,
+          "enableSecurityAlerts": true
+        }
+      }
+    }
+  }
+}
+```
+
+## License
+
+BSD-3-Clause

package/bin/podwatch.js

@@ -0,0 +1,10 @@
+#!/usr/bin/env node
+
+'use strict';
+
+const { run } = require('../lib/installer');
+
+run().catch((err) => {
+  console.error(`\n❌ Unexpected error: ${err.message}`);
+  process.exit(1);
+});

package/dist/classifier.d.ts

@@ -0,0 +1,22 @@
+/**
+ * Tool classifier — lightweight client-side classification for real-time
+ * security decisions (exfiltration detection, persistence attempts).
+ *
+ * NOTE: Full risk-level classification remains server-side
+ * (podwatch-app/src/lib/risk-classifier.ts). This classifier only provides
+ * boolean flags needed for the before_tool_call hook to make blocking/alerting
+ * decisions in real time.
+ */
+export interface ToolClassification {
+    /** Tool reads credential-like files (.env, .key, .pem, ssh keys). */
+    accessesCredentials: boolean;
+    /** Tool makes outbound network calls (web_fetch, curl, wget, http_request). */
+    makesNetworkCall: boolean;
+    /** Tool attempts to set up persistence (crontab, systemd, autostart). */
+    persistenceAttempt: boolean;
+}
+/**
+ * Classify a tool call for real-time security decisions.
+ */
+export declare function classifyTool(toolName: string, params: Record<string, unknown>): ToolClassification;
+//# sourceMappingURL=classifier.d.ts.map

package/dist/classifier.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"classifier.d.ts","sourceRoot":"","sources":["../src/classifier.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAMH,MAAM,WAAW,kBAAkB;IACjC,qEAAqE;IACrE,mBAAmB,EAAE,OAAO,CAAC;IAC7B,+EAA+E;IAC/E,gBAAgB,EAAE,OAAO,CAAC;IAC1B,yEAAyE;IACzE,kBAAkB,EAAE,OAAO,CAAC;CAC7B;AAmED;;GAEG;AACH,wBAAgB,YAAY,CAC1B,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC9B,kBAAkB,CAQpB"}

package/dist/classifier.js

@@ -0,0 +1,157 @@
+"use strict";
+/**
+ * Tool classifier — lightweight client-side classification for real-time
+ * security decisions (exfiltration detection, persistence attempts).
+ *
+ * NOTE: Full risk-level classification remains server-side
+ * (podwatch-app/src/lib/risk-classifier.ts). This classifier only provides
+ * boolean flags needed for the before_tool_call hook to make blocking/alerting
+ * decisions in real time.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.classifyTool = classifyTool;
+// ---------------------------------------------------------------------------
+// Credential file patterns
+// ---------------------------------------------------------------------------
+const CREDENTIAL_FILE_PATTERNS = [
+    /\.env$/i,
+    /\.env\.[a-z]+$/i, // .env.local, .env.production, etc.
+    /\.key$/i,
+    /\.pem$/i,
+    /\.p12$/i,
+    /\.pfx$/i,
+    /\.jks$/i,
+    /\.keystore$/i,
+    /\.ssh\//i,
+    /id_rsa/i,
+    /id_ed25519/i,
+    /id_ecdsa/i,
+    /id_dsa/i,
+    /authorized_keys/i,
+    /known_hosts/i,
+    /\.gnupg\//i,
+    /\.aws\/credentials/i,
+    /\.netrc/i,
+];
+// ---------------------------------------------------------------------------
+// Network tools
+// ---------------------------------------------------------------------------
+const NETWORK_TOOLS = new Set([
+    "web_fetch",
+    "curl",
+    "wget",
+    "http_request",
+    "fetch",
+    "httpie",
+]);
+// ---------------------------------------------------------------------------
+// Persistence keywords (for bash/exec/spawn commands)
+// ---------------------------------------------------------------------------
+const PERSISTENCE_KEYWORDS = [
+    "crontab",
+    "systemd",
+    "systemctl",
+    "autostart",
+    "launchctl",
+    "launchd",
+    "at ", // `at` scheduler
+    "rc.local",
+    ".bashrc",
+    ".bash_profile",
+    ".profile",
+    ".zshrc",
+    "init.d",
+    "cron.d",
+];
+const EXEC_TOOLS = new Set(["bash", "exec", "spawn", "shell", "run"]);
+// ---------------------------------------------------------------------------
+// Public API
+// ---------------------------------------------------------------------------
+/**
+ * Classify a tool call for real-time security decisions.
+ */
+function classifyTool(toolName, params) {
+    const name = toolName.toLowerCase();
+    return {
+        accessesCredentials: checkAccessesCredentials(name, params),
+        makesNetworkCall: checkMakesNetworkCall(name, params),
+        persistenceAttempt: checkPersistenceAttempt(name, params),
+    };
+}
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+/** Extract command string from exec-like tool params. */
+function extractCommand(params) {
+    return ((typeof params.command === "string" && params.command) ||
+        (typeof params.cmd === "string" && params.cmd) ||
+        (typeof params.script === "string" && params.script) ||
+        "");
+}
+// ---------------------------------------------------------------------------
+// Internal checks
+// ---------------------------------------------------------------------------
+function checkAccessesCredentials(toolName, params) {
+    // Direct file-reading tools: check path params
+    if (toolName === "read" || toolName === "read_file" || toolName === "cat") {
+        const filePath = (typeof params.path === "string" && params.path) ||
+            (typeof params.file_path === "string" && params.file_path) ||
+            (typeof params.file === "string" && params.file) ||
+            "";
+        if (!filePath)
+            return false;
+        return CREDENTIAL_FILE_PATTERNS.some((pattern) => pattern.test(filePath));
+    }
+    // Exec-like tools: parse command for credential file paths
+    // Check each token/word individually since patterns use anchors (e.g. \.env$)
+    if (EXEC_TOOLS.has(toolName)) {
+        const command = extractCommand(params);
+        if (!command)
+            return false;
+        // Split on whitespace; also strip common prefixes like @ (curl's file ref)
+        const tokens = command.split(/\s+/).map((t) => t.replace(/^[@<>]+/, ""));
+        return tokens.some((token) => CREDENTIAL_FILE_PATTERNS.some((pattern) => pattern.test(token)));
+    }
+    return false;
+}
+// Network tool names that may appear as commands inside exec
+const EXEC_NETWORK_COMMANDS = [
+    "curl",
+    "wget",
+    "nc",
+    "ncat",
+    "ssh",
+    "scp",
+    "rsync",
+    "fetch",
+    "http", // httpie
+    "httpie",
+];
+function checkMakesNetworkCall(toolName, params) {
+    // Direct network tools
+    if (NETWORK_TOOLS.has(toolName))
+        return true;
+    // Exec-like tools: parse command for network tool invocations
+    if (EXEC_TOOLS.has(toolName)) {
+        const command = extractCommand(params);
+        if (!command)
+            return false;
+        const lower = command.toLowerCase();
+        return EXEC_NETWORK_COMMANDS.some((cmd) => {
+            // Match as a standalone word (start of command, after pipe, after &&, etc.)
+            const re = new RegExp(`(?:^|[|;&\\s])${cmd}(?:\\s|$)`);
+            return re.test(lower);
+        });
+    }
+    return false;
+}
+function checkPersistenceAttempt(toolName, params) {
+    if (!EXEC_TOOLS.has(toolName))
+        return false;
+    const command = extractCommand(params);
+    if (!command)
+        return false;
+    const lower = command.toLowerCase();
+    return PERSISTENCE_KEYWORDS.some((kw) => lower.includes(kw));
+}
+//# sourceMappingURL=classifier.js.map

