ACPX Runtime

Package: @openclaw/acpx (npm) Version: 2026.5.7 Description: OpenClaw ACP runtime backend The package implements an Agent Client Protocol (ACP) runtime backend for the OpenClaw platform. It manages configuration, state isolation (using a dedicated codex-home state directory), inter-process communication (via MCP proxy), and external agent execution. The design emphasizes security against command injection, primarily by using dedicated functions (`splitCommandLine`, `splitCommandParts`) to parse potentially unsafe command strings into arrays of arguments, which are then passed to `child_process.spawn` using the safe array syntax. Configuration values injected into agent commands are robustly shell-quoted. The code structure, validation schema (Zod), and explicit measures against Windows wrapper scripts indicate an implementation focused on secure operation within its intended ecosystem.