Skip to content

1clawAI/1claw-openclaw-plugin

BranchesTags

Repository files navigation

1claw OpenClaw Plugin

OpenClaw gateway plugin for 1claw — HSM-backed secret management, transaction signing, and Shroud LLM proxy integration for AI agents.

Repository: github.com/1clawAI/1claw-openclaw-plugin
npm: @1claw/openclaw-plugin
Docs: OpenClaw Plugins · 1claw

Features

  • Native agent tools — 18 tools for secrets, vaults, policies, sharing, signing keys, and EVM transactions (optional, configurable)
  • Secret redaction — Scan outbound messages and redact leaked secret values (default on)
  • Secret injection — Replace {{1claw:path/to/secret}} placeholders at prompt time (opt-in)
  • Shroud routing — Route LLM traffic through Shroud TEE when the agent has shroud_enabled (opt-in)
  • Key rotation monitor — Background warnings for secrets expiring within 7 days (opt-in)
  • Slash commands/oneclaw, /oneclaw-list, /oneclaw-rotate (optional)
  • Gateway RPC1claw.status for programmatic health/status
  • Bundled skill — 1claw skill (skills/1claw/SKILL.md) auto-discovered by OpenClaw

All features are toggled via plugins.entries.1claw.config.features. Auth uses config or env vars.

Install

openclaw plugins install @1claw/openclaw-plugin

Or from the repo (e.g. when developing or using as a submodule):

openclaw plugins install -l ./path/to/1claw-openclaw-plugin

Config

Minimal config (config file or env):

{
  plugins: {
    entries: {
      "1claw": {
        enabled: true,
        config: {
          apiKey: "ocv_..."
          // agentId, vaultId, baseUrl, shroudUrl optional
          // features: { tools: true, secretRedaction: true, ... }
        }
      }
    }
  }
}

Env fallback: ONECLAW_AGENT_API_KEY, ONECLAW_AGENT_ID, ONECLAW_VAULT_ID, ONECLAW_BASE_URL, ONECLAW_SHROUD_URL.

Restart the OpenClaw Gateway after changing config.

Tool names

When enabled, tools are registered with a oneclaw_ prefix (e.g. oneclaw_list_secrets, oneclaw_get_secret). Add them to your agent’s tools.allow (e.g. "1claw" or specific names).

Slash commands

Command Description
/oneclaw Connection status, vault info, token TTL, features
/oneclaw-list List secret paths (optional prefix arg)
/oneclaw-rotate Rotate a secret: /oneclaw-rotate <path> <new-value>

Development

npm install
npm run typecheck
  • TypeScript only (no build step required for OpenClaw; jiti loads .ts at runtime).
  • Optional: npm run build to emit dist/ (not required for openclaw plugins install when using source).

As a submodule in 1claw

From the 1claw repo root:

git submodule add https://github.com/1clawAI/1claw-openclaw-plugin.git packages/openclaw-plugin
git submodule update --init --recursive

Clone 1claw with the submodule:

git clone --recurse-submodules https://github.com/1clawAI/1claw.git

License

MIT © 1claw

About

OpenClaw plugin for 1claw — HSM-backed secrets, transaction signing, Shroud TEE

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

0 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages