Plugin discovery loads all dist/extensions/ manifests at boot regardless of tools.allow (~500 MB structural heap)

[jpippo364]

Summary

Plugin discovery reads every manifest under dist/extensions/ via readFileSync and runs each through zod validation at boot — even when tools.allow restricts the enabled plugin set to a small subset. For an install with 104 bundled extensions and a 6-plugin allowlist, this contributes ~500 MB of resident heap that scales with bundle size, not user config.

Ask: apply the tools.allow filter at discovery time (before reading/validating the manifest), not only at enable time.

Environment

• OpenClaw version: 2026.4.15 (also reproducible on 2026.3.24)
• Node.js: v22 (macOS, /usr/local/opt/node)
• OS: macOS 15.4 (Darwin 25.4.0)
• Install method: npm i -g openclaw
• Bundled extensions: 104 directories under dist/extensions/
• Active plugins in config: 6 (tools.allow restricts to icecream-ito + a handful of providers)

Evidence

Captured a V8 sampling heap profile (node --heap-prof --heap-prof-interval=524288) against a warm, live gateway with workload. Aggregated top contributors by source file:

MB	%	Location	What it is
127	21.3%	node_modules/openclaw/[zod]	Schema validation — every plugin's tool/config schemas compiled
109	18.4%	node:fs readFileSync	Plugin manifest + skills files read at boot
89	14.9%	node_modules/openclaw/[source-map]	Source-map parsing (separate issue — also exacerbated by N manifests)
36	6.0%	node:vm Script	Module compilation
22	3.8%	node_modules/openclaw/[jiti]	Runtime TS transpile of manifests
20	3.3%	node_modules/openclaw/[json5]	Config parsing
17	2.8%	node_modules/openclaw core	Runtime
10	1.7%	icecream-ito-plugin	User's actual plugin

Combined zod + readFileSync + jiti + json5 + source-map + vm = ~75% of sampled heap (~450 MB) — all module-load overhead proportional to the number of bundled extensions, not the allowlist.

The user's plugin itself is 1.7%. The workload-side state (sessions, conversation history, search indices) is <5% combined and reclaimable by GC. The 500 MB floor is structural and persists across idle.

Current behavior

Discovery walks dist/extensions/*, reads each manifest with readFileSync, transpiles via jiti where needed, and validates with zod — before the tools.allow gate is consulted. With 104 bundled extensions, this happens 104 times at every boot.

The allowlist only prevents instantiation/registration later, not the discovery-time work that built the validated schema graph. Zod schemas, once compiled, are retained for the process lifetime.

Expected behavior

When tools.allow (or equivalent) is non-empty:

1. Enumerate extension directory names only (cheap readdir).
2. Filter against the allowlist.
3. Only then: readFileSync + jiti + zod validate the manifests that survive the filter.

For the 6-of-104 case, this would save ~94% of the discovery cost (~470 MB).

Impact

• Ito (WhatsApp assistant running on a single Mac mini) carries a ~1 GB structural floor it can never drop below, even at idle, entirely for plugins it will never load.
• A --max-old-space-size cap below ~1.5 GB OOMs at boot because ~1 GB is discovery overhead.
• Related: Gateway startup takes 4-10 minutes (603 JS chunks, 2.2GB memory peak) #48644 (startup time + 2.2 GB peak) — same root cause from a different angle. Fixing discovery-time filtering would address both memory and most of the startup time.
• Related: Gateway calls plugin register() ~30x per boot for non-bundled plugins (CostClaw thrash) #69250 (register() thrash per boot) — also plugin-lifecycle-adjacent.

Reproduction

1. Install openclaw globally with all bundled extensions present (104).
2. Configure tools.allow with a small subset (e.g., 6 plugins).
3. Boot the gateway and wait for settle (~5 min).
4. ps -o rss= on the gateway PID → resident ~1.2–1.3 GB.
5. Run node --heap-prof --heap-prof-interval=524288 against the same config and aggregate by file-level location — readFileSync, zod, jiti, json5 dominate.

Heap profile (1.2 MB, loadable in Chrome DevTools → Memory → Load profile) and the aggregator script are available on request — not attaching inline due to GitHub issue size limits.

