feat(plugin-sdk): add LLM completion API to plugin

[DaevMithran]

Summary

• Problem: Plugins and context engines cannot make LLM calls
• Why it matters: Context engines and Plugins that want custom LLM-driven compaction or relevance scoring, must either delegate to the runtime or go through the agent loop (costing an LLM turn).
• What changed: Added api.runtime.llm.complete() for single-shot LLM inference on PluginRuntimeCore. Extended ContextEngineRuntimeContext so context engines receive these capabilities in compact(), afterTurn(), and maintain().
• What did NOT change (scope boundary): No changes to the agent loop, tool execution, streaming, or session persistence. No new auth system — both APIs reuse the agent's existing credentials and model resolution. No changes to existing plugin registration APIs.

Change Type

• Feature

Scope (select all touched areas)

• Skills / tool execution
• API / contracts

User-visible / Behavior Changes

• Plugins gain api.runtime.llm.complete() — single-shot LLM completion using the agent's auth and model config.
• Context engines receive runtimeContext.llm in compact(), afterTurn(), and maintain() hooks.
• New SDK type exports: PluginLlmCompleteParams, PluginLlmCompleteResult, PluginLlmCompleteMessage.

Diagram (if applicable)

N/A

Security Impact (required)

• New permissions/capabilities? Yes — plugins can now invoke LLM completions.
• Secrets/tokens handling changed? No — reuses existing agent auth profiles.
• New/changed network calls? No — uses the same model inference path.
• Data access scope changed? No

Compatibility / Migration

• Backward compatible? Yes
• Config/env changes? No
• Migration needed? No

[greptile-apps]

Greptile Summary

This PR adds api.runtime.llm.complete() and api.runtime.sandbox.exec() to PluginRuntimeCore, and wires both capabilities into ContextEngineRuntimeContext so context engines receive them in compact(), afterTurn(), and maintain(). The implementation uses proper policy checks (isToolAllowed) for sandbox execution and lazy loading via *.runtime.ts boundaries.

Confidence Score: 5/5

Safe to merge — the new LLM and sandbox APIs are correctly gated by existing policy checks and use proven lazy-loading patterns; all remaining findings are P2 style suggestions.

Both APIs correctly delegate policy enforcement to existing mechanisms (isToolAllowed for sandbox, agent auth for LLM). The process-wide capability caching is sound because the factories are stateless (config is read inside each call closure). No correctness, data-integrity, or security defects were found. The two flagged items are a codebase-style rule violation (dynamic vs. static import mixing) and a missing test isolation mock — neither affects runtime behavior.

src/agents/pi-embedded-runner/compact.ts (dynamic import inconsistency) and src/agents/pi-embedded-runner/run/attempt.test.ts (missing capabilities mock).

Prompt To Fix All With AI

This is a comment left during a code review.
Path: src/agents/pi-embedded-runner/compact.ts
Line: 1329-1331

Comment:
**Dynamic import mixed with static imports of the same module**

`context-engine-capabilities.js` is imported statically in `context-engine-maintenance.ts` and `attempt.prompt-helpers.ts`, but dynamically here in `compact.ts`. The repo's dynamic-import guardrail in `CLAUDE.md` prohibits mixing `await import("x")` and `import ... from "x"` for the same module in production code paths.

Since the static imports elsewhere already pull this module into the bundle at load time, the dynamic import here buys no laziness. Convert to a static import at the top of `compact.ts` to stay consistent:

```suggestion
          ...(await resolveContextEngineCapabilities()),
```

(With a corresponding static `import { resolveContextEngineCapabilities } from "./context-engine-capabilities.js";` added at the top of the file.)

How can I resolve this? If you propose a fix, please make it concise.

---

This is a comment left during a code review.
Path: src/agents/pi-embedded-runner/run/attempt.test.ts
Line: 1895

Comment:
**Missing mock for `context-engine-capabilities.js`**

`buildAfterTurnRuntimeContext` now calls `resolveContextEngineCapabilities()`, which dynamically imports the real `runtime-llm.runtime.ts` and `runtime-sandbox.runtime.ts` modules on its first invocation during these tests. `context-engine-maintenance.test.ts` correctly guards against this with a `vi.mock` stub, but this file does not. Add the same mock near the top of this file so tests stay isolated from those runtime surfaces:

```ts
vi.mock("../context-engine-capabilities.js", () => ({
  resolveContextEngineCapabilities: async () => ({ llm: undefined, sandbox: undefined }),
}));
```

How can I resolve this? If you propose a fix, please make it concise.

_{Reviews (1): Last reviewed commit: "feat(plugin-sdk): add LLM completion and..." | Re-trigger Greptile}

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: d68dc4563d

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: fc1c91ee1d

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[clawsweeper]

Codex review: needs real behavior proof before merge.

Summary
Adds api.runtime.llm.complete to plugin and context-engine runtime contexts, with SDK types, per-plugin config policy, docs, tests, generated baselines, and changelog coverage.

