spawnfile 0.1.0

package/dist/report/index.js

@@ -0,0 +1,4 @@
+export * from "./createDiagnostic.js";
+export * from "./createReport.js";
+export * from "./types.js";
+export * from "./writeReport.js";

package/dist/report/types.d.ts

@@ -0,0 +1,50 @@
+import type { RuntimeLifecycleStatus } from "../shared/index.js";
+import type { ModelAuthMethod } from "../shared/index.js";
+export type CapabilityOutcome = "degraded" | "supported" | "unsupported";
+export interface CapabilityReport {
+    key: string;
+    message: string;
+    outcome: CapabilityOutcome;
+}
+export interface DiagnosticReport {
+    level: "error" | "info" | "warn";
+    message: string;
+}
+export interface ContainerRuntimeInstanceReport {
+    config_path: string;
+    home_path: string | null;
+    id: string;
+    model_auth_methods: Record<string, ModelAuthMethod>;
+    model_secrets_required: string[];
+    runtime: string;
+}
+export interface NodeReport {
+    capabilities: CapabilityReport[];
+    diagnostics: DiagnosticReport[];
+    id: string;
+    kind: "agent" | "team";
+    output_dir: string | null;
+    runtime: string | null;
+    runtime_ref: string | null;
+    runtime_status: RuntimeLifecycleStatus | null;
+    source: string;
+}
+export interface ContainerReport {
+    dockerfile: string;
+    entrypoint: string;
+    env_example: string;
+    model_secrets_required: string[];
+    ports: number[];
+    runtime_instances: ContainerRuntimeInstanceReport[];
+    runtime_homes: string[];
+    runtime_secrets_required: string[];
+    runtimes_installed: string[];
+    secrets_required: string[];
+}
+export interface CompileReport {
+    container?: ContainerReport;
+    diagnostics: DiagnosticReport[];
+    nodes: NodeReport[];
+    root: string;
+    spawnfile_version: "0.1";
+}

package/dist/report/types.js

@@ -0,0 +1 @@
+export {};

package/dist/report/writeReport.d.ts

@@ -0,0 +1,2 @@
+import { CompileReport } from "./types.js";
+export declare const writeCompileReport: (outputDirectory: string, report: CompileReport) => Promise<string>;

package/dist/report/writeReport.js

@@ -0,0 +1,9 @@
+import path from "node:path";
+import { ensureDirectory, writeUtf8File } from "../filesystem/index.js";
+import { REPORT_FILENAME } from "../shared/index.js";
+export const writeCompileReport = async (outputDirectory, report) => {
+    await ensureDirectory(outputDirectory);
+    const reportPath = path.join(outputDirectory, REPORT_FILENAME);
+    await writeUtf8File(reportPath, `${JSON.stringify(report, null, 2)}\n`);
+    return reportPath;
+};

package/dist/runtime/common.d.ts

@@ -0,0 +1,13 @@
+import type { ResolvedAgentNode, ResolvedDocument, ResolvedSkill } from "../compiler/types.js";
+import type { CapabilityReport, DiagnosticReport } from "../report/index.js";
+import { EmittedFile } from "./types.js";
+export declare const createCapability: (key: string, outcome: CapabilityReport["outcome"], message?: string) => CapabilityReport;
+export declare const createDiagnostic: (level: DiagnosticReport["level"], message: string) => DiagnosticReport;
+export declare const createDocumentFiles: (baseDirectory: string, documents: ResolvedDocument[]) => EmittedFile[];
+export declare const createSkillFiles: (baseDirectory: string, skills: ResolvedSkill[]) => EmittedFile[];
+export declare const createAgentCapabilities: (node: ResolvedAgentNode, options?: {
+    mcpOutcome?: CapabilityReport["outcome"];
+    sandboxOutcome?: CapabilityReport["outcome"];
+    subagentOutcome?: CapabilityReport["outcome"];
+    workspaceOutcome?: CapabilityReport["outcome"];
+}) => CapabilityReport[];

