OpenClaw Deal Hunter

OpenClaw plugin: watch product URLs, scan with conditional GET (ETag / Last-Modified), streaming byte caps, shared undici connection pooling, and TypeScript heuristic deal signals.

The extraction stack is layered:

• retailer-aware extractors for common HTML patterns
• JSON-LD / OpenGraph extraction
• bounded regex fallback for visible prices

Ethics & responsibility

• You are responsible for complying with each site’s terms of service and robots.txt. This plugin does not bypass CAPTCHAs or anti-bot systems.
• Built-in per-host spacing and global concurrency caps reduce accidental load; tune defaultMaxRpsPerHost and maxConcurrent for your environment.
• Examples in this readme are illustrative only.

Install

Requires Node >= 20 and OpenClaw Gateway with plugin loading enabled.

Source repo:

https://github.com/Cognostra/deal-finder

Important install note:

• For native OpenClaw plugins, the supported public install path is an npm package spec such as openclaw plugins install <npm-spec>.
• The OpenClaw CLI does not accept a GitHub repo URL as a native plugin install spec.
• GitHub should be treated as the source/support repo; npm is the easy end-user install path.

Primary install path:

openclaw plugins install openclaw-deal-hunter

Local source install for development:

cd /path/to/deal-finder
npm install
npm run build
openclaw plugins install -l .

Enable the plugin and tools in your OpenClaw config, for example:

plugins: {
  entries: {
    "openclaw-deal-hunter": {
      enabled: true,
      config: {
        maxConcurrent: 8,
        maxBytesPerResponse: 1048576,
        defaultMaxRpsPerHost: 1,
        allowedHosts: ["*.example.com"],
        blockedHosts: ["localhost"],
        fetcher: "local"
      }
    }
  }
}

Update or remove:

openclaw plugins install openclaw-deal-hunter@latest
openclaw plugins remove openclaw-deal-hunter

Allow-list tools for your agent (names must be explicitly allowed when using plugin-only tool policy):

agents: {
  list: [
    {
      id: "main",
      tools: {
        allow: [
          "openclaw-deal-hunter",
          "deal_watch_list",
          "deal_template_list",
          "deal_watch_add",
          "deal_watch_add_template",
          "deal_watch_update",
          "deal_watch_set_enabled",
          "deal_watch_search",
          "deal_watch_taxonomy",
          "deal_host_report",
          "deal_saved_view_list",
          "deal_saved_view_create",
          "deal_saved_view_update",
          "deal_saved_view_run",
          "deal_saved_view_dashboard",
          "deal_saved_view_delete",
          "deal_view_scan",
          "deal_view_report",
          "deal_watch_bulk_update",
          "deal_view_bulk_update",
          "deal_watch_tag",
          "deal_watch_dedupe",
          "deal_watch_export",
          "deal_watch_import",
          "deal_watch_import_url",
          "deal_watch_remove",
          "deal_scan",
          "deal_fetch_url",
          "deal_extraction_debug",
          "deal_evaluate_text",
          "deal_help",
          "deal_quickstart",
          "deal_report",
          "deal_digest",
          "deal_workflow_action_queue",
          "deal_workflow_portfolio",
          "deal_workflow_triage",
          "deal_workflow_cleanup",
          "deal_workflow_best_opportunities",
          "deal_health",
          "deal_history",
          "deal_alerts",
          "deal_trends",
          "deal_top_drops",
          "deal_market_check",
          "deal_product_groups",
          "deal_best_price_board",
          "deal_llm_review_queue",
          "deal_llm_review_run",
          "deal_llm_review_apply",
          "deal_watch_insights",
          "deal_watch_provenance",
          "deal_watch_identity",
          "deal_schedule_advice",
          "deal_doctor",
          "deal_sample_setup"
        ]
      }
    }
  ]
}

