npm - squad-openclaw - Versions diffs - 2026.2.1906 → 2026.2.2002 - Mend

squad-openclaw 2026.2.1906 → 2026.2.2002

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/index.js CHANGED Viewed

@@ -1,7 +1,7 @@
 // src/entities.ts
 import { Type as T } from "@sinclair/typebox";
-import path2 from "path";
-import fs2 from "fs";
+import path3 from "path";
+import fs3 from "fs";
 // src/watcher.ts
 import path from "path";
@@ -255,517 +255,154 @@ function startWatcher(configDir, onFsChange) {
   };
 }
-// src/entities.ts
-var EntityType = T.Union([
-  T.Literal("agent"),
-  T.Literal("skill"),
-  T.Literal("tool"),
-  T.Literal("plugin"),
-  T.Literal("session"),
-  T.Literal("file"),
-  T.Literal("directory"),
-  T.Literal("url"),
-  T.Literal("memory"),
-  T.Literal("asset")
-]);
-var registry = /* @__PURE__ */ new Map();
-function registrySet(entity) {
-  registry.set(entity.id, entity);
-}
-function registryDelete(id) {
-  registry.delete(id);
-}
-function registryList(type) {
-  const all = Array.from(registry.values());
-  if (!type) return all;
-  return all.filter((e) => e.type === type);
-}
-var IDENTITY_NAME_RE = /\*\*Name:\*\*\s*\n?\s*(.+?)(?=\n|$)/;
-function parseIdentityName(content) {
-  const match = content.match(IDENTITY_NAME_RE);
-  const name = match?.[1]?.trim();
-  if (!name) return null;
-  if (/^_\(.+\)_$/.test(name)) return null;
-  return name;
+// src/filesystem.ts
+import fs2 from "fs";
+import path2 from "path";
+var HOME_DIR = process.env.HOME ?? "/root";
+var OPENCLAW_DIR = path2.join(HOME_DIR, ".openclaw");
+var SENSITIVE_BLOCKED_DIRS = [
+  path2.join(OPENCLAW_DIR, "credentials"),
+  path2.join(OPENCLAW_DIR, "devices"),
+  path2.join(OPENCLAW_DIR, "identity")
+];
+var SENSITIVE_BLOCKED_FILES = [
+  path2.join(OPENCLAW_DIR, "squad-ceo-data", "squad-relay.json")
+];
+function isSensitivePath(resolvedPath) {
+  for (const blocked of SENSITIVE_BLOCKED_DIRS) {
+    if (resolvedPath === blocked || resolvedPath.startsWith(blocked + path2.sep)) {
+      return true;
+    }
+  }
+  for (const blocked of SENSITIVE_BLOCKED_FILES) {
+    if (resolvedPath === blocked) {
+      return true;
+    }
+  }
+  if (path2.dirname(resolvedPath) === OPENCLAW_DIR && resolvedPath.endsWith(".bak")) {
+    return true;
+  }
+  return false;
 }
-function scanAgents(configDir) {
-  const now = Date.now();
-  let entries;
+var OPENCLAW_JSON_FILENAME = "openclaw.json";
+function redactOpenclawJson(rawContent) {
+  let config;
   try {
-    entries = fs2.readdirSync(configDir, { withFileTypes: true });
+    config = JSON.parse(rawContent);
   } catch {
-    return;
+    return rawContent;
   }
-  const workspaceDirs = entries.filter(
-    (e) => e.isDirectory() && (e.name === "workspace" || e.name.startsWith("workspace-"))
-  );
-  for (const dir of workspaceDirs) {
-    const agentId = dir.name === "workspace" ? "main" : dir.name.replace("workspace-", "");
-    const workspacePath = path2.join(configDir, dir.name);
-    let name = agentId;
-    const metadata = { workspacePath };
-    const identityPath = path2.join(workspacePath, "IDENTITY.md");
-    try {
-      const content = fs2.readFileSync(identityPath, "utf-8");
-      const parsed = parseIdentityName(content);
-      if (parsed) name = parsed;
-    } catch {
+  let redactedCount = 0;
+  const channels = config.channels;
+  if (channels && typeof channels === "object") {
+    for (const channelKey of Object.keys(channels)) {
+      const channel = channels[channelKey];
+      if (channel && typeof channel === "object" && "botToken" in channel) {
+        channel.botToken = "[REDACTED]";
+        redactedCount++;
+      }
     }
-    if (name === agentId) {
-      const agentJsonPath = path2.join(workspacePath, "agent.json");
-      try {
-        const raw = fs2.readFileSync(agentJsonPath, "utf-8");
-        const config = JSON.parse(raw);
-        if (config.displayName) name = config.displayName;
-        if (config.model) metadata.model = config.model;
-        if (config.tools) metadata.tools = config.tools;
-        if (config.skills) metadata.skills = config.skills;
-      } catch {
+  }
+  const gateway = config.gateway;
+  if (gateway && typeof gateway === "object") {
+    if (gateway.auth && typeof gateway.auth === "object") {
+      const auth = gateway.auth;
+      for (const key of Object.keys(auth)) {
+        auth[key] = "[REDACTED]";
+        redactedCount++;
       }
     }
-    registrySet({
-      id: agentId,
-      type: "agent",
-      name,
-      title: name,
-      description: null,
-      metadata,
-      source: "filesystem",
-      source_key: workspacePath,
-      created_at: now,
-      updated_at: now
-    });
+    if ("token" in gateway) {
+      gateway.token = "[REDACTED]";
+      redactedCount++;
+    }
+    const remote = gateway.remote;
+    if (remote && typeof remote === "object" && "token" in remote) {
+      remote.token = "[REDACTED]";
+      redactedCount++;
+    }
   }
-}
-function scanSkills(configDir) {
-  const now = Date.now();
-  const globalSkillsDir = path2.join(configDir, "skills");
-  scanSkillsDir(globalSkillsDir, "global", now);
-  let entries;
-  try {
-    entries = fs2.readdirSync(configDir, { withFileTypes: true });
-  } catch {
-    return;
+  if (redactedCount > 0) {
+    console.log(`[security] Redacted ${redactedCount} sensitive field(s) from openclaw.json before returning to client`);
   }
-  for (const dir of entries) {
-    if (!dir.isDirectory() || !(dir.name === "workspace" || dir.name.startsWith("workspace-"))) {
-      continue;
-    }
-    const agentId = dir.name === "workspace" ? "main" : dir.name.replace("workspace-", "");
-    const agentSkillsDir = path2.join(configDir, dir.name, "skills");
-    scanSkillsDir(agentSkillsDir, agentId, now);
+  return JSON.stringify(config, null, 2);
+}
+function isOpenclawJson(resolvedPath) {
+  return path2.basename(resolvedPath) === OPENCLAW_JSON_FILENAME && resolvedPath.startsWith(OPENCLAW_DIR);
+}
+function expandHome(p) {
+  if (p.startsWith("~/") || p === "~") {
+    return path2.join(HOME_DIR, p.slice(1));
   }
+  return p;
 }
-function scanSkillsDir(skillsDir, scope, now) {
-  let entries;
-  try {
-    entries = fs2.readdirSync(skillsDir, { withFileTypes: true });
-  } catch {
-    return;
+function validatePath(p, allowedRoots) {
+  const resolved = path2.resolve(expandHome(p));
+  if (!allowedRoots || allowedRoots.length === 0) return resolved;
+  const allowed = allowedRoots.some((root) => {
+    const resolvedRoot = path2.resolve(expandHome(root));
+    return resolved === resolvedRoot || resolved.startsWith(resolvedRoot + path2.sep);
+  });
+  if (!allowed) {
+    throw new Error(`Path "${p}" is outside allowed roots`);
   }
-  for (const entry of entries) {
-    if (!entry.isDirectory()) continue;
-    const skillKey = entry.name;
-    const skillPath = path2.join(skillsDir, skillKey);
-    let name = skillKey;
-    for (const manifestName of ["manifest.json", "package.json"]) {
-      try {
-        const raw = fs2.readFileSync(
-          path2.join(skillPath, manifestName),
-          "utf-8"
-        );
-        const manifest = JSON.parse(raw);
-        if (manifest.name) name = manifest.name;
-        break;
-      } catch {
-        continue;
-      }
-    }
-    const entityId = scope === "global" ? `skill:${skillKey}` : `skill:${scope}:${skillKey}`;
-    registrySet({
-      id: entityId,
-      type: "skill",
-      name,
-      title: name,
-      description: null,
-      metadata: { skillKey, scope, skillPath },
-      source: "filesystem",
-      source_key: skillPath,
-      created_at: now,
-      updated_at: now
-    });
+  return resolved;
+}
+function validateAndBlockSensitive(p, allowedRoots) {
+  const resolved = validatePath(p, allowedRoots);
+  if (isSensitivePath(resolved)) {
+    throw new Error(
+      `Access denied: path "${p}" is inside a protected directory (credentials/devices/identity)`
+    );
   }
+  return resolved;
 }
-function scanPlugins2(configDir) {
-  const now = Date.now();
-  const extensionsDir = path2.join(configDir, "extensions");
-  let entries;
-  try {
-    entries = fs2.readdirSync(extensionsDir, { withFileTypes: true });
-  } catch {
-    return;
+function validateWritePath(p, allowedRoots) {
+  const resolved = validateAndBlockSensitive(p, allowedRoots);
+  if (isOpenclawJson(resolved)) {
+    throw new Error(
+      `Write denied: "${p}" is a protected configuration file (openclaw.json)`
+    );
   }
-  for (const dir of entries) {
-    if (!dir.isDirectory()) continue;
-    const pluginDir = path2.join(extensionsDir, dir.name);
-    const manifestPath = path2.join(pluginDir, "openclaw.plugin.json");
+  return resolved;
+}
+function ok(data) {
+  return {
+    content: [{ type: "text", text: JSON.stringify(data) }]
+  };
+}
+function err(message) {
+  return {
+    content: [{ type: "text", text: JSON.stringify({ error: message }) }],
+    isError: true
+  };
+}
+function listDir(dirPath, opts) {
+  const dirents = fs2.readdirSync(dirPath, { withFileTypes: true });
+  const results = [];
+  for (const dirent of dirents) {
+    if (!opts.includeHidden && dirent.name.startsWith(".")) continue;
+    const entryPath = path2.join(dirPath, dirent.name);
+    let type = "other";
+    if (dirent.isFile()) type = "file";
+    else if (dirent.isDirectory()) type = "directory";
+    else if (dirent.isSymbolicLink()) type = "symlink";
+    const entry = { name: dirent.name, path: entryPath, type };
     try {
-      const raw = fs2.readFileSync(manifestPath, "utf-8");
-      const manifest = JSON.parse(raw);
-      const pluginId = manifest.id || dir.name;
-      const name = manifest.name || pluginId;
-      registrySet({
-        id: `plugin:${pluginId}`,
-        type: "plugin",
-        name,
-        title: name,
-        description: manifest.description || null,
-        metadata: { pluginId, pluginDir },
-        source: "filesystem",
-        source_key: manifestPath,
-        created_at: now,
-        updated_at: now
-      });
+      const stat = fs2.statSync(entryPath);
+      entry.size = stat.size;
+      entry.modified = stat.mtime.toISOString();
     } catch {
     }
+    if (type === "directory" && opts.recursive && opts.depth < opts.maxDepth) {
+      try {
+        entry.children = listDir(entryPath, { ...opts, depth: opts.depth + 1 });
+      } catch {
+      }
+    }
+    results.push(entry);
   }
-}
-function scanTools(configDir) {
-  const now = Date.now();
-  try {
-    const raw = fs2.readFileSync(
-      path2.join(configDir, "openclaw.json"),
-      "utf-8"
-    );
-    const config = JSON.parse(raw);
-    const allowedTools = config?.tools?.allow ?? [];
-    for (const toolName of allowedTools) {
-      registrySet({
-        id: `tool:${toolName}`,
-        type: "tool",
-        name: toolName,
-        title: toolName,
-        description: null,
-        metadata: { tool_name: toolName },
-        source: "filesystem",
-        source_key: "openclaw.json:tools.allow",
-        created_at: now,
-        updated_at: now
-      });
-    }
-  } catch {
-  }
-}
-var MIME_MAP = {
-  ".png": "image/png",
-  ".jpg": "image/jpeg",
-  ".jpeg": "image/jpeg",
-  ".gif": "image/gif",
-  ".webp": "image/webp",
-  ".svg": "image/svg+xml",
-  ".bmp": "image/bmp",
-  ".ico": "image/x-icon",
-  ".mp4": "video/mp4",
-  ".webm": "video/webm",
-  ".mov": "video/quicktime",
-  ".avi": "video/x-msvideo",
-  ".mkv": "video/x-matroska",
-  ".mp3": "audio/mpeg",
-  ".wav": "audio/wav",
-  ".ogg": "audio/ogg",
-  ".flac": "audio/flac",
-  ".aac": "audio/aac",
-  ".pdf": "application/pdf",
-  ".json": "application/json",
-  ".txt": "text/plain",
-  ".md": "text/markdown",
-  ".csv": "text/csv",
-  ".zip": "application/zip",
-  ".tar": "application/x-tar",
-  ".gz": "application/gzip"
-};
-function getMimeType(filename) {
-  const ext = path2.extname(filename).toLowerCase();
-  return MIME_MAP[ext] ?? "application/octet-stream";
-}
-function scanMedia(configDir) {
-  const now = Date.now();
-  const mediaDir = path2.join(configDir, "media");
-  let entries;
-  try {
-    entries = fs2.readdirSync(mediaDir, { withFileTypes: true });