package/dist/runtime/common.js

@@ -0,0 +1,63 @@
+const ROLE_FILE_NAMES = {
+    heartbeat: "HEARTBEAT.md",
+    identity: "IDENTITY.md",
+    memory: "MEMORY.md",
+    soul: "SOUL.md",
+    system: "AGENTS.md"
+};
+export const createCapability = (key, outcome, message = "") => ({
+    key,
+    message,
+    outcome
+});
+export const createDiagnostic = (level, message) => ({
+    level,
+    message
+});
+export const createDocumentFiles = (baseDirectory, documents) => documents.map((document) => ({
+    content: document.content,
+    path: document.role in ROLE_FILE_NAMES
+        ? `${baseDirectory}/${ROLE_FILE_NAMES[document.role]}`
+        : `${baseDirectory}/extras/${document.role.replace(/^extras\./, "")}.md`
+}));
+export const createSkillFiles = (baseDirectory, skills) => skills.map((skill) => ({
+    content: skill.content,
+    path: `${baseDirectory}/${skill.name}/SKILL.md`
+}));
+export const createAgentCapabilities = (node, options = {}) => {
+    const capabilities = [];
+    for (const document of node.docs) {
+        capabilities.push(createCapability(`docs.${document.role}`, "supported"));
+    }
+    for (const skill of node.skills) {
+        capabilities.push(createCapability(`skills.${skill.name}`, "supported"));
+    }
+    for (const server of node.mcpServers) {
+        capabilities.push(createCapability(`mcp.${server.name}`, options.mcpOutcome ?? "supported"));
+    }
+    if (node.execution?.model) {
+        capabilities.push(createCapability("execution.model", "supported"));
+    }
+    if (node.execution?.workspace) {
+        capabilities.push(createCapability("execution.workspace", options.workspaceOutcome ?? "supported"));
+    }
+    if (node.execution?.sandbox) {
+        capabilities.push(createCapability("execution.sandbox", options.sandboxOutcome ?? "supported"));
+    }
+    if (node.surfaces?.discord) {
+        capabilities.push(createCapability("surfaces.discord", "supported"));
+    }
+    if (node.surfaces?.telegram) {
+        capabilities.push(createCapability("surfaces.telegram", "supported"));
+    }
+    if (node.surfaces?.whatsapp) {
+        capabilities.push(createCapability("surfaces.whatsapp", "supported"));
+    }
+    if (node.surfaces?.slack) {
+        capabilities.push(createCapability("surfaces.slack", "supported"));
+    }
+    if (node.subagents.length > 0) {
+        capabilities.push(createCapability("agent.subagents", options.subagentOutcome ?? "supported"));
+    }
+    return capabilities;
+};

package/dist/runtime/container.d.ts

@@ -0,0 +1,8 @@
+export declare const RUNTIME_INSTALL_ROOT = "/opt/spawnfile/runtime-installs";
+export interface RuntimeInstallRecipe {
+    commands: string[];
+    copyCommands: string[];
+    runtimeName: string;
+    runtimeRoot: string;
+}
+export declare const createRuntimeInstallRecipe: (runtimeName: string) => Promise<RuntimeInstallRecipe>;