package/dist/classifier.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"classifier.js","sourceRoot":"","sources":["../src/classifier.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;AAmFH,oCAWC;AA/ED,8EAA8E;AAC9E,2BAA2B;AAC3B,8EAA8E;AAE9E,MAAM,wBAAwB,GAAG;IAC/B,SAAS;IACT,iBAAiB,EAAE,oCAAoC;IACvD,SAAS;IACT,SAAS;IACT,SAAS;IACT,SAAS;IACT,SAAS;IACT,cAAc;IACd,UAAU;IACV,SAAS;IACT,aAAa;IACb,WAAW;IACX,SAAS;IACT,kBAAkB;IAClB,cAAc;IACd,YAAY;IACZ,qBAAqB;IACrB,UAAU;CACX,CAAC;AAEF,8EAA8E;AAC9E,gBAAgB;AAChB,8EAA8E;AAE9E,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC;IAC5B,WAAW;IACX,MAAM;IACN,MAAM;IACN,cAAc;IACd,OAAO;IACP,QAAQ;CACT,CAAC,CAAC;AAEH,8EAA8E;AAC9E,sDAAsD;AACtD,8EAA8E;AAE9E,MAAM,oBAAoB,GAAG;IAC3B,SAAS;IACT,SAAS;IACT,WAAW;IACX,WAAW;IACX,WAAW;IACX,SAAS;IACT,KAAK,EAAW,iBAAiB;IACjC,UAAU;IACV,SAAS;IACT,eAAe;IACf,UAAU;IACV,QAAQ;IACR,QAAQ;IACR,QAAQ;CACT,CAAC;AAEF,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;AAEtE,8EAA8E;AAC9E,aAAa;AACb,8EAA8E;AAE9E;;GAEG;AACH,SAAgB,YAAY,CAC1B,QAAgB,EAChB,MAA+B;IAE/B,MAAM,IAAI,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IAEpC,OAAO;QACL,mBAAmB,EAAE,wBAAwB,CAAC,IAAI,EAAE,MAAM,CAAC;QAC3D,gBAAgB,EAAE,qBAAqB,CAAC,IAAI,EAAE,MAAM,CAAC;QACrD,kBAAkB,EAAE,uBAAuB,CAAC,IAAI,EAAE,MAAM,CAAC;KAC1D,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAE9E,yDAAyD;AACzD,SAAS,cAAc,CAAC,MAA+B;IACrD,OAAO,CACL,CAAC,OAAO,MAAM,CAAC,OAAO,KAAK,QAAQ,IAAI,MAAM,CAAC,OAAO,CAAC;QACtD,CAAC,OAAO,MAAM,CAAC,GAAG,KAAK,QAAQ,IAAI,MAAM,CAAC,GAAG,CAAC;QAC9C,CAAC,OAAO,MAAM,CAAC,MAAM,KAAK,QAAQ,IAAI,MAAM,CAAC,MAAM,CAAC;QACpD,EAAE,CACH,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,kBAAkB;AAClB,8EAA8E;AAE9E,SAAS,wBAAwB,CAC/B,QAAgB,EAChB,MAA+B;IAE/B,+CAA+C;IAC/C,IAAI,QAAQ,KAAK,MAAM,IAAI,QAAQ,KAAK,WAAW,IAAI,QAAQ,KAAK,KAAK,EAAE,CAAC;QAC1E,MAAM,QAAQ,GACZ,CAAC,OAAO,MAAM,CAAC,IAAI,KAAK,QAAQ,IAAI,MAAM,CAAC,IAAI,CAAC;YAChD,CAAC,OAAO,MAAM,CAAC,SAAS,KAAK,QAAQ,IAAI,MAAM,CAAC,SAAS,CAAC;YAC1D,CAAC,OAAO,MAAM,CAAC,IAAI,KAAK,QAAQ,IAAI,MAAM,CAAC,IAAI,CAAC;YAChD,EAAE,CAAC;QAEL,IAAI,CAAC,QAAQ;YAAE,OAAO,KAAK,CAAC;QAC5B,OAAO,wBAAwB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;IAC5E,CAAC;IAED,2DAA2D;IAC3D,8EAA8E;IAC9E,IAAI,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC7B,MAAM,OAAO,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC;QACvC,IAAI,CAAC,OAAO;YAAE,OAAO,KAAK,CAAC;QAC3B,2EAA2E;QAC3E,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC;QACzE,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAC3B,wBAAwB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAChE,CAAC;IACJ,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,6DAA6D;AAC7D,MAAM,qBAAqB,GAAG;IAC5B,MAAM;IACN,MAAM;IACN,IAAI;IACJ,MAAM;IACN,KAAK;IACL,KAAK;IACL,OAAO;IACP,OAAO;IACP,MAAM,EAAK,SAAS;IACpB,QAAQ;CACT,CAAC;AAEF,SAAS,qBAAqB,CAC5B,QAAgB,EAChB,MAA+B;IAE/B,uBAAuB;IACvB,IAAI,aAAa,CAAC,GAAG,CAAC,QAAQ,CAAC;QAAE,OAAO,IAAI,CAAC;IAE7C,8DAA8D;IAC9D,IAAI,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC7B,MAAM,OAAO,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC;QACvC,IAAI,CAAC,OAAO;YAAE,OAAO,KAAK,CAAC;QAC3B,MAAM,KAAK,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;QACpC,OAAO,qBAAqB,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE;YACxC,4EAA4E;YAC5E,MAAM,EAAE,GAAG,IAAI,MAAM,CAAC,iBAAiB,GAAG,WAAW,CAAC,CAAC;YACvD,OAAO,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACxB,CAAC,CAAC,CAAC;IACL,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,uBAAuB,CAC9B,QAAgB,EAChB,MAA+B;IAE/B,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC;QAAE,OAAO,KAAK,CAAC;IAE5C,MAAM,OAAO,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC;IACvC,IAAI,CAAC,OAAO;QAAE,OAAO,KAAK,CAAC;IAE3B,MAAM,KAAK,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;IACpC,OAAO,oBAAoB,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC;AAC/D,CAAC"}