-  } catch {
-    return;
-  }
-  for (const entry of entries) {
-    if (!entry.isFile()) continue;
-    const filePath = path2.join(mediaDir, entry.name);
-    const mimeType = getMimeType(entry.name);
-    let size;
-    let mtime = now;
-    try {
-      const stat = fs2.statSync(filePath);
-      size = stat.size;
-      mtime = stat.mtimeMs;
-    } catch {
-    }
-    registrySet({
-      id: `asset:${entry.name}`,
-      type: "asset",
-      name: entry.name,
-      title: entry.name,
-      description: null,
-      metadata: { path: filePath, size, mime_type: mimeType, original_name: entry.name },
-      source: "filesystem",
-      source_key: filePath,
-      created_at: mtime,
-      updated_at: mtime
-    });
-  }
-}
-function fullScan(configDir) {
-  registry.clear();
-  scanAgents(configDir);
-  scanSkills(configDir);
-  scanPlugins2(configDir);
-  scanTools(configDir);
-  scanMedia(configDir);
-}
-function registerEntityTools(api, onFsChange) {
-  const configDir = process.env.HOME + "/.openclaw";
-  api.registerTool({
-    name: "entity_list",
-    description: "List all entities in the registry, optionally filtered by type. Returns lightweight entity data for @mention autocomplete.",
-    parameters: T.Object({
-      type: T.Optional(EntityType),
-      limit: T.Optional(
-        T.Number({ description: "Max results (default 500)" })
-      )
-    }),
-    async execute(_id, params, _ctx) {
-      const results = registryList(params.type);
-      const limit = params.limit ?? 500;
-      return {
-        content: [
-          { type: "text", text: JSON.stringify(results.slice(0, limit)) }
-        ]
-      };
-    }
-  });
-  api.registerTool({
-    name: "entity_search",
-    description: "Search entities by name/title substring match for @mention autocomplete.",
-    parameters: T.Object({
-      query: T.String({ description: "Search query text" }),
-      type: T.Optional(
-        T.String({ description: "Filter results by entity type" })
-      ),
-      limit: T.Optional(
-        T.Number({ description: "Max results (default 20)" })
-      )
-    }),
-    async execute(_id, params, _ctx) {
-      const q = (params.query ?? "").toLowerCase();
-      const limit = params.limit ?? 20;
-      let results = Array.from(registry.values());
-      if (params.type) {
-        results = results.filter((e) => e.type === params.type);
-      }
-      if (q) {
-        results = results.filter(
-          (e) => e.name.toLowerCase().includes(q) || (e.title ?? "").toLowerCase().includes(q)
-        );
-      }
-      return {
-        content: [
-          { type: "text", text: JSON.stringify(results.slice(0, limit)) }
-        ]
-      };
-    }
-  });
-  api.registerTool({
-    name: "entity_sync",
-    description: "Re-scan the filesystem to refresh the entity registry. Call after configuration changes for immediate updates.",
-    parameters: T.Object({}),
-    async execute(_id, _params, _ctx) {
-      const before = registry.size;
-      fullScan(configDir);
-      return {
-        content: [
-          {
-            type: "text",
-            text: JSON.stringify({ synced: registry.size, previous: before })
-          }
-        ]
-      };
-    }
-  });
-  try {
-    fullScan(configDir);
-  } catch (err2) {
-    console.error("[squad-openclaw] Initial scan failed:", err2);
-  }
-  let stopWatcher = null;
-  try {
-    stopWatcher = startWatcher(configDir, onFsChange);
-  } catch (err2) {
-    console.error("[squad-openclaw] Watcher failed to start:", err2);
-  }
-  const cleanup = () => {
-    stopWatcher?.();
-  };
-  process.on("SIGTERM", cleanup);
-  process.on("SIGINT", cleanup);
-}
-// src/filesystem.ts
-import fs3 from "fs";
-import path3 from "path";
-var HOME_DIR = process.env.HOME ?? "/root";
-var OPENCLAW_DIR = path3.join(HOME_DIR, ".openclaw");
-var SENSITIVE_BLOCKED_DIRS = [
-  path3.join(OPENCLAW_DIR, "credentials"),
-  path3.join(OPENCLAW_DIR, "devices"),
-  path3.join(OPENCLAW_DIR, "identity")
-];
-var SENSITIVE_BLOCKED_FILES = [
-  path3.join(OPENCLAW_DIR, "squad-ceo-data", "squad-relay.json")
-];
-function isSensitivePath(resolvedPath) {
-  for (const blocked of SENSITIVE_BLOCKED_DIRS) {
-    if (resolvedPath === blocked || resolvedPath.startsWith(blocked + path3.sep)) {
-      return true;
-    }
-  }
-  for (const blocked of SENSITIVE_BLOCKED_FILES) {
-    if (resolvedPath === blocked) {
-      return true;
-    }
-  }
-  if (path3.dirname(resolvedPath) === OPENCLAW_DIR && resolvedPath.endsWith(".bak")) {
-    return true;
-  }
-  return false;
-}
-var OPENCLAW_JSON_FILENAME = "openclaw.json";
-function redactOpenclawJson(rawContent) {
-  let config;
-  try {
-    config = JSON.parse(rawContent);
-  } catch {
-    return rawContent;
-  }
-  let redactedCount = 0;
-  const channels = config.channels;
-  if (channels && typeof channels === "object") {
-    for (const channelKey of Object.keys(channels)) {
-      const channel = channels[channelKey];
-      if (channel && typeof channel === "object" && "botToken" in channel) {
-        channel.botToken = "[REDACTED]";
-        redactedCount++;
-      }
-    }
-  }
-  const gateway = config.gateway;
-  if (gateway && typeof gateway === "object") {
-    if (gateway.auth && typeof gateway.auth === "object") {
-      const auth = gateway.auth;
-      for (const key of Object.keys(auth)) {
-        auth[key] = "[REDACTED]";
-        redactedCount++;
-      }
-    }
-    if ("token" in gateway) {
-      gateway.token = "[REDACTED]";
-      redactedCount++;
-    }
-    const remote = gateway.remote;
-    if (remote && typeof remote === "object" && "token" in remote) {
-      remote.token = "[REDACTED]";
-      redactedCount++;
-    }
-  }
-  if (redactedCount > 0) {
-    console.log(`[security] Redacted ${redactedCount} sensitive field(s) from openclaw.json before returning to client`);
-  }
-  return JSON.stringify(config, null, 2);
-}
-function isOpenclawJson(resolvedPath) {
-  return path3.basename(resolvedPath) === OPENCLAW_JSON_FILENAME && resolvedPath.startsWith(OPENCLAW_DIR);
