diagnostics-otel: bundled-only origin gate prevents external installs from receiving internal diagnostics

[mjunaidca]

Summary

Externally-installed diagnostics-otel plugins are silently denied access to internal diagnostics events because the grantsInternalDiagnostics capability is gated on origin === "bundled". Plugins installed via clawhub: or npm: get origin: "global" and the gate fails closed — the plugin loads but receives no events.

Environment

• OpenClaw 2026.5.3-1 (Homebrew install)
• macOS 25.2.0
• Node 25.6.0

Reproduction

# Install via clawhub or npm (not bundled):
openclaw plugins install clawhub:@openclaw/diagnostics-otel
openclaw plugins enable diagnostics-otel
openclaw config set diagnostics.otel.enabled true
# … set endpoint + auth …
openclaw gateway restart --wait 30s

# Run a turn:
openclaw agent --message 'hi' --agent main --to '+15555550100' --json

Observed

Plugin loads, registers, reports enabled: true, but no spans reach the configured OTLP endpoint. Gateway log shows nothing under the diagnostics-otel scope.

openclaw plugins inspect diagnostics-otel --runtime --json shows origin: "global", capability list empty.

Runtime source dist/services-DsZ94lnU.js checks:

if (origin === "bundled") { /* grants grantsInternalDiagnostics */ }

Nothing else flips that capability for non-bundled installs.

Expected

Either:

• (a) clawhub: and npm: installs of the same @openclaw/diagnostics-otel package receive grantsInternalDiagnostics (treat npm install of the canonical package as trusted); OR
• (b) The gate is documented and a clean opt-in path is provided (e.g. config flag, --trust install option) so operators can choose to enable it; OR
• (c) The paramsSummary broadcast stream is replaced with a public hook surface that any plugin can subscribe to without internal-diagnostics privilege (related to #N+1 below).

Local workaround

Manually copy plugin into dist/extensions/ so origin: "bundled" is computed. Fragile and undocumented — breaks on every OpenClaw upgrade.

Why this matters

Operators who want OTel observability cannot ship a third-party tracing plugin without resorting to runtime-source patching. This blocks production deployments that don't want to vendor the entire OpenClaw runtime.

Related

The bundled-only path also has a content-emission issue tracked separately as Issue #N+1.

[clawsweeper]

Thanks for the context here. I did a careful shell check against current main, and this is already implemented.

Current main now implements a narrow trusted official-install path for diagnostics exporters, so externally installed official diagnostics-otel packages can receive internal diagnostics without granting the capability to arbitrary global plugins.

So I’m closing this as already implemented rather than keeping a duplicate issue open.

Review details

Best possible solution:

Keep the current trusted official-install implementation and let the separate content-capture behavior continue under its own related issue.

Do we have a high-confidence way to reproduce the issue?

No on current main. Source inspection shows official installed diagnostics exporters now pass through trustedOfficialInstall and receive internalDiagnostics, while untrusted and spoofed cases remain denied by tests.

Is this the best way to solve the issue?

Yes. The current fix is narrower than a broad id-only grant because it requires a matching install record, official catalog metadata, canonical npm or official ClawHub provenance, and a diagnostics exporter service id match.

Security review:

Security review cleared: No new patch is under review, and current main preserves the diagnostics trust boundary by limiting access to bundled or verified official installs.

What I checked:

• Current service gate: createServiceContext grants internalDiagnostics to diagnostics exporter services when the service id matches the plugin id and the plugin is either bundled or marked trustedOfficialInstall. (src/plugins/services.ts:27, a7b665cfed34)
• Trusted official install detection: isTrustedOfficialPluginInstall only marks global/config candidates trusted when they match an install record, the official external catalog package, the expected plugin id, and either the canonical npm spec or official ClawHub package/channel metadata. (src/plugins/manifest-registry.ts:672, a7b665cfed34)
• Diagnostics OTel official catalog entry: The official external plugin catalog maps @openclaw/diagnostics-otel to plugin id diagnostics-otel with both clawhub:@openclaw/diagnostics-otel and @openclaw/diagnostics-otel install specs. (scripts/lib/official-external-plugin-catalog.json:53, a7b665cfed34)
• Regression coverage: The service test now expects trusted official installs to receive internalDiagnostics, while workspace-origin and spoofed plugin-id cases remain denied. (src/plugins/services.test.ts:186, a7b665cfed34)
• Exporter still requires capability: The diagnostics-otel service still returns early when ctx.internalDiagnostics is absent, so the fixed trust marker is the relevant runtime path for externally installed official packages. (extensions/diagnostics-otel/src/service.ts:2163, a7b665cfed34)
• Packaged install is documented: The OpenTelemetry docs continue to describe packaged installs via openclaw plugins install clawhub:@openclaw/diagnostics-otel, matching the fixed official-install trust path. Public docs: docs/gateway/opentelemetry.md. (docs/gateway/opentelemetry.md:30, a7b665cfed34)

Likely related people:

• steipete: Peter Steinberger authored the current main fix commit for trusted official diagnostics installs and the prior ClawSweeper review context also routes the diagnostics service gate, tests, docs, and exporter feature history to him. (role: recent maintainer and fix author; confidence: high; commits: 06056926a099, 061af13bf3fc, 5c4079f66cc0; files: src/plugins/services.ts, src/plugins/services.test.ts, src/plugins/manifest-registry.ts)

Codex review notes: model gpt-5.5, reasoning high; reviewed against a7b665cfed34; fix evidence: commit 06056926a099, main fix timestamp 2026-05-04T13:39:23-07:00.