Tools

| Tool | Purpose | |------|---------| | deal_watch_list | List watches and last snapshots. | | deal_template_list | List built-in watch templates for common deal and restock patterns. | | deal_watch_add | Add a URL with optional maxPrice, percentDrop, keywords. | | deal_watch_add_template | Create a watch from a built-in template, with dry-run preview support. | | deal_watch_update | Update a watch’s URL, thresholds, label, keywords, or enabled state. | | deal_watch_set_enabled | Enable or disable one or more watches in bulk. | | deal_watch_search | Search/filter/sort watches by query, enabled state, snapshot state, signals, tag, group, or price. | | deal_watch_taxonomy | Summarize groups, tags, organization gaps, and suggested saved views for larger watchlists. | | deal_host_report | Summarize watches by host with signal density, alert load, and cadence recommendations. | | deal_saved_view_list | List saved watch search views and their current match counts. | | deal_saved_view_dashboard | Summarize all saved views at a glance with top alerts, best opportunities, and next actions. | | deal_saved_view_create | Save a reusable watch search/filter view for larger watchlists. | | deal_saved_view_update | Rename or retarget an existing saved view. | | deal_saved_view_run | Run a saved view and return the current matching watches. | | deal_saved_view_delete | Delete a saved watch search view. | | deal_view_scan | Run deal_scan against the watches currently matched by one saved view. | | deal_view_report | Generate alerts, trends, drops, and best-opportunity summaries for one saved view. | | deal_watch_bulk_update | Bulk-update watches selected by ids or search filters; dry-run by default. | | deal_view_bulk_update | Bulk-update all watches currently matched by one saved view; dry-run by default. | | deal_watch_tag | Add, remove, or replace tags and assign groups across matching watches. | | deal_watch_dedupe | Find or resolve likely duplicate watches using canonicalized URLs. | | deal_watch_export | Export watches, optionally including snapshots and history, for backup or migration. | | deal_watch_import | Import watches with append, upsert, replace, and dryRun support. | | deal_watch_import_url | Fetch a remote JSON watchlist over HTTP(S), validate it, and import it with dry-run support. | | deal_watch_remove | Remove by watchId. | | deal_scan | Scan all enabled watches (or watchIds); commit: false dry-run. | | deal_fetch_url | One-off capped fetch + heuristic extraction. | | deal_extraction_debug | Show heuristic extraction candidates, chosen fields, and confidence reasons for one URL. | | deal_evaluate_text | Score pasted text for “freebie / glitchy” wording (no network). | | deal_help | Show install, tool, cron, and safety guidance from inside OpenClaw. | | deal_quickstart | Show a first-run checklist, starter prompts, and privacy/safety reminders. | | deal_report | Summarize the watchlist, price leaders, recent changes, noisy watches, and glitch candidates. | | deal_digest | Produce a concise announcement-ready digest for the whole watchlist or one saved view. | | deal_workflow_action_queue | Build a prioritized queue of the most important next actions across alerts, cleanup, discovery, and review. | | deal_workflow_portfolio | Build a portfolio dashboard for the whole watchlist or a saved view. | | deal_workflow_triage | Answer what changed, what matters, what looks noisy, and what to review first. | | deal_workflow_cleanup | Surface duplicates, stale/disabled items, weak extraction cases, and noisy cleanup candidates. | | deal_workflow_best_opportunities | Rank top likely-real deals, suspicious glitches, strongest alerts, and same-product price spreads. | | deal_health | Show configuration, storage, safety posture, and operational recommendations. | | deal_review_policy | Show the effective scan-time review mode, thresholds, rewrite rules, and whether automatic model review is active. | | deal_history | Show per-watch price history, recent deltas, and lowest/highest seen prices. | | deal_alerts | Rank current threshold, keyword, and recent high-severity watch signals. | | deal_trends | Summarize falling, rising, flat, and volatile watches with compact sparklines. | | deal_top_drops | Rank the strongest deals by discount from peak or the latest committed drop. | | deal_market_check | Compare one watch against likely same-product watches already in the current store. | | deal_market_check_candidates | Fetch explicit candidate URLs and compare them against one anchor watch before you add or import anything. | | deal_discovery_backlog | Rank which enabled watches most need broader same-product coverage and explain why. | | deal_discovery_policy | Show the effective discovery mode, budgets, trusted-host posture, and provider readiness. | | deal_discovery_report | Run discovery and return a compact summary of the best candidates, duplicates, blocked results, and import recommendations. | | deal_discovery_search | Run bounded provider-backed discovery search on explicit trusted retailer hosts and return candidate URLs. | | deal_discovery_fetch | Fetch explicit candidate URLs, extract them safely, and rank likely same-product matches. | | deal_discovery_run | Run bounded discovery search or explicit-candidate fetch/ranking, prepare import decisions, and include a compact report. | | deal_discovery_import | Import approved discovery candidates as new watches, with dry-run preview and compact discovery report by default. | | deal_product_groups | Cluster likely same-product watches across the store or a saved view and summarize group spreads. | | deal_best_price_board | Rank grouped same-product opportunities by current internal spread and best-known watch. | | deal_llm_review_queue | Prepare low-confidence extraction or identity cases for optional manual or llm-task JSON review. | | deal_llm_review_run | Execute one queued extraction or identity review through the embedded OpenClaw runtime and return JSON. | | deal_llm_review_apply | Apply reviewed extraction or identity fields back onto a watch snapshot with dry-run preview support. | | deal_watch_insights | Explain one watch in depth: trend, volatility, glitch risk, and active signals. | | deal_watch_provenance | Show how a watch entered the store, what the latest snapshot came from, and whether truncation or review touched it. | | deal_watch_identity | Show stored product identifiers for a watch and any other watches sharing those identifiers. | | deal_schedule_advice | Recommend scan cadence by host or watch from observed history timing. | | deal_doctor | Run a lightweight sanity check for config and watchlist setup. | | deal_sample_setup | Show install, config, allowlist, prompt, and cron examples. |

