npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@oked/openclaw

v0.3.6

Published

OKed plugin for OpenClaw. Gates skill and tool calls behind a human approval push to your phone.

Downloads

1,679

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

oked-adminoked-adminorendororendor

Keywords

openclawopenclaw-pluginapprovalagentsaihuman-in-the-loopoked

Readme

@oked/openclaw

npm version License: MIT Types: included

Zero-code integration for OpenClaw. Registers a before_tool_call hook that fires for every tool the OpenClaw agent calls (built-in or skill-registered), classifies it, and freezes the agent on dangerous actions until you approve from the OKed mobile app.

Why

OpenClaw's built-in iOS approvals cover shell commands (exec.approval.*). They do not automatically cover the skill / plugin tools agents actually use to touch the real world (sending iMessages, making phone calls, deploying sites, charging cards). Skill authors have to opt in to plugin.approval.request, and most don't. This plugin closes that gap.

Install

npm install -g @oked/openclaw @oked/openclaw-cli
oked-openclaw init

The CLI (@oked/openclaw-cli) runs openclaw plugins install --link against this package, prompts for your API key + minTier, writes the entry into ~/.openclaw/openclaw.json, and restarts the OpenClaw daemon.

If you'd rather do it by hand:

openclaw plugins install --link <path-to-this-package>

Then in ~/.openclaw/openclaw.json:

{
  "plugins": {
    "allow": ["oked"],
    "entries": {
      "oked": {
        "enabled": true,
        "apiKey": "ok_...",
        "backendUrl": "https://api.oked.ai",
        "minTier": "review"
      }
    }
  }
}

Restart the OpenClaw gateway and you're done.

Configuration

All keys go under plugins.entries.oked:

| Key | Type | Default | Description | |---|---|---|---| | apiKey | string | OKED_API_KEY env | Your OKed API key. Required. | | backendUrl | string | https://api.oked.ai | Override the OKed backend URL. | | minTier | "review" \| "high_stakes" | "review" | Minimum risk tier that triggers approval. Set to "high_stakes" to only gate the most dangerous calls. warning is informational only and does not block. | | alwaysApprove | string[] | [] | Tool names to always require approval for, regardless of classifier. | | alwaysAllow | string[] | [] | Tool names to never gate. Use sparingly. | | timeoutMs | number | 300000 | Per-approval timeout in ms. |

What gets gated

The classifier matches OpenClaw skill naming conventions:

  • High stakes (always approval): *_send, *_post, *_publish, *_call, *_dial, *_charge, *_pay, *_delete, *_drop, *_deploy, *_release, ...
  • Review (approval at default minTier): *_create, *_update, *_write, *_edit, *_rename, *_modify, and unknown tool names.
  • Warning (log / allow): lower-risk state changes from shared SDK classifiers.
  • Safe (never gated): get_*, list_*, search_*, read_*, find_*.
  • Bash / shell / exec: defers to the @oked/sdk shell classifier (rm -rf, git push --force, ...).

For tool names the classifier doesn't recognize, the default tier is review, so they are gated by the default configuration.

Degraded-mode behavior

Explicit denials, invalid API keys, missing API keys, and unexpected plugin errors deny sensitive tool calls. If the backend is unreachable, OKed denies high_stakes actions and, by default, allows lower tiers so a temporary outage does not stop every OpenClaw workflow. Set OKED_STRICT_FAIL_CLOSED=1 to deny every sensitive action during backend outages.

Comparison to OpenClaw built-in approvals

| | OpenClaw exec.approval.* | @oked/openclaw | |---|---|---| | Shell commands | OK | OK (via classifier) | | Skill / plugin tools | Only if skill author opts in | OK all tools | | Mobile push | iOS app paired via device-pairing | OKed mobile app, unified across Claude Code + OpenClaw + future tools | | Audit log | Gateway-local | Centralized OKed dashboard |

Use both. OpenClaw's exec approvals stay in place; this plugin layers on top to cover the skill surface.

Development

npm install
npm run build
npm test

License

MIT