package/dist/runtime/container.js

@@ -0,0 +1,67 @@
+import { SpawnfileError } from "../shared/index.js";
+import { resolveRuntimeInstallSelection } from "./install.js";
+export const RUNTIME_INSTALL_ROOT = "/opt/spawnfile/runtime-installs";
+const createGitHubReleaseUrl = (repository, tag, asset) => `https://github.com/${repository}/releases/download/${tag}/${asset}`;
+const assertArtifactInstallSelection = (runtimeName, selection) => {
+    if (selection.kind !== "source_repo") {
+        return;
+    }
+    throw new SpawnfileError("runtime_error", `Runtime ${runtimeName} must use a compiled artifact install for generated containers`);
+};
+const createPicoClawArchiveInstallCommands = (runtimeRoot, selection) => [
+    `mkdir -p ${runtimeRoot}/bin`,
+    `arch="$(dpkg --print-architecture)" && case "$arch" in amd64) asset=${JSON.stringify(selection.versionedAssets.linux_amd64)} ;; arm64) asset=${JSON.stringify(selection.versionedAssets.linux_arm64)} ;; *) echo "Unsupported PicoClaw release architecture: $arch" >&2; exit 1 ;; esac && url="https://github.com/${selection.repository}/releases/download/${selection.tag}/$asset" && curl -fsSL -o /tmp/picoclaw.tar.gz "$url" && rm -rf /tmp/picoclaw-extract && mkdir -p /tmp/picoclaw-extract && tar -xzf /tmp/picoclaw.tar.gz -C /tmp/picoclaw-extract && binary_path="$(find /tmp/picoclaw-extract -type f -name ${JSON.stringify(selection.binaryName)} | head -n 1)" && [ -n "$binary_path" ] && install -m 0755 "$binary_path" ${runtimeRoot}/bin/${selection.binaryName} && ln -sf ${runtimeRoot}/bin/${selection.binaryName} /usr/local/bin/${selection.binaryName} && rm -rf /tmp/picoclaw.tar.gz /tmp/picoclaw-extract`
+];
+export const createRuntimeInstallRecipe = async (runtimeName) => {
+    const selection = await resolveRuntimeInstallSelection(runtimeName);
+    assertArtifactInstallSelection(runtimeName, selection);
+    const installRoot = `${RUNTIME_INSTALL_ROOT}/${runtimeName}`;
+    switch (runtimeName) {
+        case "openclaw": {
+            if (selection.kind !== "container_image" && selection.kind !== "npm") {
+                throw new SpawnfileError("runtime_error", `Runtime ${runtimeName} has no compiled artifact recipe for ${selection.kind}`);
+            }
+            return {
+                commands: selection.kind === "container_image"
+                    ? []
+                    : [`npm install -g --omit=dev --no-fund --no-audit ${selection.packageName}@${selection.version}`],
+                copyCommands: selection.kind === "container_image"
+                    ? [`COPY --from=${selection.image}:${selection.tag} /app ${installRoot}`]
+                    : [],
+                runtimeName,
+                runtimeRoot: selection.kind === "container_image"
+                    ? installRoot
+                    : `/usr/local/lib/node_modules/${selection.packageName}`
+            };
+        }
+        case "picoclaw": {
+            if (selection.kind !== "github_release_archive") {
+                throw new SpawnfileError("runtime_error", `Runtime ${runtimeName} has no compiled artifact recipe for ${selection.kind}`);
+            }
+            return {
+                commands: createPicoClawArchiveInstallCommands(installRoot, selection),
+                copyCommands: [],
+                runtimeName,
+                runtimeRoot: installRoot
+            };
+        }
+        case "tinyclaw": {
+            if (selection.kind !== "github_release_bundle") {
+                throw new SpawnfileError("runtime_error", `Runtime ${runtimeName} has no compiled artifact recipe for ${selection.kind}`);
+            }
+            return {
+                commands: [
+                    `mkdir -p ${installRoot}`,
+                    `curl -fsSL ${JSON.stringify(createGitHubReleaseUrl(selection.repository, selection.tag, selection.asset))} | tar -xz --strip-components=1 -C ${installRoot}`,
+                    `cd ${installRoot} && npm rebuild better-sqlite3 --silent`
+                ],
+                copyCommands: [],
+                runtimeName,
+                runtimeRoot: installRoot
+            };
+        }
+        /* c8 ignore next 5 -- compileable runtimes are exhaustively covered above */
+        default:
+            throw new SpawnfileError("runtime_error", `Runtime ${runtimeName} has no container install recipe`);
+    }
+};

package/dist/runtime/index.d.ts

@@ -0,0 +1,4 @@
+export * from "./container.js";
+export * from "./install.js";
+export * from "./registry.js";
+export * from "./types.js";