Side-effecting tools are registered as optional (except deal_watch_list / deal_evaluate_text) so you opt in via tools.allow.

Recommended first-run workflow:

1. deal_quickstart for the shortest safe first-run checklist.
2. deal_help for install/tool guidance and sample prompts.
3. deal_sample_setup for ready-to-copy install/config/cron examples.
4. deal_template_list if you want an opinionated starter path instead of manually filling watch fields.
5. deal_watch_add_template in dryRun: true mode to preview a watch built from a template before saving it.
6. deal_watch_add when you want a fully custom watch instead of a template.
7. deal_watch_search to inspect watches and current threshold/keyword signals.
8. deal_watch_taxonomy once the list grows so you can see the dominant groups, tags, and best candidate saved views.
9. deal_host_report when you want a retailer-level view of watch density, active signals, and cadence pressure.
10. deal_saved_view_create once you have a search you expect to reuse, like "GPU alerts" or "disabled watches with snapshots".
11. deal_saved_view_dashboard when you want to see which saved views are hot, empty, noisy, or action-worthy without opening each one.
12. deal_saved_view_update once you know which saved slices actually deserve their own workflow.
13. deal_watch_tag, deal_watch_bulk_update, or deal_view_bulk_update to organize watches into tags and groups as the list grows.
14. deal_watch_dedupe in dry-run mode before imports or cleanup work.
15. deal_scan with commit: true to capture snapshots, then deal_view_scan when you want to scan only one saved slice.
16. deal_view_report, deal_digest, deal_workflow_action_queue, deal_workflow_triage, deal_history, deal_alerts, deal_trends, and deal_top_drops to inspect recent movement and ranked opportunities.
17. deal_market_check_candidates when you have a few explicit retailer URLs and want same-product evidence before adding them as watches.
18. deal_discovery_backlog to decide which enabled watches most deserve discovery effort first.
19. deal_discovery_policy if you want to verify the current discovery mode, host allowlists, and search/fetch budgets before running discovery tools.
20. deal_discovery_report when you want the smallest, decision-ready discovery summary before drilling into raw candidates.
21. deal_discovery_search first if discovery.provider is firecrawl-search and you want bounded candidates from a few trusted retailer hosts.
22. deal_discovery_run when you want bounded discovery scoring and import preview from either explicit candidate URLs or provider-backed search.
23. deal_discovery_import in dryRun: true mode before adding any discovery candidates as real watches.
24. deal_product_groups and deal_best_price_board once you have multiple same-product watches across retailers.
25. deal_workflow_best_opportunities when you want the sharpest “what should I care about now?” answer.
26. deal_llm_review_queue if weak extraction or identity cases still need optional model-assisted review.
27. deal_llm_review_run when you want one queued review executed immediately through your current OpenClaw model setup.
28. deal_llm_review_apply in dryRun: true mode before writing reviewed extraction or identity fields back to a watch snapshot.
29. deal_watch_provenance when you need to verify where a watch came from or whether a committed snapshot was truncated or manually reviewed.
30. deal_workflow_cleanup when you want duplicates, stale items, weak extraction cases, and noisy watches surfaced in one pass.
31. deal_watch_export before major cleanup work or when moving watches to another workspace.
32. deal_watch_import with dryRun: true before applying migrated watchlists from a local export.
33. deal_watch_import_url with dryRun: true before applying a shared remote watchlist.
34. deal_watch_update or deal_watch_set_enabled for single-watch changes.
35. deal_market_check, deal_watch_identity, deal_watch_insights, deal_watch_provenance, deal_schedule_advice, deal_report, deal_digest, deal_workflow_action_queue, deal_workflow_portfolio, deal_health, and deal_doctor to audit the current state of the plugin.