-}
-function expandHome(p) {
-  if (p.startsWith("~/") || p === "~") {
-    return path3.join(HOME_DIR, p.slice(1));
-  }
-  return p;
-}
-function validatePath(p, allowedRoots) {
-  const resolved = path3.resolve(expandHome(p));
-  if (!allowedRoots || allowedRoots.length === 0) return resolved;
-  const allowed = allowedRoots.some((root) => {
-    const resolvedRoot = path3.resolve(expandHome(root));
-    return resolved === resolvedRoot || resolved.startsWith(resolvedRoot + path3.sep);
-  });
-  if (!allowed) {
-    throw new Error(`Path "${p}" is outside allowed roots`);
-  }
-  return resolved;
-}
-function validateAndBlockSensitive(p, allowedRoots) {
-  const resolved = validatePath(p, allowedRoots);
-  if (isSensitivePath(resolved)) {
-    throw new Error(
-      `Access denied: path "${p}" is inside a protected directory (credentials/devices/identity)`
-    );
-  }
-  return resolved;
-}
-function validateWritePath(p, allowedRoots) {
-  const resolved = validateAndBlockSensitive(p, allowedRoots);
-  if (isOpenclawJson(resolved)) {
-    throw new Error(
-      `Write denied: "${p}" is a protected configuration file (openclaw.json)`
-    );
-  }
-  return resolved;
-}
-function ok(data) {
-  return {
-    content: [{ type: "text", text: JSON.stringify(data) }]
-  };
-}
-function err(message) {
-  return {
-    content: [{ type: "text", text: JSON.stringify({ error: message }) }],
-    isError: true
-  };
-}
-function listDir(dirPath, opts) {
-  const dirents = fs3.readdirSync(dirPath, { withFileTypes: true });
-  const results = [];
-  for (const dirent of dirents) {
-    if (!opts.includeHidden && dirent.name.startsWith(".")) continue;
-    const entryPath = path3.join(dirPath, dirent.name);
-    let type = "other";
-    if (dirent.isFile()) type = "file";
-    else if (dirent.isDirectory()) type = "directory";
-    else if (dirent.isSymbolicLink()) type = "symlink";
-    const entry = { name: dirent.name, path: entryPath, type };
-    try {
-      const stat = fs3.statSync(entryPath);
-      entry.size = stat.size;
-      entry.modified = stat.mtime.toISOString();
-    } catch {
-    }
-    if (type === "directory" && opts.recursive && opts.depth < opts.maxDepth) {
-      try {
-        entry.children = listDir(entryPath, { ...opts, depth: opts.depth + 1 });
-      } catch {
-      }
-    }
-    results.push(entry);
-  }
-  return results;
+  return results;
 }
 function filterSensitiveEntries(entries) {
   return entries.filter((entry) => !isSensitivePath(entry.path)).map((entry) => {
@@ -801,209 +438,592 @@ function registerFilesystemTools(api) {
       try {
         const filePath = validateAndBlockSensitive(params.path, allowedRoots);
         const encoding = params.encoding ?? "utf-8";
-        let content = fs3.readFileSync(filePath, encoding);
-        const stat = fs3.statSync(filePath);
+        let content = fs2.readFileSync(filePath, encoding);
+        const stat = fs2.statSync(filePath);
         if (isOpenclawJson(filePath) && encoding === "utf-8") {
           content = redactOpenclawJson(content);
         }
         return ok({
-          path: filePath,
-          content,
-          size: stat.size,
-          modified: stat.mtime.toISOString()
+          path: filePath,
+          content,
+          size: stat.size,
+          modified: stat.mtime.toISOString()
+        });
+      } catch (e) {
+        const msg = e instanceof Error ? e.message : String(e);
+        return err(`fs_read failed: ${msg}`);
+      }
+    }
+  });
+  api.registerTool({
+    name: "fs_write",
+    label: "Write File",
+    description: "Write content to a file on the server filesystem. Creates parent directories if they don't exist. Supports ~ for home directory expansion. Writes to protected directories (credentials, devices, identity) and config files (openclaw.json) are denied.",
+    parameters: {
+      type: "object",
+      properties: {
+        path: {
+          type: "string",
+          description: "Absolute or ~-prefixed path to the file to write"
+        },
+        content: {
+          type: "string",
+          description: "Content to write to the file"
+        },
+        encoding: {
+          type: "string",
+          description: "File encoding (default: utf-8)",
+          enum: ["utf-8", "base64", "ascii", "latin1"]
+        },
+        mkdir: {
+          type: "boolean",
+          description: "Create parent directories if they don't exist (default: true)"
+        }
+      },
+      required: ["path", "content"]
+    },
+    async execute(_id, params) {
+      try {
+        const filePath = validateWritePath(params.path, allowedRoots);
+        const content = params.content;
+        const encoding = params.encoding ?? "utf-8";
+        const mkdir = params.mkdir !== false;
+        if (mkdir) {
+          fs2.mkdirSync(path2.dirname(filePath), { recursive: true });
+        }
+        fs2.writeFileSync(filePath, content, encoding);
+        const stat = fs2.statSync(filePath);
+        return ok({
+          path: filePath,
+          size: stat.size,
+          written: true
+        });
+      } catch (e) {
+        const msg = e instanceof Error ? e.message : String(e);
+        return err(`fs_write failed: ${msg}`);
+      }
+    }
+  });
+  api.registerTool({
+    name: "fs_list",
+    label: "List Directory",
+    description: "List contents of a directory on the server filesystem. Returns file metadata including name, type, size, and modification time. Supports ~ for home directory expansion. Protected directories (credentials, devices, identity) are excluded from results.",
+    parameters: {
+      type: "object",
+      properties: {
+        path: {
+          type: "string",
+          description: "Absolute or ~-prefixed path to the directory to list"
+        },
+        recursive: {
+          type: "boolean",
+          description: "List recursively (default: false, max depth 3)"
+        },
+        includeHidden: {
+          type: "boolean",