Reproducibility: not applicable. this is a feature PR, not a bug report. Source inspection shows current main lacks the LLM runtime API while the PR head adds the SDK, runtime, context-engine, docs, config, and test surfaces.

Real behavior proof
Needs real behavior proof before merge: The PR body/comments do not include after-fix real behavior proof showing api.runtime.llm.complete working in a real setup. After adding proof, update the PR body; ClawSweeper should re-review automatically. If it does not, ask a maintainer to comment @clawsweeper re-review.

Next step before merge
Human review is needed because this external feature PR lacks required real behavior proof and changes public SDK/config contracts.

Security
Cleared: No concrete security or supply-chain regression was found; the diff adds no dependencies, workflows, scripts, or lockfile changes, and model/agent overrides are config-gated.

Review details

Best possible solution:

Land this PR or a maintainer-owned replacement once live proof and API approval are in place, preserving the request-scoped identity and config-gated override policy.

Do we have a high-confidence way to reproduce the issue?

Not applicable: this is a feature PR, not a bug report. Source inspection shows current main lacks the LLM runtime API while the PR head adds the SDK, runtime, context-engine, docs, config, and test surfaces.

Is this the best way to solve the issue?

Unclear as a merge decision: the implementation direction is plausible and latest checks are green, but the PR still needs real behavior proof and maintainer approval for the public API/config shape.

Acceptance criteria:

• pnpm check:test-types
• pnpm test src/plugins/runtime/runtime-llm.runtime.test.ts src/agents/pi-embedded-runner/compact.hooks.test.ts src/config/config-misc.test.ts src/plugins/config-state.test.ts
• pnpm check:changed
• pnpm build

What I checked:

• Current main lacks SDK surface: Search on current main found no runtime.llm, api.runtime.llm, LlmComplete, or resolveContextEngineCapabilities; PluginRuntimeCore has no llm member in the current file. (src/plugins/runtime/types-core.ts:96, 6cfb08680e71)
• PR adds public runtime contract: Latest PR head adds LlmCompleteParams, LlmCompleteResult, and PluginRuntimeCore.llm.complete to the plugin runtime type surface. (src/plugins/runtime/types-core.ts:111, 3042195ff2c1)
• PR adds host completion runtime: Latest PR head adds createRuntimeLlm, resolves request-scoped caller/policy, gates model and agent overrides, prepares the selected agent model, and passes allowMissingApiKeyModes: ["aws-sdk"]. (src/plugins/runtime/runtime-llm.runtime.ts:355, 3042195ff2c1)
• PR binds context-engine completions to sessions: Latest PR head adds resolveContextEngineCapabilities, deriving an active session agent and creating a session-bound llm.complete capability for context-engine hooks. (src/agents/pi-embedded-runner/context-engine-capabilities.ts:55, 3042195ff2c1)
• Docs and config updated: The PR documents api.runtime.llm.complete and adds plugins.entries.<id>.llm.* configuration reference/schema entries plus a changelog entry. Public docs: docs/plugins/sdk-runtime.md. (docs/plugins/sdk-runtime.md:138, 3042195ff2c1)
• Latest checks are green: Latest check-runs for head 3042195ff2c1... have no incomplete or failing required-style entries after excluding skipped/neutral checks; check-test-types is now successful. (3042195ff2c1)

Likely related people:

• steipete: Recent current-main history repeatedly touches plugin runtime contracts and the simple-completion runtime path this PR builds on. (role: plugin runtime and simple-completion adjacent owner; confidence: high; commits: 5aefe6abd6be, 67a447c17530, de20d3a02412; files: src/plugins/runtime/types-core.ts, src/plugins/runtime/index.ts, src/agents/simple-completion-runtime.ts)
• jalehman: Current-main history introduced and maintained context-engine runtime/maintenance context, and the PR’s later hardening commits also route through this area. (role: context-engine runtime maintainer; confidence: high; commits: 751d5b7849ca, 75e7fc97f804, e46e32b98c04; files: src/context-engine/types.ts, src/agents/pi-embedded-runner/context-engine-maintenance.ts, src/agents/pi-embedded-runner/run/attempt.prompt-helpers.ts)
• vincentkoc: Recent current-main commits split plugin SDK/runtime contract and cycle-sensitive seams relevant to adding a lazy public runtime surface. (role: adjacent SDK and import-boundary maintainer; confidence: medium; commits: 43a2156d1f50, 74e7b8d47b18, 7308e72fac98; files: src/plugin-sdk/index.ts, src/plugins/runtime/types-core.ts, src/plugins/runtime/index.ts)

Remaining risk / open question:

• The PR still lacks required after-fix real behavior proof from a live OpenClaw plugin or context-engine completion path.
• This adds a new public SDK capability and config policy surface, so maintainer API/product approval is still needed before merge.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 6cfb08680e71.

[jalehman]

Merged via squash.

• Prepared head SHA: 453c0c0a68437da9a697cb4af8ae537ebd5321dc
• Merge commit: 9e1e59717ffd04609a5165edf9af0c789dcc2621

Thanks @DaevMithran!