deal_scan responses now include compact model-friendly fields per watch:

• changed, changeType, changeReasons
• previousPrice, currentPrice, priceDelta, percentDelta
• alertSeverity, alertScore, extractionConfidence
• fetchSource, fetchSourceNote
• reviewMode, reviewQueued, reviewApplied, reviewedFields, reviewWarnings
• responseTruncated
• summaryLine
• top-level summary, rankedAlerts, and aggregate reviewWarnings

Snapshot and extraction metadata also include canonicalTitle, which normalizes cosmetic title differences for cleaner watch metadata and more stable agent summaries.

Snapshots can now also persist product identity hints when the page exposes them, including fields like:

• brand
• modelId
• sku
• mpn
• gtin
• asin

Committed snapshots also persist fetch provenance for trust/debugging:

• fetchSource
• responseBytes
• responseTruncated

If a fetch hit the configured byte cap, the scan result and the committed snapshot now surface that explicitly so you can inspect it with deal_watch_provenance or deal_extraction_debug.

Reviewed snapshot updates can also persist field-level provenance when you apply an extraction or identity review:

• original value
• reviewed value
• review source
• review timestamp
• optional candidate type, provider, model, and reasons

deal_llm_review_apply now writes that provenance onto the snapshot, and still supports dryRun: true before any write.

The current retailer-aware extractor pack includes fixture-backed support for:

• Amazon-style product pages
• Best Buy-style product pages
• eBay-style product pages
• Target-style product pages
• Walmart-style product pages
• Newegg-style product pages
• Home Depot-style product pages
• Costco-style product pages
• Lowe's-style product pages

deal_extraction_debug now shows:

• which extractor matched, if any
• title and price candidates by source
• product identity candidates by source
• the chosen title/price source
• extraction confidence reasons

Committed scans now build bounded per-watch history so the plugin can report:

• lowest seen price
• highest seen price
• latest price delta
• recent alert-bearing changes

deal_report now also highlights:

• recentChanges for the latest committed movements across the watchlist
• noisyWatches for products whose recent history looks unusually volatile
• glitchCandidates for near-zero or extreme-drop cases worth manual review

The analytics tools add:

• deal_trends for compact per-watch direction and volatility summaries
• deal_top_drops for ranking discounts against historical peaks or the latest committed move
• deal_market_check for comparing likely same-product watches already in your own watch store
• deal_market_check_candidates for testing a few explicit retailer URLs against an anchor watch before you import or add them
• deal_discovery_backlog for ranking which enabled watches most need broader same-product coverage
• deal_discovery_policy for checking whether discovery is off, manual-only, or provider-backed and what host/budget rules are active
• deal_discovery_report for a compact discovery decision summary with best candidates, duplicates, and blocked results
• deal_discovery_search for bounded provider-backed search across explicit trusted retailer hosts
• deal_discovery_fetch, deal_discovery_run, and deal_discovery_import for bounded discovery workflows with explicit review before import
• deal_product_groups for clustering likely same-product watches into explainable groups
• deal_best_price_board for ranking current best-known internal prices by grouped market spread
• deal_llm_review_queue for preparing optional JSON-only review payloads when extraction or identity still looks ambiguous
• deal_watch_insights for one-watch explanations with sparkline context
• deal_watch_identity for stored product identifiers and same-product watch matching inside the current store
• deal_schedule_advice for host-level or watch-level scan cadence suggestions

Same-product matching is now more explicit in its evidence:

• shared identity fields
• conflicting identity fields
• match score and match strength
• match reasons and match warnings

deal_alerts now includes glitchScore and glitchReasons so small models can distinguish normal threshold hits from suspicious freebie-like results.

deal_health and deal_doctor now also surface discovery/review posture, including:

• whether discovery is off, manual, or firecrawl-search
• whether provider-backed discovery is missing a Firecrawl API key or explicit trusted hosts
• whether scan-time review is off, queue, or auto_assist

Optional intelligence path

Deal Hunter now supports a scan-time review policy that is still off by default.

