Tools
ZpokenClaw
By Quality gates for AI agents โ evaluator-optimizer loop plugin for OpenClaw with three-layer validation (structural checks, pattern matching, LLM-as-Judge)
Install
npm install
#README
# ZpokenClaw
**Autonomous agent platform for [OpenClaw](https://openclaw.ai).** Quality gates, sandboxed execution, file management, Docker orchestration, git operations, web search, and self-extension โ everything an AI agent needs to operate autonomously with safety guardrails.
[](LICENSE)
[](https://openclaw.ai)
## Plugins
Each plugin is independently installable. Copy the plugin directory to `~/.openclaw/extensions/` and enable in `openclaw.json`.
| Plugin | Tools | Purpose |
|--------|-------|---------|
| **[zpokenclaw](plugins/zpokenclaw/)** | `task_eval`, `task_clear`, `task_create`, `task_list`, `task_switch`, `pipeline_define`, `pipeline_status`, `pipeline_abort`, `pipeline_extend`, `pipeline_checkpoint_resolve` | Quality gates โ three-layer evaluation (structural, pattern, LLM-as-Judge), eval loops, pipelines, multi-task |
| **[service-registry](plugins/service-registry/)** | `svc_require`, `svc_status`, `svc_budget` | Docker service lifecycle โ health probes, dependency ordering, resource budget, auto-restart |
| **[exec](plugins/exec/)** | `sandbox_exec` | Sandboxed command execution โ Docker containers with configurable filesystem access, network, resource limits |
| **[fs-tools](plugins/fs-tools/)** | `file_read`, `file_write`, `file_edit`, `file_list`, `file_search` | Native file operations with path security gates |
| **[docker-mgmt](plugins/docker-mgmt/)** | `docker_ps`, `docker_inspect`, `docker_logs`, `docker_run`, `docker_start`, `docker_stop`, `docker_rm`, `docker_pull` | Arbitrary Docker container management |
| **[git-tools](plugins/git-tools/)** | `git_status`, `git_diff`, `git_log`, `git_add`, `git_commit`, `git_branch`, `git_checkout`, `git_clone`, `git_push`, `git_pull` | Git operations with path restrictions (no force push) |
| **[web-search](plugins/web-search/)** | `oc_web_search` | Web search via SearXNG metasearch with quick/deep modes |
| **[plugin-scaffold](plugins/plugin-scaffold/)** | `plugin_scaffold` | Generate new plugin boilerplate โ the agent extends itself |
## Quick Start
```bash
# Install all plugins, dependencies, and patch openclaw.json (~6 seconds)
./install.sh --judge-provider claude
# Restart the gateway to load plugins
openclaw gateway restart
# Verify everything is healthy (41 checks)
./doctor.sh
```
**Options:**
- `--link` โ Symlink plugins instead of copying (dev mode)
- `--no-deps` โ Skip `npm install`
- `--judge-provider PROVIDER` โ Set LLM judge provider (auto-detected if omitted)
- `--workspace DIR` โ Override workspace directory
**Single plugin install:**
```bash
cp -r plugins/zpokenclaw ~/.openclaw/extensions/zpokenclaw
cd ~/.openclaw/extensions/zpokenclaw && npm install
# Add to openclaw.json plugins.entries with id matching openclaw.plugin.json "id" field
openclaw gateway restart
```
**Troubleshooting:**
```bash
./doctor.sh --fix # auto-repair common issues
```
## Architecture
```
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ OpenClaw Gateway โ
โ โ
โ Plugin Load Order: โ
โ โ
โ 1. service-registry Infrastructure lifecycle โ
โ โโ before_tool_call: pre-exec health gate (pri: 100) โ
โ โโ Tools: svc_require, svc_status, svc_budget โ
โ โโ Service: orchestrator (60s health probes) โ
โ โ
โ 2. zpokenclaw Quality enforcement โ
โ โโ before_prompt_build: context + retry + alerts โ
โ โโ message_sending: 5-gate outbound enforcement โ
โ โโ Tools: task_eval, pipeline_define, ... โ
โ โโ Commands: /loop /stop /retry /skip /pipeline โ
โ โ
โ 3. exec Sandboxed execution โ
โ โโ Tools: sandbox_exec โ
โ โ
โ 4. fs-tools File operations โ
โ โโ Tools: file_read, file_write, file_edit, ... โ
โ โ
โ 5. docker-mgmt Container management โ
โ โโ Tools: docker_run, docker_ps, docker_logs, ... โ
โ โ
โ 6. git-tools Version control โ
โ โโ Tools: git_status, git_commit, git_push, ... โ
โ โ
โ 7. web-search Information retrieval โ
โ โโ Tools: oc_web_search (quick/deep) โ
โ โ
โ 8. plugin-scaffold Self-extension โ
โ โโ Tools: plugin_scaffold โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
```
## Security Model
- **Sandbox execution** โ Commands run inside disposable Docker containers with configurable access: `sandbox` (fully isolated), `host-ro` (read-only workspace), `host-rw` (read-write workspace). No network by default.
- **Path security** โ File and git tools validate all paths against an allow-list. Blocked: credentials, SSH keys, env files, Docker socket, system configs. Symlink escape prevention.
- **Command injection prevention** โ All subprocess calls use `spawnSync` with argument arrays (not string interpolation). No shell parsing of user inputs.
- **Resource limits** โ Docker containers get memory, CPU, and PID limits. Service registry enforces a global budget with cgroup v2 slice.
- **Quality gates** โ The eval-loop prevents the agent from delivering unvalidated output. Three-layer evaluation: structural checks, pattern matching, LLM-as-Judge.
## Requirements
- [OpenClaw](https://openclaw.ai) v2026.2+
- Node.js 18+
- Docker (for exec, web-search, service-registry)
## License
[MIT](LICENSE)
tools
Comments
Sign in to leave a comment