



























@@ -186,6 +186,77 @@ Override the command or version in plugin config:
186186187187See [Plugins](/tools/plugin).
188188189+## Optional Coven backend
190+191+OpenClaw can also register a bundled, opt-in `coven` ACP backend for operators
192+who want ACP coding sessions supervised by a local [Coven](https://github.com/OpenCoven/coven)
193+daemon instead of launched directly through ACPX.
194+195+This is intentionally an extension, not a core runtime path:
196+197+- the default ACPX backend stays unchanged for normal installs;
198+- Coven has its own daemon, socket, session store, harness mapping, and project
199+ boundary model;
200+- the bridge can be enabled, disabled, configured, and reviewed independently
201+ through the plugin system; and
202+- OpenClaw remains responsible for ACP session routing, chat bindings, task
203+ state, and fallback policy while Coven owns harness supervision.
204+205+Minimal opt-in config:
206+207+```json5
208+{
209+ acp: {
210+ enabled: true,
211+ backend: "coven",
212+ defaultAgent: "codex",
213+ },
214+ plugins: {
215+ entries: {
216+ coven: {
217+ enabled: true,
218+ config: {
219+// Optional. Defaults to ~/.coven. Environment variables are not used for this trust anchor.
220+ covenHome: "~/.coven",
221+// Optional. Defaults to <covenHome>/coven.sock; overrides must resolve to that path.
222+ socketPath: "~/.coven/coven.sock",
223+// Optional. Defaults to false; enable only when direct ACP fallback is acceptable.
224+ allowFallback: false,
225+// Optional. Used only when allowFallback is true.
226+ fallbackBackend: "acpx",
227+ },
228+ },
229+ },
230+ },
231+}
232+```
233+234+When selected, OpenClaw checks Coven daemon health over the configured Unix
235+socket before launching. A successful launch creates a Coven session and records
236+the Coven session id in the ACP runtime handle. If the health check or launch
237+fails, OpenClaw fails closed by default so `acp.backend="coven"` cannot silently
238+downgrade to direct ACP execution. Set `allowFallback: true` only when direct
239+ACP fallback is an explicit, acceptable operator choice.
240+241+For path safety, `~` in `covenHome` and `socketPath` expands to the current
242+user home directory, and configured Coven paths must be absolute after that
243+expansion. OpenClaw rejects workspace-relative Coven daemon paths because the
244+daemon socket is a local user trust anchor, not repository-controlled state.
245+`socketPath` must resolve to `<covenHome>/coven.sock`; OpenClaw does not allow
246+arbitrary Coven socket filenames because the daemon socket is the local trust
247+anchor. Keep `covenHome` owned by the OpenClaw user and private (`0700`);
248+OpenClaw rejects symlinked, shared-accessible, shared-writable, or non-socket
249+Coven socket paths before connecting. The Coven backend currently requires Unix
250+socket validation and fails closed on Windows rather than trusting a socket path
251+whose owner and permissions cannot be validated by this plugin.
252+253+The default harness mapping sends known ACP agent ids such as `codex`, `claude`,
254+`gemini`, and `opencode` to explicitly authorized Coven harness ids. Unknown
255+ACP agent ids are rejected instead of being forwarded as harness names. Override
256+`plugins.entries.coven.config.harnesses` only when your local Coven install uses
257+custom harness names, and keep `acp.allowedAgents` aligned with the intended
258+chat-exposed harness set.
259+189260### Automatic dependency install
190261191262When you install OpenClaw globally with `npm install -g openclaw`, the acpx
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。