package/dist/runtime/index.js

@@ -0,0 +1,4 @@
+export * from "./container.js";
+export * from "./install.js";
+export * from "./registry.js";
+export * from "./types.js";

package/dist/runtime/install.d.ts

@@ -0,0 +1,51 @@
+export type RuntimeInstallSelection = {
+    ecosystem: "node";
+    image: string;
+    installHint: string;
+    kind: "container_image";
+    runtimeName: string;
+    runtimeRef: string;
+    selectionSource: "runtime_registry_install";
+    tag: string;
+} | {
+    binaryName: string;
+    ecosystem: "go";
+    installHint: string;
+    kind: "github_release_archive";
+    repository: string;
+    runtimeName: string;
+    runtimeRef: string;
+    selectionSource: "runtime_registry_install";
+    tag: string;
+    versionedAssets: Record<string, string>;
+} | {
+    asset: string;
+    ecosystem: "node";
+    installHint: string;
+    kind: "github_release_bundle";
+    repository: string;
+    runtimeName: string;
+    runtimeRef: string;
+    selectionSource: "runtime_registry_install";
+    tag: string;
+} | {
+    ecosystem: "node";
+    installHint: string;
+    kind: "npm";
+    packageName: string;
+    runtimeName: string;
+    runtimeRef: string;
+    selectionSource: "runtime_registry_install";
+    version: string;
+} | {
+    ecosystem: "go" | "node";
+    installHint: string;
+    kind: "source_repo";
+    remote: string;
+    runtimeName: string;
+    runtimeRef: string;
+    selectionSource: "runtime_registry_ref";
+};
+export declare const resolveRuntimeInstallSelection: (runtimeName: string) => Promise<RuntimeInstallSelection>;
+export declare const listInstallSelectionRuntimes: () => Promise<string[]>;
+export declare const assertInstallSelectionsCoverCompileableRuntimes: () => Promise<void>;