package/dist/hooks/cost.d.ts

@@ -0,0 +1,26 @@
+/**
+ * Cost handler — extracts token/cost data from before_agent_start messages.
+ *
+ * The plugin-sdk's onDiagnosticEvent is broken (separate module instances).
+ * Instead, we use before_agent_start which provides the full session history
+ * with usage data on every assistant message:
+ *   { provider, model, usage: { input, output, cacheRead, cacheWrite, totalTokens, cost: { total } } }
+ *
+ * Dedup strategy: lastSeenIndex tracks how far we've read into event.messages.
+ * Each invocation only processes messages from lastSeenIndex onwards, then
+ * advances the pointer. Zero memory growth, O(1) bookkeeping.
+ */
+import type { PodwatchConfig } from "../index.js";
+/**
+ * Reset all dedup state (exported for testing).
+ */
+export declare function _resetCostState(): void;
+/**
+ * Clear a single session's index (call on session_end to prevent memory leaks).
+ */
+export declare function _clearSessionIndex(sessionKey: string): void;
+/**
+ * Register the cost handler via before_agent_start hook.
+ */
+export declare function registerCostHandler(api: any, config: PodwatchConfig, diagnosticsEnabled: boolean): void;
+//# sourceMappingURL=cost.d.ts.map

package/dist/hooks/cost.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cost.d.ts","sourceRoot":"","sources":["../../src/hooks/cost.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAMlD;;GAEG;AACH,wBAAgB,eAAe,IAAI,IAAI,CAEtC;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI,CAE3D;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CACjC,GAAG,EAAE,GAAG,EACR,MAAM,EAAE,cAAc,EACtB,kBAAkB,EAAE,OAAO,GAC1B,IAAI,CA4EN"}