+          description: "Include hidden files/directories starting with . (default: false)"
+        }
+      },
+      required: ["path"]
+    },
+    async execute(_id, params) {
+      try {
+        const dirPath = validateAndBlockSensitive(params.path, allowedRoots);
+        const recursive = params.recursive === true;
+        const includeHidden = params.includeHidden === true;
+        let entries = listDir(dirPath, { recursive, includeHidden, depth: 0, maxDepth: 3 });
+        entries = filterSensitiveEntries(entries);
+        return ok({
+          path: dirPath,
+          count: entries.length,
+          entries
+        });
+      } catch (e) {
+        const msg = e instanceof Error ? e.message : String(e);
+        return err(`fs_list failed: ${msg}`);
+      }
+    }
+  });
+  api.registerTool({
+    name: "fs_mkdir",
+    label: "Create Directory",
+    description: "Create a directory on the server filesystem. Creates parent directories as needed. Supports ~ for home directory expansion. Cannot create directories inside protected paths (credentials, devices, identity).",
+    parameters: {
+      type: "object",
+      properties: {
+        path: {
+          type: "string",
+          description: "Absolute or ~-prefixed path of the directory to create"
+        }
+      },
+      required: ["path"]
+    },
+    async execute(_id, params) {
+      try {
+        const targetPath = validateWritePath(params.path, allowedRoots);
+        fs2.mkdirSync(targetPath, { recursive: true });
+        return ok({
+          path: targetPath,
+          created: true
+        });
+      } catch (e) {
+        const msg = e instanceof Error ? e.message : String(e);
+        return err(`fs_mkdir failed: ${msg}`);
+      }
+    }
+  });
+  api.registerTool({
+    name: "fs_rename",
+    label: "Rename / Move",
+    description: "Rename or move a file or directory on the server filesystem. Supports ~ for home directory expansion. Cannot move files into or out of protected directories.",
+    parameters: {
+      type: "object",
+      properties: {
+        oldPath: {
+          type: "string",
+          description: "Current absolute or ~-prefixed path"
+        },
+        newPath: {
+          type: "string",
+          description: "New absolute or ~-prefixed path"
+        }
+      },
+      required: ["oldPath", "newPath"]
+    },
+    async execute(_id, params) {
+      try {
+        const resolvedOld = validateWritePath(params.oldPath, allowedRoots);
+        const resolvedNew = validateWritePath(params.newPath, allowedRoots);
+        fs2.renameSync(resolvedOld, resolvedNew);
+        return ok({
+          oldPath: resolvedOld,
+          newPath: resolvedNew,
+          renamed: true
         });
       } catch (e) {
         const msg = e instanceof Error ? e.message : String(e);
-        return err(`fs_read failed: ${msg}`);
+        return err(`fs_rename failed: ${msg}`);
       }
     }
   });
   api.registerTool({
-    name: "fs_write",
-    label: "Write File",
-    description: "Write content to a file on the server filesystem. Creates parent directories if they don't exist. Supports ~ for home directory expansion. Writes to protected directories (credentials, devices, identity) and config files (openclaw.json) are denied.",
+    name: "fs_delete",
+    label: "Delete File or Directory",
+    description: "Delete a file or directory from the server filesystem. For directories, removes recursively. Supports ~ for home directory expansion. Cannot delete protected directories or config files.",
     parameters: {
       type: "object",
       properties: {
         path: {
           type: "string",
-          description: "Absolute or ~-prefixed path to the file to write"
-        },
-        content: {
-          type: "string",
-          description: "Content to write to the file"
-        },
-        encoding: {
-          type: "string",
-          description: "File encoding (default: utf-8)",
-          enum: ["utf-8", "base64", "ascii", "latin1"]
-        },
-        mkdir: {
-          type: "boolean",
-          description: "Create parent directories if they don't exist (default: true)"
+          description: "Absolute or ~-prefixed path to the file or directory to delete"
         }
       },
-      required: ["path", "content"]
+      required: ["path"]
     },
     async execute(_id, params) {
       try {
-        const filePath = validateWritePath(params.path, allowedRoots);
-        const content = params.content;
-        const encoding = params.encoding ?? "utf-8";
-        const mkdir = params.mkdir !== false;
-        if (mkdir) {
-          fs3.mkdirSync(path3.dirname(filePath), { recursive: true });
-        }
-        fs3.writeFileSync(filePath, content, encoding);
-        const stat = fs3.statSync(filePath);
-        return ok({
-          path: filePath,
-          size: stat.size,
-          written: true
-        });
-      } catch (e) {
-        const msg = e instanceof Error ? e.message : String(e);
-        return err(`fs_write failed: ${msg}`);
+        const targetPath = validateWritePath(params.path, allowedRoots);
+        const stat = fs2.statSync(targetPath);
+        const wasDirectory = stat.isDirectory();
+        if (wasDirectory) {
+          fs2.rmSync(targetPath, { recursive: true });
+        } else {
+          fs2.unlinkSync(targetPath);
+        }
+        return ok({
+          path: targetPath,
+          deleted: true,
+          type: wasDirectory ? "directory" : "file"
+        });
+      } catch (e) {
+        const msg = e instanceof Error ? e.message : String(e);
+        return err(`fs_delete failed: ${msg}`);
+      }
+    }
+  });
+}
+// src/entities.ts
+var EntityType = T.Union([
+  T.Literal("agent"),
+  T.Literal("skill"),
+  T.Literal("tool"),
+  T.Literal("plugin"),
+  T.Literal("session"),
+  T.Literal("file"),
+  T.Literal("directory"),
+  T.Literal("url"),
+  T.Literal("memory"),
+  T.Literal("asset")
+]);
+var registry = /* @__PURE__ */ new Map();
+function registrySet(entity) {