package/dist/runtime/install.js

@@ -0,0 +1,167 @@
+import { SpawnfileError } from "../shared/index.js";
+import { assertRuntimeCanCompile, loadRuntimeRegistry } from "./registry.js";
+const GITHUB_SSH_REMOTE_PATTERN = /^git@github\.com:(.+)$/;
+const convertRemoteToHttps = (remote) => {
+    const githubSshMatch = remote.match(GITHUB_SSH_REMOTE_PATTERN);
+    if (githubSshMatch) {
+        return `https://github.com/${githubSshMatch[1]}`;
+    }
+    return remote.replace(/^git\+/, "");
+};
+const installHints = new Map([
+    [
+        "openclaw",
+        {
+            container_image: {
+                ecosystem: "node",
+                installHint: "Copy the pinned OpenClaw runtime files from the official container image."
+            },
+            github_release_archive: {
+                ecosystem: "node",
+                installHint: "Download the pinned OpenClaw artifact archive from the release."
+            },
+            github_release_bundle: {
+                ecosystem: "node",
+                installHint: "Download the pinned OpenClaw bundle artifact from the release."
+            },
+            npm: {
+                ecosystem: "node",
+                installHint: "Install the pinned OpenClaw package version from npm."
+            },
+            source_repo: {
+                ecosystem: "node",
+                installHint: "Checkout the pinned repo ref and install from the repository root."
+            }
+        }
+    ],
+    [
+        "picoclaw",
+        {
+            container_image: {
+                ecosystem: "go",
+                installHint: "Copy the pinned PicoClaw runtime files from the official container image."
+            },
+            github_release_archive: {
+                ecosystem: "go",
+                installHint: "Download the pinned PicoClaw release archive for the target platform."
+            },
+            github_release_bundle: {
+                ecosystem: "node",
+                installHint: "Download the pinned PicoClaw bundle artifact from the release."
+            },
+            npm: {
+                ecosystem: "node",
+                installHint: "Install the pinned PicoClaw package version from npm."
+            },
+            source_repo: {
+                ecosystem: "go",
+                installHint: "Checkout the pinned repo ref and build/install from the repository root."
+            }
+        }
+    ],
+    [
+        "tinyclaw",
+        {
+            container_image: {
+                ecosystem: "node",
+                installHint: "Copy the pinned TinyClaw runtime files from the official container image."
+            },
+            github_release_archive: {
+                ecosystem: "go",
+                installHint: "Download the pinned TinyClaw release archive for the target platform."
+            },
+            github_release_bundle: {
+                ecosystem: "node",
+                installHint: "Download the pinned TinyClaw bundle artifact from the release."
+            },
+            npm: {
+                ecosystem: "node",
+                installHint: "Install the pinned TinyClaw package version from npm."
+            },
+            source_repo: {
+                ecosystem: "node",
+                installHint: "Checkout the pinned repo ref and run the TinyAGI install flow from the repository root."
+            }
+        }
+    ]
+]);
+export const resolveRuntimeInstallSelection = async (runtimeName) => {
+    const runtime = await assertRuntimeCanCompile(runtimeName);
+    const installProfile = installHints.get(runtime.name);
+    if (!installProfile) {
+        throw new SpawnfileError("runtime_error", `Runtime ${runtime.name} has no install selection profile`);
+    }
+    switch (runtime.install?.kind) {
+        case "container_image":
+            return {
+                ecosystem: "node",
+                image: runtime.install.image,
+                installHint: installProfile.container_image.installHint,
+                kind: "container_image",
+                runtimeName: runtime.name,
+                runtimeRef: runtime.ref,
+                selectionSource: "runtime_registry_install",
+                tag: runtime.install.tag
+            };
+        case "npm":
+            return {
+                ecosystem: "node",
+                installHint: installProfile.npm.installHint,
+                kind: "npm",
+                packageName: runtime.install.package,
+                runtimeName: runtime.name,
+                runtimeRef: runtime.ref,
+                selectionSource: "runtime_registry_install",
+                version: runtime.install.version
+            };
+        case "github_release_archive":
+            return {
+                ecosystem: "go",
+                installHint: installProfile.github_release_archive.installHint,
+                binaryName: runtime.install.binary,
+                kind: "github_release_archive",
+                repository: runtime.install.repository,
+                runtimeName: runtime.name,
+                runtimeRef: runtime.ref,
+                selectionSource: "runtime_registry_install",
+                tag: runtime.install.tag,
+                versionedAssets: runtime.install.assets
+            };
+        case "github_release_bundle":
+            return {
+                ecosystem: "node",
+                installHint: installProfile.github_release_bundle.installHint,
+                asset: runtime.install.asset,
+                kind: "github_release_bundle",
+                repository: runtime.install.repository,
+                runtimeName: runtime.name,
+                runtimeRef: runtime.ref,
+                selectionSource: "runtime_registry_install",
+                tag: runtime.install.tag
+            };
+        case "source_repo":
+        case undefined:
+            return {
+                ...installProfile.source_repo,
+                kind: "source_repo",
+                remote: convertRemoteToHttps(runtime.remote),
+                runtimeName: runtime.name,
+                runtimeRef: runtime.ref,
+                selectionSource: "runtime_registry_ref"
+            };
+        default:
+            throw new SpawnfileError("runtime_error", `Unsupported install selection kind for ${runtime.name}`);
+    }
+};
+export const listInstallSelectionRuntimes = async () => [...installHints.keys()].sort();
+export const assertInstallSelectionsCoverCompileableRuntimes = async () => {
+    const compileableRuntimeNames = (await loadRuntimeRegistry())
+        .filter((entry) => entry.status === "active" || entry.status === "deprecated")
+        .map((entry) => entry.name)
+        .sort();
+    const coveredRuntimeNames = await listInstallSelectionRuntimes();
+    if (compileableRuntimeNames.length !== coveredRuntimeNames.length ||
+        compileableRuntimeNames.some((runtimeName, index) => runtimeName !== coveredRuntimeNames[index])) {
+        throw new SpawnfileError("runtime_error", "Install selection profiles do not cover all compileable runtimes");
+    }
+};

