OpenClaw Codex

Article

Plugin Quickstart: Build Reusable Capability Units

Plugins are production code running in the gateway process. Write for operability: observability, rollback, and least privilege.

Security Boundary First

Never publish real config values. Public examples should explain structure and policy boundaries with placeholders only.

Four Must-Haves

  • Explicit config schema and defaults.
  • Observable execution path and traceability.
  • Rollback-safe versioning.
  • Least-privilege external access.

Skeleton

my-plugin/
  openclaw.plugin.json
  package.json
  src/index.ts
  README.md

Placeholder Configuration

{
  "plugins": {
    "entries": {
      "my-plugin": {
        "enabled": true,
        "config": {
          "apiBaseUrl": "<YOUR_API_BASE_URL>",
          "apiKey": "<STORE_IN_SECRET_MANAGER>",
          "timeoutMs": 8000
        }
      }
    }
  }
}

Official Reference

OpenClaw Plugin Docs