Workaround

None. The 104 extensions ship inside the openclaw npm package — users can't selectively remove them without breaking the install. Only upstream can filter at discovery.

Suggested fix sketch

In the plugin discovery path, approximately:

const names = await fs.readdir(extensionsDir);
const allowed = config.tools?.allow
  ? names.filter(n => config.tools.allow.includes(n))
  : names;
const manifests = await Promise.all(allowed.map(loadAndValidateManifest));

The loadAndValidateManifest step is where readFileSync + zod compile happens today. Gating that behind the allowlist check is the intended change.

Happy to test a fix against Ito's live config and report before/after RSS numbers.

[clawsweeper]

Codex review: keeping this open for maintainer follow-up; there is still a little grit to resolve.

Workflow note: Future ClawSweeper reviews update this same comment in place.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

Summary
Keep open. Current main and v2026.5.18 still reconstruct the plugin metadata manifest registry for the full installed index before computing the narrowed startup plugin set, and recent user comments report the same bundled-tree scaling cost with plugins.allow.

Reproducibility: yes. at source level: current main still builds the full metadata manifest registry before deriving the narrowed startup plugin plan. I did not run a live heap profile in this read-only review.

Next step
A focused repair can use the existing installed-index pluginIds filter seam and add regression coverage around lookup/snapshot scoping.

Review details

Best possible solution:

Carry a conservative plugin-id scope into metadata snapshot and installed-index registry reconstruction before manifest reads, while preserving existing activation semantics and compatibility modes.

Do we have a high-confidence way to reproduce the issue?

Yes, at source level: current main still builds the full metadata manifest registry before deriving the narrowed startup plugin plan. I did not run a live heap profile in this read-only review.

Is this the best way to solve the issue?

Yes. Discovery-time scoping is the right fix direction, but it should use OpenClaw's existing plugin activation/config rules rather than treating tools.allow as the only source of truth.

Label changes:

• add clawsweeper:queueable-fix: Current issue advisory state selects this label.
• add clawsweeper:fix-shape-clear: Current issue advisory state selects this label.

Label justifications:

• P1: The issue describes gateway OOMs, boot stalls, and per-chat latency from plugin discovery on real user installs.
• impact:crash-loop: The report includes restart/OOM behavior and process-level availability degradation from excessive structural heap and filesystem work.

Acceptance criteria:

• node scripts/run-vitest.mjs src/plugins/plugin-lookup-table.test.ts src/plugins/manifest-registry-installed.test.ts src/plugins/channel-plugin-ids.test.ts src/gateway/server-startup-plugins.test.ts src/gateway/server-plugins.test.ts
• node scripts/run-vitest.mjs src/plugins/plugin-metadata-snapshot.memo.test.ts src/plugins/current-plugin-metadata-snapshot.test.ts src/plugins/manifest-contract-eligibility.test.ts src/plugins/tools.optional.test.ts
• pnpm exec oxfmt --check --threads=1 src/plugins/plugin-metadata-snapshot.ts src/plugins/plugin-metadata-snapshot.types.ts src/plugins/plugin-lookup-table.ts src/plugins/manifest-registry-installed.ts src/plugins/effective-plugin-ids.ts src/plugins/gateway-startup-plugin-ids.ts src/gateway/server-startup-plugins.ts src/gateway/server-plugins.ts
• node scripts/crabbox-wrapper.mjs run ... --shell -- "pnpm check:changed"

What I checked:

