ClawHub

OrchardOS

v0.2.5-rc.5

Agentic project and task management plugin for OpenClaw. Persistent SQLite-backed task board with a queue runner that auto-dispatches ready tasks as subagent...

0· 86·0 current·0 all-time
by@derp42
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (persistent task board, queue runner, dashboard, subagent dispatch) match the shipped source, routes, tools, and plugin manifest. No unrelated environment variables or surprising binaries are requested. The ability to spawn subagents and expose a loopback UI proxy is explicitly documented in the manifest and README.
Instruction Scope
SKILL.md and README describe only plugin installation, configuration, available agent tools, and API/UI access. Runtime instructions and the codebase limit themselves to task/project CRUD, queue/runner control, a debug surface, and a local UI proxy. There are no instructions to read or exfiltrate unrelated host files or environment variables in the SKILL.md.
Install Mechanism
No install spec in the registry entry (installation is done via the OpenClaw plugin system). Source includes a standard npm package.json and package-lock; dependencies rely on better-sqlite3 (native), and the build step runs tsc and an HTML-to-TS generator. Build-time native compilation and peer dependency on OpenClaw are expected but may require a proper Node toolchain.
Credentials
The plugin does not declare required env vars or credentials. Optional debug env vars and a config schema support an optional context-injection provider (apiKey) and UI server settings. Those optional API keys/config entries are proportional to features (context injection, external KB providers, standalone UI), but enabling them increases the attack surface and should be done intentionally.
Persistence & Privilege
always:false and model-invocation is allowed (default). Orchard is designed to autonomously dispatch subagents (documented); that is necessary for its purpose but raises operational risk if misconfigured. The plugin exposes a loopback-only auth-forwarding proxy by default; non-loopback binds are refused unless explicitly allowed in config.
Assessment
This plugin appears to implement what it claims: a persistent task board with an autonomous queue runner and a local UI proxy. Before installing, consider: 1) autonomous subagent spawns are the core feature — if you need to limit risk, enable debug.logOnly or ORCHARD_DISABLE_ALL_SPAWNS and test in a sandbox; 2) the standalone UI forwards the browser's Authorization header to the gateway — keep uiServer.bindAddress set to 127.0.0.1 and do NOT set uiServer.allowUnsafeBind unless you intentionally want LAN exposure; 3) optional config fields (contextInjection.apiKey, provider) let Orchard call external providers — only supply API keys you trust and understand potential data sent to those services; 4) building the plugin requires native modules (better-sqlite3) and a Node toolchain; verify build on a test host first; 5) review and test the debug flags and rate/limit settings (maxConcurrentExecutors, maxSubagentsPerProject, queueIntervalMs) to avoid runaway dispatching. If you need higher assurance, run the plugin in a local-only OpenClaw instance with debug.logOnly, review the repository manually, and/or restrict its role/permissions in your environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dcyvg0ntxeshdd7capt7cdx83xjjq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments