Conversation
The Docker setup scripts generated a gateway token and passed it via the OPENCLAW_GATEWAY_TOKEN env-var, but the gateway reads the config file token first and silently ignores the env-var. This caused a token mismatch on first run (interactive onboard may store a different token) and on re-runs (new random token generated, config not updated). Additionally, Docker routes requests through the bridge network so the gateway does not recognise the Control UI as a local client, causing a device-pairing chicken-and-egg on first connect. Fix both scripts (docker-setup.sh, docker-setup.dev.sh) to reconcile the config file after onboard: patch gateway.auth.token, gateway.bind, and gateway.controlUi.allowInsecureAuth so the printed dashboard URL works immediately. Also adds: - Dockerfile: ensure node user exists on Docker Desktop for Mac - docker-setup.dev.sh: dev workflow that builds from local source - docker-compose.dev.yml: dev overlay with source bind-mount - docs: tokenized dashboard URL, dev mode section, bind explanation Co-Authored-By: Claude Opus 4.6 <[email protected]>
Co-Authored-By: Claude Opus 4.6 <[email protected]>
openclaw-barnacle
bot
added
docs
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
Additional Comments (3)
These Prompt To Fix With AIThis is a comment left during a code review.
Path: extensions/a2a/src/executor.ts
Line: 243:246
Comment:
**Debug logging leaks data**
These `console.log(...)` calls will execute in production and dump gateway payloads/response text to stdout (e.g. `result.data`, `payloads`, `responseText`). That’s both very noisy and can leak sensitive content depending on what the agent returns. Please remove these logs or route them through the plugin logger at an appropriate level with redaction.
How can I resolve this? If you propose a fix, please make it concise.
Prompt To Fix With AIThis is a comment left during a code review.
Path: extensions/a2a/src/gateway-call.ts
Line: 2430:2433
Comment:
**Verbose frame logging**
`callGateway` logs raw gateway frames/payloads via `console.log` (including errors and response payloads). In normal operation this will spam logs, and the payloads may contain secrets / user content. Please remove these logs or replace with structured debug logging + redaction behind a disabled-by-default flag.
How can I resolve this? If you propose a fix, please make it concise.
This uses Also appears in: Prompt To Fix With AIThis is a comment left during a code review.
Path: extensions/a2a/src/executor.ts
Line: 2160:2162
Comment:
**`crypto` may be undefined**
This uses `crypto.randomUUID()` without importing from `node:crypto` or otherwise guaranteeing `globalThis.crypto` exists. In many Node/bundled environments this throws `ReferenceError: crypto is not defined`, which would break A2A execution. Please import `randomUUID` from `node:crypto` (as you already do in `extensions/a2a/src/gateway-call.ts`) or otherwise ensure a safe UUID generator is available.
Also appears in: `extensions/a2a/src/tool.ts` (messageId generation).
How can I resolve this? If you propose a fix, please make it concise. |
…o the correct endpoint
|
Hey @benclarkeio 👋 Really cool to see this — we've been working on A2A support independently and just discovered your PR. Rather than duplicate effort, wanted to share some ideas we've been exploring that might complement what you've built here. Per-contact trust tiersOne thing we spent a lot of time on is the security model for who gets to do what when they message your agent. The core insight: trust should be per-relationship, not global. We designed a tiered system:
Each contact gets explicit tool grants: {
"contacts": {
"https://alice.openclaw.ai": {
"name": "Alice's Agent",
"trust": "friend",
"tools": ["calendar", "web_search", "message"],
"skills": ["*"]
},
"https://ai-truism.vercel.app": {
"trust": "skilled",
"tools": ["web_search"],
"skills": ["volunteering"]
}
}
}The big use case: your agent talks to your friend's agent to arrange a meeting. Both agents need real tool access (calendars), but a random agent on the internet shouldn't get the same permissions. Approval flowWhen openclaw a2a approve https://new-agent.com --trust friend --tools calendar,messageRate limitingWe also built a sliding-window rate limiter for the plugin runtime — both per-IP and per-sender-URL, so agents can't hammer each other's tokens. Our design docFull writeup here if you're interested: https://github.com/Zephyr-Blessed/openclaw-a2a/blob/main/DESIGN.md Happy to help implement any of this on your PR if you think it's a useful direction. No point building the same thing twice! 🌿 |
|
Also, we opened a draft PR for adding |
Extends inputProvenance to support agent-to-agent tool invocations: - Add 'tool_invocation' to InputProvenanceKind enum - Add skill and mode fields to InputProvenance type - Update normalizeInputProvenance to handle new fields - Add isToolInvocationProvenance and isCrossSessionProvenance helpers - Update agent_call and debate_call tools to use tool_invocation kind This enables agents to receive structured provenance when called via agent_call/debate_call, allowing skill routing and mode tracking. Related: openclaw#15154, openclaw#10486, openclaw#7516
thewilloftheshadow
force-pushed
the
main
branch
from
bfc1ccb to
f92900f
Compare
Extends inputProvenance to support agent-to-agent tool invocations: - Add 'tool_invocation' to InputProvenanceKind enum - Add skill and mode fields to InputProvenance type - Update normalizeInputProvenance to handle new fields - Add isToolInvocationProvenance and isCrossSessionProvenance helpers - Update agent_call and debate_call tools to use tool_invocation kind This enables agents to receive structured provenance when called via agent_call/debate_call, allowing skill routing and mode tracking. Related: openclaw#15154, openclaw#10486, openclaw#7516
2 participants
Summary
Depends on #9999 (Docker fixes) — merge that first.
extensions/a2a/send_message_to_agentandget_agent_cardtools for calling remote A2A agentsa2a generate-key,a2a list-keys,a2a revoke-key)docs/plugins/a2a.mdcovering setup, authentication, and Tailscale Funnel for public accessTest plan
/.well-known/agent-card.jsonmessage/sendvia curl with API key and confirm responsesend_message_to_agenttool against a remote A2A agentpnpm vitest run extensions/a2afor unit tests🤖 Generated with Claude Code
Greptile Overview
Greptile Summary
extensions/a2a/plugin that exposes the gateway as an A2A agent (agent card endpoint +/a2aJSON-RPC), including inbound API key auth and outbound per-URL auth headers.OpenClawAgentExecutor, plus tools for calling remote A2A agents (send_message_to_agent,get_agent_card).Confidence Score: 3/5
console.logdebug dumping gateway payloads/frames (noise + potential data exposure) and usescrypto.randomUUID()without importingnode:crypto, which can cause runtime failures depending on the Node/bundling environment.(3/5) Reply to the agent's comments like "Can you suggest a fix for this @greptileai?" or ask follow-up questions!