package/dist/runtime/openclaw/adapter.d.ts

@@ -0,0 +1,2 @@
+import type { RuntimeAdapter } from "../types.js";
+export declare const openClawAdapter: RuntimeAdapter;

package/dist/runtime/openclaw/adapter.js

@@ -0,0 +1,194 @@
+import { listEffectiveExecutionModelTargets } from "../../compiler/modelEnv.js";
+import { createAgentCapabilities, createDiagnostic, createDocumentFiles, createSkillFiles } from "../common.js";
+import { SpawnfileError } from "../../shared/index.js";
+import { prepareOpenClawRuntimeAuth } from "./runAuth.js";
+import { createOpenClawAgentScaffold } from "./scaffold.js";
+import { assertSupportedOpenClawSurfaces, buildOpenClawChannelConfig, buildOpenClawSurfaceEnvBindings } from "./surfaces.js";
+const buildEnvSecretRef = (envName) => ({
+    id: envName,
+    provider: "default",
+    source: "env"
+});
+const createCustomProviderId = (provider) => `spawnfile-${provider}`;
+const createOpenClawModelConfig = (node) => {
+    const [primary] = listEffectiveExecutionModelTargets(node.execution);
+    if (!primary) {
+        return { model: null };
+    }
+    if (primary.provider !== "custom" && primary.provider !== "local") {
+        return { model: `${primary.provider}/${primary.name}` };
+    }
+    const providerId = createCustomProviderId(primary.provider);
+    return {
+        model: `${providerId}/${primary.name}`,
+        providers: {
+            [providerId]: {
+                api: primary.endpoint?.compatibility === "anthropic"
+                    ? "anthropic-messages"
+                    : "openai-completions",
+                ...(primary.auth.method === "api_key" && primary.auth.key
+                    ? { apiKey: buildEnvSecretRef(primary.auth.key) }
+                    : {}),
+                baseUrl: primary.endpoint?.base_url,
+                models: [
+                    {
+                        id: primary.name,
+                        name: primary.name
+                    }
+                ]
+            }
+        }
+    };
+};
+const buildOpenClawConfig = (node) => {
+    const modelConfig = createOpenClawModelConfig(node);
+    const config = {
+        agents: {
+            defaults: {
+                ...(modelConfig.model ? { model: modelConfig.model } : {}),
+                workspace: "<workspace-path>"
+            }
+        },
+        gateway: {
+            auth: {
+                mode: "token"
+            },
+            bind: "lan",
+            controlUi: {
+                allowedOrigins: [
+                    "http://127.0.0.1:<gateway-port>",
+                    "http://localhost:<gateway-port>"
+                ]
+            },
+            mode: "local",
+            port: "<gateway-port>"
+        }
+    };
+    const channels = buildOpenClawChannelConfig(node.surfaces);
+    if (Object.keys(channels).length > 0) {
+        config.channels = channels;
+    }
+    if (modelConfig.providers) {
+        config.models = {
+            providers: modelConfig.providers
+        };
+    }
+    return `${JSON.stringify(config, null, 2)}\n`;
+};
+const createOpenClawStateFiles = () => [
+    {
+        // Pre-create the agent state tree so Docker bind mounts do not create root-owned parents.
+        content: "",
+        path: "home/.openclaw/agents/main/agent/.keep"
+    },
+    {
+        // OpenClaw persists session state under agents/main/sessions at runtime.
+        content: "",
+        path: "home/.openclaw/agents/main/sessions/.keep"
+    }
+];
+const createContainerTargets = async (inputs) => inputs.map((input) => {
+    const agent = input.kind === "agent" ? input.value : null;
+    return {
+        configEnvBindings: buildOpenClawSurfaceEnvBindings(agent?.surfaces),
+        files: input.emittedFiles,
+        id: `${input.kind}-${input.slug}`,
+        sourceIds: [input.id]
+    };
+});
+export const openClawAdapter = {
+    assertSupportedModelTarget(target) {
+        if (target.endpoint) {