+  registry.set(entity.id, entity);
+}
+function registryDelete(id) {
+  registry.delete(id);
+}
+function registryList(type) {
+  const all = Array.from(registry.values());
+  if (!type) return all;
+  return all.filter((e) => e.type === type);
+}
+var IDENTITY_NAME_RE = /\*\*Name:\*\*\s*\n?\s*(.+?)(?=\n|$)/;
+function parseIdentityName(content) {
+  const match = content.match(IDENTITY_NAME_RE);
+  const name = match?.[1]?.trim();
+  if (!name) return null;
+  if (/^_\(.+\)_$/.test(name)) return null;
+  return name;
+}
+function scanAgents(configDir) {
+  const now = Date.now();
+  let entries;
+  try {
+    entries = fs3.readdirSync(configDir, { withFileTypes: true });
+  } catch {
+    return;
+  }
+  const workspaceDirs = entries.filter(
+    (e) => e.isDirectory() && (e.name === "workspace" || e.name.startsWith("workspace-"))
+  );
+  for (const dir of workspaceDirs) {
+    const agentId = dir.name === "workspace" ? "main" : dir.name.replace("workspace-", "");
+    const workspacePath = path3.join(configDir, dir.name);
+    let name = agentId;
+    const metadata = { workspacePath };
+    const identityPath = path3.join(workspacePath, "IDENTITY.md");
+    try {
+      const content = fs3.readFileSync(identityPath, "utf-8");
+      const parsed = parseIdentityName(content);
+      if (parsed) name = parsed;
+    } catch {
+    }
+    if (name === agentId) {
+      const agentJsonPath = path3.join(workspacePath, "agent.json");
+      try {
+        const raw = fs3.readFileSync(agentJsonPath, "utf-8");
+        const config = JSON.parse(raw);
+        if (config.displayName) name = config.displayName;
+        if (config.model) metadata.model = config.model;
+        if (config.tools) metadata.tools = config.tools;
+        if (config.skills) metadata.skills = config.skills;
+      } catch {
+      }
+    }
+    registrySet({
+      id: agentId,
+      type: "agent",
+      name,
+      title: name,
+      description: null,
+      metadata,
+      source: "filesystem",
+      source_key: workspacePath,
+      created_at: now,
+      updated_at: now
+    });
+  }
+}
+function scanSkills(configDir) {
+  const now = Date.now();
+  const globalSkillsDir = path3.join(configDir, "skills");
+  scanSkillsDir(globalSkillsDir, "global", now);
+  let entries;
+  try {
+    entries = fs3.readdirSync(configDir, { withFileTypes: true });
+  } catch {
+    return;
+  }
+  for (const dir of entries) {
+    if (!dir.isDirectory() || !(dir.name === "workspace" || dir.name.startsWith("workspace-"))) {
+      continue;
+    }
+    const agentId = dir.name === "workspace" ? "main" : dir.name.replace("workspace-", "");
+    const agentSkillsDir = path3.join(configDir, dir.name, "skills");
+    scanSkillsDir(agentSkillsDir, agentId, now);
+  }
+}
+function scanSkillsDir(skillsDir, scope, now) {
+  let entries;
+  try {
+    entries = fs3.readdirSync(skillsDir, { withFileTypes: true });
+  } catch {
+    return;
+  }
+  for (const entry of entries) {
+    if (!entry.isDirectory()) continue;
+    const skillKey = entry.name;
+    const skillPath = path3.join(skillsDir, skillKey);
+    let name = skillKey;
+    for (const manifestName of ["manifest.json", "package.json"]) {
+      try {
+        const raw = fs3.readFileSync(
+          path3.join(skillPath, manifestName),
+          "utf-8"
+        );
+        const manifest = JSON.parse(raw);
+        if (manifest.name) name = manifest.name;
+        break;
+      } catch {
+        continue;
+      }
+    }
+    const entityId = scope === "global" ? `skill:${skillKey}` : `skill:${scope}:${skillKey}`;
+    registrySet({
+      id: entityId,
+      type: "skill",
+      name,
+      title: name,
+      description: null,
+      metadata: { skillKey, scope, skillPath },
+      source: "filesystem",
+      source_key: skillPath,
+      created_at: now,
+      updated_at: now
+    });
+  }
+}
+function scanPlugins2(configDir) {
+  const now = Date.now();
+  const extensionsDir = path3.join(configDir, "extensions");
+  let entries;
+  try {
+    entries = fs3.readdirSync(extensionsDir, { withFileTypes: true });
+  } catch {
+    return;
+  }
+  for (const dir of entries) {
+    if (!dir.isDirectory()) continue;
+    const pluginDir = path3.join(extensionsDir, dir.name);
+    const manifestPath = path3.join(pluginDir, "openclaw.plugin.json");
+    try {
+      const raw = fs3.readFileSync(manifestPath, "utf-8");
+      const manifest = JSON.parse(raw);
+      const pluginId = manifest.id || dir.name;
+      const name = manifest.name || pluginId;
+      registrySet({
+        id: `plugin:${pluginId}`,
+        type: "plugin",
+        name,
+        title: name,
+        description: manifest.description || null,
+        metadata: { pluginId, pluginDir },
+        source: "filesystem",
+        source_key: manifestPath,
+        created_at: now,
+        updated_at: now
+      });
+    } catch {
+    }
+  }
+}
+function scanTools(configDir) {
+  const now = Date.now();
+  try {
+    const raw = fs3.readFileSync(
+      path3.join(configDir, "openclaw.json"),
+      "utf-8"
+    );
+    const config = JSON.parse(raw);
+    const allowedTools = config?.tools?.allow ?? [];
+    for (const toolName of allowedTools) {
+      registrySet({
+        id: `tool:${toolName}`,
+        type: "tool",
+        name: toolName,
+        title: toolName,
+        description: null,
+        metadata: { tool_name: toolName },
+        source: "filesystem",
+        source_key: "openclaw.json:tools.allow",
+        created_at: now,
+        updated_at: now
+      });
+    }
+  } catch {
+  }
+}
+var MIME_MAP = {
+  ".png": "image/png",
+  ".jpg": "image/jpeg",
+  ".jpeg": "image/jpeg",
+  ".gif": "image/gif",
+  ".webp": "image/webp",
+  ".svg": "image/svg+xml",
+  ".bmp": "image/bmp",
+  ".ico": "image/x-icon",
+  ".mp4": "video/mp4",
+  ".webm": "video/webm",
+  ".mov": "video/quicktime",
+  ".avi": "video/x-msvideo",
+  ".mkv": "video/x-matroska",
+  ".mp3": "audio/mpeg",
+  ".wav": "audio/wav",
+  ".ogg": "audio/ogg",
+  ".flac": "audio/flac",
+  ".aac": "audio/aac",