Modes:

• off: normal safe default; scans never auto-invoke a model
• queue: low-confidence scans are marked for review, but no model is invoked
• auto_assist: low-confidence scans can trigger bounded automatic review with explicit provenance

Bounded same-product discovery is also available now in two explicit modes:

• manual
  • enable discovery.enabled
  • set discovery.provider to "manual"
  • pass explicit candidate URLs to deal_discovery_fetch, deal_discovery_run, or deal_discovery_import
• firecrawl-search
  • enable discovery.enabled
  • set discovery.provider to "firecrawl-search"
  • configure firecrawlApiKey
  • provide explicit trusted retailer hosts through discovery.allowedHosts or tool parameters
  • use deal_discovery_policy to verify the active posture
  • use deal_discovery_search, deal_discovery_run, or deal_discovery_import

Even in firecrawl-search mode, discovery remains bounded:

• no recursive crawling
• no automatic import
• no provider-backed search without explicit trusted hosts
• all fetched result URLs still pass the normal URL and redirect safety policy

Imported discovery watches also retain provenance in importSource, including the anchor watch, provider mode, candidate URL, and any search query/rank metadata that led to the import.

deal_sample_setup now includes example config blocks for:

• baseline local fetch mode
• manual discovery mode
• Firecrawl-backed bounded discovery mode
• queue-only review policy
• bounded auto_assist review policy

That default posture is intentional:

• the clean built-in OpenClaw route is the bundled llm-task extension
• current llm-task docs describe it as a bundled extension, not a stable community-plugin dependency surface
• this package stays install-safe and provider-agnostic by avoiding a hidden runtime dependency on another plugin

Instead, the plugin exposes explicit opt-in review paths:

• deal_llm_review_queue prepares the exact cases that would benefit from optional review
• deal_llm_review_run executes one queued case through the embedded OpenClaw runtime using your current provider/model setup or explicit overrides
• deal_llm_review_apply lets you write reviewed fields back to the watch snapshot with a dry-run-first preview
• deal_review_policy shows the active scan-time review mode and thresholds

If you enable queue or auto-assist in plugin config, low-confidence scan results will now expose:

• whether review was queued
• whether review was applied
• which fields were reviewed
• any review warnings
• provider/model metadata when auto-assist actually ran

The queue still matters because it keeps the expensive path narrow and explainable. It identifies:

• weak extraction cases
• unresolved same-product identity cases
• a prompt, input payload, and suggested JSON Schema for each candidate

If you enable OpenClaw’s bundled llm-task separately, you can still feed those payloads into your own workflow without making Deal Hunter itself depend on the bundled tool.

deal_watch_import supports:

• append to always create new watches
• upsert to match by id first, then url
• replace to swap the current watchlist with the imported one
• dryRun to preview the result before writing

deal_watch_import_url supports:

• remote JSON arrays of watches
• prior deal_watch_export payloads with a top-level watches array
• dryRun by default so remote imports are previewed before writing
• per-run group, addTags, and enabled overrides
• recorded importSource metadata so shared-list provenance stays visible on imported watches

Watch management now also includes:

• URL canonicalization that strips common tracking params before storage and dedupe checks
• built-in watch templates for price caps, percent-drop tracking, hybrid deal watches, restock signals, and clearance hunting
• optional group and tags metadata for organizing larger watchlists
• deal_watch_taxonomy for summarizing group/tag coverage and suggesting the next saved views worth creating
• deal_host_report for retailer-level watch density, signal load, and cadence pressure
• saved views for repeat watchlist searches and imported-list navigation
• saved-view execution targets for scanning, reporting, and bulk updates
• bulk update and tag tools that are dry-run-first for safer agent workflows
• dedupe reporting and duplicate resolution based on canonicalized URLs

Workflow-oriented tools now also include:

• deal_view_report for one-call saved-view reporting
• deal_workflow_triage for change review and prioritization
• deal_workflow_cleanup for list hygiene and extraction-quality review
• deal_workflow_portfolio for an executive dashboard
• deal_workflow_best_opportunities for decisive “best deal vs suspicious glitch” ranking

Network guardrails:

• Watch and fetch URLs must be http or https.
• Localhost and private-network IP literals are blocked by default.
• Hostnames that resolve to private or loopback IPs are blocked at fetch time.
• allowedHosts and blockedHosts can further restrict where the plugin is allowed to connect.
• Redirect targets are validated before the plugin follows them.