package/dist/hooks/cost.js

@@ -0,0 +1,107 @@
+"use strict";
+/**
+ * Cost handler — extracts token/cost data from before_agent_start messages.
+ *
+ * The plugin-sdk's onDiagnosticEvent is broken (separate module instances).
+ * Instead, we use before_agent_start which provides the full session history
+ * with usage data on every assistant message:
+ *   { provider, model, usage: { input, output, cacheRead, cacheWrite, totalTokens, cost: { total } } }
+ *
+ * Dedup strategy: lastSeenIndex tracks how far we've read into event.messages.
+ * Each invocation only processes messages from lastSeenIndex onwards, then
+ * advances the pointer. Zero memory growth, O(1) bookkeeping.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports._resetCostState = _resetCostState;
+exports._clearSessionIndex = _clearSessionIndex;
+exports.registerCostHandler = registerCostHandler;
+const transmitter_js_1 = require("../transmitter.js");
+// Track how far into event.messages we've already processed — per session
+const lastSeenIndexMap = new Map();
+/**
+ * Reset all dedup state (exported for testing).
+ */
+function _resetCostState() {
+    lastSeenIndexMap.clear();
+}
+/**
+ * Clear a single session's index (call on session_end to prevent memory leaks).
+ */
+function _clearSessionIndex(sessionKey) {
+    lastSeenIndexMap.delete(sessionKey);
+}
+/**
+ * Register the cost handler via before_agent_start hook.
+ */
+function registerCostHandler(api, config, diagnosticsEnabled) {
+    // before_agent_start carries the full message history with usage on each assistant turn
+    api.on("before_agent_start", async (event, ctx) => {
+        if (!event?.messages || !Array.isArray(event.messages))
+            return;
+        const sessionKey = ctx?.sessionKey ?? "__default__";
+        // Get per-session index (defaults to 0 for new sessions)
+        let lastSeenIndex = lastSeenIndexMap.get(sessionKey) ?? 0;
+        // Bounds check: if messages were compacted, reset to 0
+        if (lastSeenIndex > event.messages.length) {
+            lastSeenIndex = 0;
+        }
+        // Only process new messages since last invocation
+        const newMessages = event.messages.slice(lastSeenIndex);
+        lastSeenIndexMap.set(sessionKey, event.messages.length);
+        if (newMessages.length === 0)
+            return;
+        // Detect heartbeat-triggered turns by scanning the last user message
+        // OpenClaw heartbeat prompts always contain "HEARTBEAT" (e.g. "Read HEARTBEAT.md")
+        let isHeartbeat = false;
+        for (let i = event.messages.length - 1; i >= 0; i--) {
+            const m = event.messages[i];
+            if (m?.role === "user") {
+                const text = typeof m.content === "string" ? m.content : JSON.stringify(m.content ?? "");
+                if (/HEARTBEAT/i.test(text)) {
+                    isHeartbeat = true;
+                }
+                break; // only check the last user message
+            }
+        }
+        for (const msg of newMessages) {
+            // Only assistant messages have usage data
+            if (msg.role !== "assistant")
+                continue;
+            if (!msg.usage)
+                continue;
+            // Skip zero-cost internal messages (delivery-mirror, etc.)
+            if (msg.provider === "openclaw" || msg.model === "delivery-mirror")
+                continue;
+            if (msg.usage.totalTokens === 0 && !msg.usage.input && !msg.usage.output)
+                continue;
+            const costTotal = msg.usage.cost?.total ?? undefined;
+            transmitter_js_1.transmitter.enqueue({
+                type: "cost",
+                ts: msg.timestamp ?? Date.now(),
+                sessionKey: ctx?.sessionKey,
+                agentId: ctx?.agentId,
+                provider: msg.provider,
+                model: msg.model,
+                inputTokens: msg.usage.input ?? 0,
+                outputTokens: msg.usage.output ?? 0,
+                cacheReadTokens: msg.usage.cacheRead ?? 0,
+                cacheWriteTokens: msg.usage.cacheWrite ?? 0,
+                totalTokens: msg.usage.totalTokens ?? ((msg.usage.input ?? 0) + (msg.usage.output ?? 0)),
+                costUsd: costTotal,
+                costBreakdown: msg.usage.cost, // full {input, output, cacheRead, cacheWrite, total} object
+                durationMs: undefined,
+                // Tag heartbeat-triggered cost events so the dashboard can distinguish them
+                ...(isHeartbeat ? { sessionType: "heartbeat" } : {}),
+            });
+        }
+    }, { name: "podwatch-cost" });
+    // Clean up session index on session end to prevent memory leaks
+    api.on("session_end", async (_event, ctx) => {
+        const sessionKey = ctx?.sessionKey;
+        if (sessionKey) {
+            lastSeenIndexMap.delete(sessionKey);
+        }
+    }, { name: "podwatch-cost-cleanup" });
+    api.logger.info("[podwatch/cost] Cost tracking via before_agent_start message history");
+}
+//# sourceMappingURL=cost.js.map