+            if (target.auth.method === "claude-code" || target.auth.method === "codex") {
+                throw new SpawnfileError("validation_error", `OpenClaw custom or local models do not support ${target.auth.method} auth`);
+            }
+            return;
+        }
+        if (target.provider === "anthropic") {
+            if (target.auth.method === "api_key" || target.auth.method === "claude-code") {
+                return;
+            }
+        }
+        else if (target.provider === "openai") {
+            if (target.auth.method === "api_key" || target.auth.method === "codex") {
+                return;
+            }
+        }
+        else if (target.auth.method === "api_key" || target.auth.method === "none") {
+            return;
+        }
+        throw new SpawnfileError("validation_error", `OpenClaw does not support model auth method ${target.auth.method} for provider ${target.provider}`);
+    },
+    assertSupportedSurfaces(surfaces) {
+        assertSupportedOpenClawSurfaces(surfaces);
+    },
+    container: {
+        configFileName: "openclaw.json",
+        configPathEnv: "OPENCLAW_CONFIG_PATH",
+        env: [
+            {
+                description: "Gateway auth token required for non-loopback OpenClaw access",
+                name: "OPENCLAW_GATEWAY_TOKEN",
+                required: true
+            }
+        ],
+        homeEnv: "OPENCLAW_HOME",
+        instancePaths: {
+            configPathTemplate: "<instance-root>/home/.openclaw/<config-file>",
+            homePathTemplate: "<instance-root>/home",
+            workspacePathTemplate: "<instance-root>/home/.openclaw/workspace"
+        },
+        port: 18789,
+        portEnv: "OPENCLAW_GATEWAY_PORT",
+        standaloneBaseImage: "node:24-bookworm-slim",
+        startCommand: [
+            "node",
+            "<runtime-root>/openclaw.mjs",
+            "gateway",
+            "--allow-unconfigured",
+            "--bind",
+            "lan",
+            "--port",
+            "<port>",
+            "--verbose"
+        ],
+        systemDeps: ["bash", "ca-certificates", "curl", "git", "hostname", "openssl", "procps"]
+    },
+    async compileAgent(node) {
+        return {
+            capabilities: createAgentCapabilities(node, {
+                mcpOutcome: node.mcpServers.length > 0 ? "degraded" : "supported",
+                subagentOutcome: node.subagents.length > 0 ? "degraded" : "supported"
+            }),
+            diagnostics: [
+                ...(node.subagents.length > 0
+                    ? [createDiagnostic("warn", "OpenClaw subagents lower to routed sessions in v0.1")]
+                    : []),
+                ...(node.mcpServers.length > 0
+                    ? [createDiagnostic("warn", "OpenClaw MCP goes through mcporter bridge; direct config may not apply")]
+                    : [])
+            ],
+            files: [
+                ...createDocumentFiles("workspace", node.docs),
+                ...createSkillFiles("workspace/skills", node.skills),
+                ...createOpenClawStateFiles(),
+                {
+                    content: buildOpenClawConfig(node),
+                    path: "openclaw.json"
+                }
+            ]
+        };
+    },
+    async createContainerTargets(inputs) {
+        return createContainerTargets(inputs);
+    },
+    name: "openclaw",
+    prepareRuntimeAuth: prepareOpenClawRuntimeAuth,
+    scaffoldAgentProject: createOpenClawAgentScaffold,
+    validateRuntimeOptions(options) {
+        if ("profile" in options && typeof options.profile !== "string") {
+            return [createDiagnostic("error", "OpenClaw runtime option profile must be a string")];
+        }
+        return [];
+    }
+};

package/dist/runtime/openclaw/runAuth.d.ts

@@ -0,0 +1,2 @@
+import type { RuntimeAuthPreparationInput, RuntimeAuthPreparationResult } from "../types.js";
+export declare const prepareOpenClawRuntimeAuth: (input: RuntimeAuthPreparationInput) => Promise<RuntimeAuthPreparationResult>;