• Live issue context: The issue remains open with no protected label, and comments include a Jetson per-chat strace report plus a 2026.5.12 datapoint showing pruning bundled manifests reduces discovery work even with plugins.allow configured.
• Lookup builds metadata before startup scope: loadPluginLookUpTable calls loadPluginMetadataSnapshot first, then computes resolveGatewayStartupPluginPlanFromRegistry, so startup plugin IDs are derived only after the manifest registry exists. (src/plugins/plugin-lookup-table.ts:62, cbf72e5e26ee)
• Metadata snapshot has no scope parameter: LoadPluginMetadataSnapshotParams carries config, workspace, env, index, and persistence flags, but no pluginIds or equivalent narrowed discovery scope. (src/plugins/plugin-metadata-snapshot.types.ts:55, cbf72e5e26ee)
• Metadata registry is reconstructed unscoped: loadPluginMetadataSnapshotImpl calls loadPluginManifestRegistryForInstalledIndex with includeDisabled: true and without pluginIds, so disabled or non-startup records remain candidates for manifest reconstruction. (src/plugins/plugin-metadata-snapshot.ts:815, cbf72e5e26ee)
• Installed-index loader already exposes the missing seam: loadPluginManifestRegistryForInstalledIndex accepts pluginIds and filters index.plugins before converting candidates, which is the likely narrow implementation point. (src/plugins/manifest-registry-installed.ts:438, cbf72e5e26ee)
• Surviving candidates still load manifests: loadPluginManifestRegistry iterates every candidate and calls loadPluginManifest or loadBundleManifest unless bundled manifest metadata is already embedded, matching the reported read/validate cost for an unscoped candidate list. (src/plugins/manifest-registry.ts:958, cbf72e5e26ee)

Likely related people:

• steipete: Recent history unified plugin startup metadata planning and metadata consumers on the lookup/snapshot boundary involved in this issue. (role: recent plugin startup metadata contributor; confidence: high; commits: fecac7e40aef, 25ce2e853f96, da2a8bd6bbc5; files: src/plugins/plugin-lookup-table.ts, src/plugins/plugin-metadata-snapshot.ts, src/plugins/effective-plugin-ids.ts)
• shakkernerd: Recent commits extracted and guarded plugin metadata snapshot reuse, which is the boundary that would need to carry a discovery scope. (role: metadata snapshot boundary contributor; confidence: high; commits: 440fc73448ac, 58b4407cda29, b72414c94e0a; files: src/plugins/plugin-lookup-table.ts, src/plugins/plugin-metadata-snapshot.ts)
• Kaspre: Recent memoization work fixed related repeated-scan behavior but still leaves the first broad manifest materialization path visible here. (role: recent metadata memoization contributor; confidence: medium; commits: f71df8052291, 5734193fdf00; files: src/plugins/plugin-metadata-snapshot.ts, src/plugins/plugin-metadata-snapshot.memo.test.ts)
• vincentkoc: Recent commits touch installed-index and manifest-registry-installed behavior, including the loader layer that already exposes the pluginIds filter seam. (role: adjacent installed-index contributor; confidence: medium; commits: c635f0087ec8, 48b3a1cff97e, 0eef4c49f650; files: src/plugins/manifest-registry-installed.ts, src/plugins/installed-plugin-index.ts)

Remaining risk / open question:

• This read-only pass did not run a live heap, boot, or per-chat profile, so the current impact is source-proven and supported by reporter data rather than locally quantified.
• A fix must preserve auto-enable, configured channel/provider activation, setup diagnostics, workspace-scoped registry behavior, and legacy plugins.bundledDiscovery compatibility while narrowing manifest reads.

Codex review notes: model gpt-5.5, reasoning high; reviewed against cbf72e5e26ee.

[KrasimirKralev]

Adding a per-chat manifestation of the same root cause (AI-assisted analysis with @anthropic-ai/claude-code)

This isn't only a boot-time issue — the same un-filtered discovery scan runs on every chat request, not just at boot. On a Jetson Orin (aarch64, eMMC storage), the per-chat overhead pegs one core at 100% for 90+ seconds before the agent emits any event.

Evidence (strace -c -p <gateway-pid> over a 60s window during a single chat)

% time     seconds  usecs/call     calls    errors syscall
 92.94   55.988229        3859     14508      1401 futex
  2.50    1.503520           2    513822      2663 statx
  2.14    1.288359           4    291815      8169 faccessat
  1.04    0.627819           5    124255      1016 openat
  0.50    0.300543           2    139207           read
  0.40    0.243049           1    123239           close
  0.32    0.194109           3     50518           getdents64

Top files re-opened per chat (strace -e openat -y, 20s window)

102x  .../openclaw/dist/extensions/googlechat/openclaw.plugin.json
102x  .../openclaw/dist/extensions/feishu/openclaw.plugin.json
102x  .../openclaw/dist/extensions/discord/openclaw.plugin.json
102x  .../openclaw/dist/extensions/bluebubbles/openclaw.plugin.json
101x  .../openclaw/dist/extensions/whatsapp/openclaw.plugin.json
... (30+ more channel/messenger plugins)

Each plugin manifest is opened ~100 times in 20 seconds. The plugins are not in tools.allow and not in plugins.entries.<name>.enabled in our config — only deepseek and openai are enabled — yet the discovery scan still reads them.