+  ".pdf": "application/pdf",
+  ".json": "application/json",
+  ".txt": "text/plain",
+  ".md": "text/markdown",
+  ".csv": "text/csv",
+  ".zip": "application/zip",
+  ".tar": "application/x-tar",
+  ".gz": "application/gzip"
+};
+function getMimeType(filename) {
+  const ext = path3.extname(filename).toLowerCase();
+  return MIME_MAP[ext] ?? "application/octet-stream";
+}
+function scanMedia(configDir) {
+  const now = Date.now();
+  const mediaDir = path3.join(configDir, "media");
+  scanMediaDir(mediaDir, now);
+}
+function scanMediaDir(dirPath, now) {
+  let entries;
+  try {
+    entries = fs3.readdirSync(dirPath, { withFileTypes: true });
+  } catch {
+    return;
+  }
+  for (const entry of entries) {
+    if (entry.name.startsWith(".")) continue;
+    const entryPath = path3.join(dirPath, entry.name);
+    if (isSensitivePath(entryPath)) continue;
+    if (entry.isDirectory()) {
+      registrySet({
+        id: entryPath,
+        type: "directory",
+        name: entry.name,
+        title: entry.name,
+        description: null,
+        metadata: { path: entryPath },
+        source: "filesystem",
+        source_key: entryPath,
+        created_at: now,
+        updated_at: now
+      });
+      scanMediaDir(entryPath, now);
+    } else if (entry.isFile()) {
+      const mimeType = getMimeType(entry.name);
+      let size;
+      let mtime = now;
+      try {
+        const stat = fs3.statSync(entryPath);
+        size = stat.size;
+        mtime = stat.mtimeMs;
+      } catch {
       }
+      registrySet({
+        id: entryPath,
+        type: "asset",
+        name: entry.name,
+        title: entry.name,
+        description: null,
+        metadata: { path: entryPath, size, mime_type: mimeType, original_name: entry.name },
+        source: "filesystem",
+        source_key: entryPath,
+        created_at: mtime,
+        updated_at: mtime
+      });
     }
-  });
+  }
+}
+function fullScan(configDir) {
+  registry.clear();
+  scanAgents(configDir);
+  scanSkills(configDir);
+  scanPlugins2(configDir);
+  scanTools(configDir);
+  scanMedia(configDir);
+}
+function registerEntityTools(api, onFsChange) {
+  const configDir = process.env.HOME + "/.openclaw";
   api.registerTool({
-    name: "fs_list",
-    label: "List Directory",
-    description: "List contents of a directory on the server filesystem. Returns file metadata including name, type, size, and modification time. Supports ~ for home directory expansion. Protected directories (credentials, devices, identity) are excluded from results.",
-    parameters: {
-      type: "object",
-      properties: {
-        path: {
-          type: "string",
-          description: "Absolute or ~-prefixed path to the directory to list"
-        },
-        recursive: {
-          type: "boolean",
-          description: "List recursively (default: false, max depth 3)"
-        },
-        includeHidden: {
-          type: "boolean",
-          description: "Include hidden files/directories starting with . (default: false)"
-        }
-      },
-      required: ["path"]
-    },
-    async execute(_id, params) {
-      try {
-        const dirPath = validateAndBlockSensitive(params.path, allowedRoots);
-        const recursive = params.recursive === true;
-        const includeHidden = params.includeHidden === true;
-        let entries = listDir(dirPath, { recursive, includeHidden, depth: 0, maxDepth: 3 });
-        entries = filterSensitiveEntries(entries);
-        return ok({
-          path: dirPath,
-          count: entries.length,
-          entries
-        });
-      } catch (e) {
-        const msg = e instanceof Error ? e.message : String(e);
-        return err(`fs_list failed: ${msg}`);
-      }
+    name: "entity_list",
+    description: "List all entities in the registry, optionally filtered by type. Returns lightweight entity data for @mention autocomplete.",
+    parameters: T.Object({
+      type: T.Optional(EntityType),
+      limit: T.Optional(
+        T.Number({ description: "Max results (default 500)" })
+      )
+    }),
+    async execute(_id, params, _ctx) {
+      const results = registryList(params.type);
+      const limit = params.limit ?? 500;
+      return {
+        content: [
+          { type: "text", text: JSON.stringify(results.slice(0, limit)) }
+        ]
+      };
     }
   });
   api.registerTool({
-    name: "fs_mkdir",
-    label: "Create Directory",
-    description: "Create a directory on the server filesystem. Creates parent directories as needed. Supports ~ for home directory expansion. Cannot create directories inside protected paths (credentials, devices, identity).",
-    parameters: {
-      type: "object",
-      properties: {
-        path: {
-          type: "string",
-          description: "Absolute or ~-prefixed path of the directory to create"
-        }
-      },
-      required: ["path"]
-    },
-    async execute(_id, params) {
-      try {
-        const targetPath = validateWritePath(params.path, allowedRoots);
-        fs3.mkdirSync(targetPath, { recursive: true });
-        return ok({
-          path: targetPath,
-          created: true
-        });
-      } catch (e) {
-        const msg = e instanceof Error ? e.message : String(e);
-        return err(`fs_mkdir failed: ${msg}`);
+    name: "entity_search",
+    description: "Search entities by name/title substring match for @mention autocomplete.",
+    parameters: T.Object({
+      query: T.String({ description: "Search query text" }),
+      type: T.Optional(
+        T.String({ description: "Filter results by entity type" })
+      ),
+      limit: T.Optional(
+        T.Number({ description: "Max results (default 20)" })
+      )
+    }),
+    async execute(_id, params, _ctx) {
+      const q = (params.query ?? "").toLowerCase();
+      const limit = params.limit ?? 20;
+      let results = Array.from(registry.values());
+      if (params.type) {
+        results = results.filter((e) => e.type === params.type);
       }
-    }
-  });
-  api.registerTool({
-    name: "fs_rename",