Privacy & data

• Watch metadata, the latest snapshot, and committed history are stored in the configured JSON store path.
• Saved watch-search views are stored alongside the watchlist so larger setups keep their navigation shortcuts.
• Exported watchlists may include URLs, thresholds, snapshots, and history if you choose to include them.
• deal_watch_import supports dryRun so you can preview changes before writing them to disk.
• deal_watch_import_url records the source URL and import timestamp on affected watches.
• allowedHosts is the best way to keep the plugin constrained to the domains you actually want it to touch.

Troubleshooting

• Use deal_quickstart if you want the shortest safe first-run path.
• Use deal_doctor for a quick sanity check.
• Use deal_health to inspect active limits, fetcher choice, and host-policy posture.
• Use deal_fetch_url when you need a quick raw preview.
• Use deal_extraction_debug when extraction quality looks weak and you want to inspect candidates, chosen fields, and confidence reasons.
• If a URL is blocked, compare it against your allowedHosts and blockedHosts settings first.

Proactive scans (cron)

Use OpenClaw’s scheduler so the agent runs a batch scan on a cadence, then announces to your channel. Example pattern:

openclaw cron add \
  --name "Deal scan" \
  --cron "0 * * * *" \
  --tz "America/Los_Angeles" \
  --session isolated \
  --message "Run deal_scan with commit true for all enabled watches. If any result has non-empty alerts, summarize the best deals for me." \
  --announce \
  --channel telegram \
  --to "user:YOUR_TARGET"

Adjust --channel / --to for Discord, Slack, WhatsApp, or use webhook delivery per OpenClaw docs.

Optional Firecrawl fetcher

Set fetcher: "firecrawl" and provide firecrawlApiKey (and optionally firecrawlBaseUrl) to route listing retrieval through Firecrawl’s scrape API instead of direct GET.

Notes:

• Firecrawl is currently supported in the Node engine path.
• deal_scan now loads the store under lock, releases the lock while network requests run, and re-locks only for commit/merge.

Publishing and listing

For a community-listed OpenClaw plugin, the expected public shape is:

• npm-published package
• public GitHub repository
• setup/use docs
• issue tracker

That means this repo should be the public source of truth, but end-user installs should point at the npm package, not the GitHub URL.

Local OpenClaw test harness

Development/testing only.

This repo includes an isolated harness that does not touch your main ~/.openclaw state:

./scripts/openclaw-test-cli.sh plugins list
./scripts/openclaw-test-cli.sh gateway --port 18789 --verbose
./scripts/openclaw-test-cli.sh gateway status

Notes:

• test config lives at ./.openclaw-test/openclaw.json
• wrapper script syncs model/auth selection from your main ~/.openclaw/openclaw.json into the repo-local test config before each run
• by default the harness uses an isolated repo-local state dir at ./.openclaw-test, while inheriting the model/provider you chose during OpenClaw setup
• the wrapper also seeds the repo-local test agent from your main OpenClaw agent state when per-agent model/auth files are available
• repo-local workspace and plugin store stay under ./.openclaw-test
• the test agent id is deal-finder-test to avoid colliding with your normal main agent sessions
• stop the foreground gateway with Ctrl+C

Provider/model sanity commands:

ollama list
./scripts/openclaw-test-cli.sh models list

Simple local agent/tool turn:

./scripts/openclaw-agent-smoke.sh

Equivalent direct command:

./scripts/openclaw-test-cli.sh agent \
  --agent deal-finder-test \
  --thinking low \
  --message "Use deal_watch_list and tell me how many watches exist and whether any are enabled. Keep it to one short paragraph."

If you want to point the harness at your real OpenClaw state dir instead of the repo-local isolated test state:

OPENCLAW_TEST_STATE_DIR="$HOME/.openclaw" ./scripts/openclaw-test-cli.sh ...

Development

npm run build
npm test
npm run audit:prod
npm run audit:full
npm run release:verify

If test execution ever hangs or exits oddly on your machine, run:

npm run test:diagnose

That command prints the active node resolution and then runs Vitest with the hanging-process reporter under a real-Node-first PATH. This matters on systems where node is aliased or symlinked to Bun.

npm run release:verify builds a real tarball, installs it into a fresh temporary OpenClaw state using the local openclaw/ source checkout, and lists plugins to confirm the package installs cleanly as an archive.

npm run audit:prod checks the published runtime dependency tree only. npm run audit:full includes dev dependencies as well, which is useful for tracking issues inherited from the local OpenClaw test harness and other development-only tooling.

License

MIT