package/dist/hooks/cost.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cost.js","sourceRoot":"","sources":["../../src/hooks/cost.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG;;AAWH,0CAEC;AAKD,gDAEC;AAKD,kDAgFC;AAtGD,sDAAgD;AAEhD,0EAA0E;AAC1E,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAkB,CAAC;AAEnD;;GAEG;AACH,SAAgB,eAAe;IAC7B,gBAAgB,CAAC,KAAK,EAAE,CAAC;AAC3B,CAAC;AAED;;GAEG;AACH,SAAgB,kBAAkB,CAAC,UAAkB;IACnD,gBAAgB,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;AACtC,CAAC;AAED;;GAEG;AACH,SAAgB,mBAAmB,CACjC,GAAQ,EACR,MAAsB,EACtB,kBAA2B;IAE3B,wFAAwF;IACxF,GAAG,CAAC,EAAE,CAAC,oBAAoB,EAAE,KAAK,EAAE,KAAU,EAAE,GAAQ,EAAE,EAAE;QAC1D,IAAI,CAAC,KAAK,EAAE,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC;YAAE,OAAO;QAE/D,MAAM,UAAU,GAAW,GAAG,EAAE,UAAU,IAAI,aAAa,CAAC;QAE5D,yDAAyD;QACzD,IAAI,aAAa,GAAG,gBAAgB,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QAE1D,uDAAuD;QACvD,IAAI,aAAa,GAAG,KAAK,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;YAC1C,aAAa,GAAG,CAAC,CAAC;QACpB,CAAC;QAED,kDAAkD;QAClD,MAAM,WAAW,GAAG,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;QACxD,gBAAgB,CAAC,GAAG,CAAC,UAAU,EAAE,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAExD,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO;QAErC,qEAAqE;QACrE,mFAAmF;QACnF,IAAI,WAAW,GAAG,KAAK,CAAC;QACxB,KAAK,IAAI,CAAC,GAAG,KAAK,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YACpD,MAAM,CAAC,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YAC5B,IAAI,CAAC,EAAE,IAAI,KAAK,MAAM,EAAE,CAAC;gBACvB,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;gBACzF,IAAI,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC5B,WAAW,GAAG,IAAI,CAAC;gBACrB,CAAC;gBACD,MAAM,CAAC,mCAAmC;YAC5C,CAAC;QACH,CAAC;QAED,KAAK,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC;YAC9B,0CAA0C;YAC1C,IAAI,GAAG,CAAC,IAAI,KAAK,WAAW;gBAAE,SAAS;YACvC,IAAI,CAAC,GAAG,CAAC,KAAK;gBAAE,SAAS;YAEzB,2DAA2D;YAC3D,IAAI,GAAG,CAAC,QAAQ,KAAK,UAAU,IAAI,GAAG,CAAC,KAAK,KAAK,iBAAiB;gBAAE,SAAS;YAC7E,IAAI,GAAG,CAAC,KAAK,CAAC,WAAW,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM;gBAAE,SAAS;YAEnF,MAAM,SAAS,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE,KAAK,IAAI,SAAS,CAAC;YAErD,4BAAW,CAAC,OAAO,CAAC;gBAClB,IAAI,EAAE,MAAM;gBACZ,EAAE,EAAE,GAAG,CAAC,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE;gBAC/B,UAAU,EAAE,GAAG,EAAE,UAAU;gBAC3B,OAAO,EAAE,GAAG,EAAE,OAAO;gBACrB,QAAQ,EAAE,GAAG,CAAC,QAAQ;gBACtB,KAAK,EAAE,GAAG,CAAC,KAAK;gBAChB,WAAW,EAAE,GAAG,CAAC,KAAK,CAAC,KAAK,IAAI,CAAC;gBACjC,YAAY,EAAE,GAAG,CAAC,KAAK,CAAC,MAAM,IAAI,CAAC;gBACnC,eAAe,EAAE,GAAG,CAAC,KAAK,CAAC,SAAS,IAAI,CAAC;gBACzC,gBAAgB,EAAE,GAAG,CAAC,KAAK,CAAC,UAAU,IAAI,CAAC;gBAC3C,WAAW,EAAE,GAAG,CAAC,KAAK,CAAC,WAAW,IAAI,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC;gBACxF,OAAO,EAAE,SAAS;gBAClB,aAAa,EAAE,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE,4DAA4D;gBAC3F,UAAU,EAAE,SAAS;gBACrB,4EAA4E;gBAC5E,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aACrD,CAAC,CAAC;QACL,CAAC;IACH,CAAC,EAAE,EAAE,IAAI,EAAE,eAAe,EAAE,CAAC,CAAC;IAE9B,gEAAgE;IAChE,GAAG,CAAC,EAAE,CAAC,aAAa,EAAE,KAAK,EAAE,MAAW,EAAE,GAAQ,EAAE,EAAE;QACpD,MAAM,UAAU,GAAW,GAAG,EAAE,UAAU,CAAC;QAC3C,IAAI,UAAU,EAAE,CAAC;YACf,gBAAgB,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QACtC,CAAC;IACH,CAAC,EAAE,EAAE,IAAI,EAAE,uBAAuB,EAAE,CAAC,CAAC;IAEtC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,sEAAsE,CAAC,CAAC;AAC1F,CAAC"}

package/dist/hooks/lifecycle.d.ts

@@ -0,0 +1,16 @@
+/**
+ * Lifecycle handlers — gateway_start, gateway_stop, before_compaction.
+ *
+ * register(): starts pulse interval + initial skill/plugin scan
+ * gateway_stop: flushes pending events, stops intervals
+ * before_compaction: tracks context window pressure
+ *
+ * Pulse = Podwatch plugin's lightweight alive-ping (direct HTTP, no LLM cost).
+ * This is NOT OpenClaw's agent heartbeat (which triggers LLM turns).
+ */
+import type { PodwatchConfig } from "../index.js";
+/**
+ * Register lifecycle hook handlers.
+ */
+export declare function registerLifecycleHandlers(api: any, config: PodwatchConfig): void;
+//# sourceMappingURL=lifecycle.d.ts.map

package/dist/hooks/lifecycle.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"lifecycle.d.ts","sourceRoot":"","sources":["../../src/hooks/lifecycle.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAwElD;;GAEG;AACH,wBAAgB,yBAAyB,CAAC,GAAG,EAAE,GAAG,EAAE,MAAM,EAAE,cAAc,GAAG,IAAI,CAwHhF"}