Process state during the slowdown

Sample	CPU	RSS	External conns
t+10ms after chat.send ack	101%	819 MB	0
t+30s	101%	861 MB	0
t+60s	101%	900 MB	0
t+95s	101%	1008 MB	0

Zero network calls during the 95-second window. Pure CPU + filesystem on our side.

Validation: pruning unused extensions fixes it

As a workaround test, we deleted the dist/extensions/{whatsapp,signal,telegram,slack,msteams,discord,googlechat,feishu,...} directories (kept only deepseek, openai, anthropic, google, openrouter, browser, memory-core, ollama, llamacpp — 8 of 33+) and restarted:

Phase	Before (33 plugins)	After (8 plugins)	Speedup
Connect handshake → ack	880ms	90ms	10×
Time to first agent event	96s	13s	7×

Same install, same config, same chat message. The only change is the file count under dist/extensions/. This isolates the bottleneck to filtered-after-read discovery, exactly as this issue describes.

Why the per-chat angle matters

The boot-time memory cost is paid once. The per-chat re-read pattern means every chat user pays the latency tax repeatedly. The proposed fix (apply tools.allow / plugins.entries.*.enabled at discovery time, before the readFileSync/zod step) addresses both manifestations with one change.

Environment

• OpenClaw 2026.4.29
• Node 22, aarch64 (NVIDIA Jetson Orin), Ubuntu 22.04
• 33 bundled extensions in our install (we removed channels we don't use; a default install would be ~104 like the original reporter's)
• Surfaced from the ClawBox Jetson distribution

[ndj888]

Additional 2026.5.12 datapoint: the same class of issue is still visible with the current bundled plugin layout and plugins.allow.

Environment:

• OpenClaw 2026.5.12 (npm global)
• Debian Linux, Node v22.22.1
• Package path: /home/openclaw/.npm-global/lib/node_modules/openclaw/dist

Observed layout before/after pruning:

• Full bundled tree: dist/extensions-full has 93 top-level dirs, 1550 files, 89 openclaw.plugin.json manifests, about 8.1 MB.
• Pruned runtime tree: dist/extensions has 13 top-level dirs, 228 files, 9 bundled manifests, about 1.3 MB.
• Persisted registry after refresh on the pruned tree: 13 total records = 9 bundled + 4 external installed plugins.

The speedup mechanism is consistent with this issue:

1. plugins.allow is useful and safer than physically deleting arbitrary directories because it prevents activation/loading of plugins outside the allowlist.
2. However, discovery still scales with the available bundled tree. If the full bundled tree is present, OpenClaw still has to enumerate/read/validate many bundled manifests before it can know which plugin ids exist and apply policy.
3. Physically pruning dist/extensions reduces that discovery input set, so registry refresh/startup work drops from 89 bundled manifests to 9 bundled manifests in this installation.
4. This is why pruning can be noticeably faster even when plugins.allow is configured.

One practical footgun from testing: plugins.allow is a strict allowlist. External installed plugins such as nextcloud-talk, brave, memory-lancedb, and codex must also be included, otherwise they are effectively blocked even if plugins.entries.<id>.enabled=true.

For this host, the functional allow/pruned set currently used is:

active-memory
brave
browser
codex
deepseek
document-extract
image-generation-core
media-understanding-core
memory-core
memory-lancedb
memory-wiki
nextcloud-talk
openai
openrouter
speech-core
video-generation-core
web-readability

A possible product fix would be a first-class "bundled plugin discovery allowlist" or lazy indexed catalog so plugins.allow can reduce discovery/validation cost without users needing to manually prune dist/extensions.