-    label: "Rename / Move",
-    description: "Rename or move a file or directory on the server filesystem. Supports ~ for home directory expansion. Cannot move files into or out of protected directories.",
-    parameters: {
-      type: "object",
-      properties: {
-        oldPath: {
-          type: "string",
-          description: "Current absolute or ~-prefixed path"
-        },
-        newPath: {
-          type: "string",
-          description: "New absolute or ~-prefixed path"
-        }
-      },
-      required: ["oldPath", "newPath"]
-    },
-    async execute(_id, params) {
-      try {
-        const resolvedOld = validateWritePath(params.oldPath, allowedRoots);
-        const resolvedNew = validateWritePath(params.newPath, allowedRoots);
-        fs3.renameSync(resolvedOld, resolvedNew);
-        return ok({
-          oldPath: resolvedOld,
-          newPath: resolvedNew,
-          renamed: true
-        });
-      } catch (e) {
-        const msg = e instanceof Error ? e.message : String(e);
-        return err(`fs_rename failed: ${msg}`);
+      if (q) {
+        results = results.filter(
+          (e) => e.name.toLowerCase().includes(q) || (e.title ?? "").toLowerCase().includes(q)
+        );
       }
+      return {
+        content: [
+          { type: "text", text: JSON.stringify(results.slice(0, limit)) }
+        ]
+      };
     }
   });
   api.registerTool({
-    name: "fs_delete",
-    label: "Delete File or Directory",
-    description: "Delete a file or directory from the server filesystem. For directories, removes recursively. Supports ~ for home directory expansion. Cannot delete protected directories or config files.",
-    parameters: {
-      type: "object",
-      properties: {
-        path: {
-          type: "string",
-          description: "Absolute or ~-prefixed path to the file or directory to delete"
-        }
-      },
-      required: ["path"]
-    },
-    async execute(_id, params) {
-      try {
-        const targetPath = validateWritePath(params.path, allowedRoots);
-        const stat = fs3.statSync(targetPath);
-        const wasDirectory = stat.isDirectory();
-        if (wasDirectory) {
-          fs3.rmSync(targetPath, { recursive: true });
-        } else {
-          fs3.unlinkSync(targetPath);
-        }
-        return ok({
-          path: targetPath,
-          deleted: true,
-          type: wasDirectory ? "directory" : "file"
-        });
-      } catch (e) {
-        const msg = e instanceof Error ? e.message : String(e);
-        return err(`fs_delete failed: ${msg}`);
-      }
+    name: "entity_sync",
+    description: "Re-scan the filesystem to refresh the entity registry. Call after configuration changes for immediate updates.",
+    parameters: T.Object({}),
+    async execute(_id, _params, _ctx) {
+      const before = registry.size;
+      fullScan(configDir);
+      return {
+        content: [
+          {
+            type: "text",
+            text: JSON.stringify({ synced: registry.size, previous: before })
+          }
+        ]
+      };
     }
   });
+  try {
+    fullScan(configDir);
+  } catch (err2) {
+    console.error("[squad-openclaw] Initial scan failed:", err2);
+  }
+  let stopWatcher = null;
+  try {
+    stopWatcher = startWatcher(configDir, onFsChange);
+  } catch (err2) {
+    console.error("[squad-openclaw] Watcher failed to start:", err2);
+  }
+  const cleanup = () => {
+    stopWatcher?.();
+  };
+  process.on("SIGTERM", cleanup);
+  process.on("SIGINT", cleanup);
 }
 // src/sql.ts
@@ -1186,7 +1206,15 @@ function registerVersionMethods(api) {
         console.log(
           `[version] Plugin update command succeeded (was ${before}), restarting gateway in 2s...`
         );
-        setTimeout(() => process.exit(0), 2e3);
+        setTimeout(() => {
+          try {
+            execSync("openclaw gateway restart 2>&1", {
+              timeout: 3e4,
+              encoding: "utf-8"
+            });
+          } catch {
+          }
+        }, 2e3);
       } catch (e) {
         const msg = e instanceof Error ? e.message : String(e);
         respond(false, { error: msg });
@@ -1619,7 +1647,14 @@ var RelayClient = class {
     }
     conn.localWs.send(JSON.stringify(msg));
   }
-  /** Inject auth token and device identity into a connect request */
+  /**
+   * Inject auth token and device identity into a connect request.
+   *
+   * SECURITY: The token is added to the message IN MEMORY, then sent to the
+   * LOCAL gateway WebSocket (localhost:18789). It NEVER traverses the relay —
+   * the relay only sees the outer relay.forward envelope. A compromised relay
+   * server cannot intercept this token.
+   */
   injectDeviceIdentity(conn, msg) {
     const params = msg.params ?? {};
     if (this.config.operatorToken) {
@@ -1883,6 +1918,49 @@ function squadAppPlugin(api) {
       }
     }
   );
+  api.registerGatewayMethod(
+    "tools.list",
+    async ({ respond }) => {
+      const coreTools = [
+        "exec",
+        "bash",
+        "process",
+        "read",
+        "write",
+        "edit",
+        "apply_patch",
+        "web_search",
+        "web_fetch",
+        "browser",
+        "canvas",
+        "nodes",
+        "image",
+        "message",
+        "cron",
+        "gateway",
+        "sessions_list",
+        "sessions_history",
+        "sessions_send",
+        "sessions_spawn",
+        "session_status",
+        "agents_list",
+        "memory_search"
+      ];
+      const groups = [
+        "group:fs",
+        "group:runtime",
+        "group:sessions",
+        "group:memory",
+        "group:web",
+        "group:ui",
+        "group:automation",
+        "group:messaging",
+        "group:nodes"
+      ];
+      const pluginTools = Array.from(toolExecutors.keys());
+      respond(true, { tools: [...coreTools, ...groups, ...pluginTools] });
+    }
+  );
   const relayEnabled = api.pluginConfig?.["relay.enabled"] ?? false;
   if (relayEnabled) {
     const relayUrl = api.pluginConfig?.["relay.url"] || "wss://relay.squad.ceo";