feat: dogfood reusable ClawHub package publish

[Patrick-Erichsen]

Summary

• Pack OpenClaw ClawHub plugin releases as prebuilt ClawPack artifacts before publish.
• Delegate the final publish/validation step to ClawHub's reusable package-publish.yml workflow at merged ClawHub commit c9bb13023598dcc547fdf4a93b9d42512b8c8854.
• Preserve the clawhub-plugin-release environment approval as a separate gate before the reusable workflow runs.
• Add artifact-safe release-plan names and --pack support to the OpenClaw publish helper.

Tests

• ./node_modules/.bin/vitest run --config test/vitest/vitest.tooling.config.ts test/plugin-clawhub-release.test.ts test/scripts/package-acceptance-workflow.test.ts (passed before final pin update from PR SHA to merged ClawHub SHA)
• bash -n scripts/plugin-clawhub-publish.sh && git diff --check
• rg assertion verified the final workflow/test pin uses c9bb13023598dcc547fdf4a93b9d42512b8c8854 and no stale 0a74b345 / 98dbb6e6 / facf20ce pins remain

Note: a final rerun of the Vitest command after the SHA-only pin update was blocked locally by Node startup hangs; the final code delta after the passing run was only the ClawHub commit SHA replacement, covered by the shell assertion above.

[clawsweeper]

Codex review: needs real behavior proof before merge. Reviewed June 8, 2026, 11:10 PM ET / 03:10 UTC.

Summary
The PR changes the Plugin ClawHub Release workflow to prepack ClawPack artifacts, upload them, delegate publishing to a pinned ClawHub reusable workflow, and adds --pack plus artifact-name support and workflow assertions.

PR surface: Tests +84, Config -12, Other +25. Total +97 across 5 files.

Reproducibility: yes. for the review finding: source inspection shows the PR uses package_artifact_name, the pinned ClawHub workflow rejects source_path with prebuilt artifacts, and the CLI defaults tarball publish source paths to .. A live workflow dispatch has not been provided.

Review metrics: 2 noteworthy metrics.

• Reusable publish delegation: 1 reusable workflow call added. The final ClawHub publish now runs in openclaw/clawhub, so permissions, secrets, artifacts, and provenance depend on the pinned external workflow contract.
• Pack helper surface: 1 script mode added, 1 required env for that mode. The --pack handoff now determines which ClawPack artifact is uploaded before the release approval and reusable publish steps.

Merge readiness
Overall: 🧂 unranked krab
Proof: 🧂 unranked krab
Patch quality: 🧂 unranked krab
Result: blocked until real behavior proof is added.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

• [P1] Fix the prebuilt artifact publish contract so OpenClaw passes and ClawHub records extensions/<plugin> as the source path.
• [P1] Add or update focused workflow assertions that fail if plugin source-path provenance is omitted.
• [P1] Add redacted real workflow dispatch or reusable publish output after the fix.

Proof guidance:

• [P1] Needs real behavior proof before merge: Missing: the PR body lists tests/static checks only, so the contributor should add redacted workflow-dispatch or ClawHub reusable publish output, update the PR body to trigger re-review, and redact secrets, IPs, private endpoints, phone numbers, and other private details.

Risk before merge

• [P1] Merging as-is can publish OpenClaw plugin package provenance with source.path set to . instead of extensions/<plugin>, weakening release auditability for official ClawHub packages.
• [P1] The PR moves final publishing into a pinned reusable workflow that receives CLAWHUB_TOKEN and id-token: write, but no redacted workflow dispatch or reusable publish output proves the end-to-end path after the patch.
• [P1] The PR carries the protected maintainer label and changes release publishing gates, so release-owner review is needed even after the concrete provenance bug is fixed.

Maintainer options:

1. Fix artifact provenance before merge (recommended)
   Update or repin the ClawHub reusable workflow so prebuilt artifact publishes can carry a provenance source path, pass matrix.plugin.packageDir, and prove it with focused tests plus a redacted dispatch log.
2. Accept root-level provenance explicitly
   Release owners could intentionally accept repo-root package provenance for OpenClaw plugin artifacts, but that should be documented as a deliberate auditability tradeoff before landing.
3. Pause until ClawHub supports the contract
   If ClawHub’s reusable workflow is not ready to support monorepo artifact provenance, keep this PR paused or close it in favor of a narrower follow-up after the upstream contract exists.

Next step before merge

• [P1] This needs release-owner handling because the fix depends on the ClawHub reusable workflow contract and the PR has a protected maintainer label.

Security
Needs attention: The diff changes official ClawHub package publishing and currently loses plugin source-path provenance in the artifact publish path.

Review findings

• [P1] Preserve source path when publishing prebuilt artifacts — .github/workflows/plugin-clawhub-release.yml:452

Review details

Best possible solution:

Keep the reusable workflow direction only after the pinned ClawHub workflow can carry monorepo source-path provenance for prebuilt artifacts, OpenClaw passes each plugin packageDir through, focused tests cover it, and a redacted real workflow run proves the path.

Do we have a high-confidence way to reproduce the issue?

Yes for the review finding: source inspection shows the PR uses package_artifact_name, the pinned ClawHub workflow rejects source_path with prebuilt artifacts, and the CLI defaults tarball publish source paths to .. A live workflow dispatch has not been provided.

Is this the best way to solve the issue?

No, not yet. Delegating publish to ClawHub is a plausible owner-boundary direction, but the best fix must preserve plugin subdirectory provenance and prove the real publish path before merge.

Full review comments:

• [P1] Preserve source path when publishing prebuilt artifacts — .github/workflows/plugin-clawhub-release.yml:452
  This switches the caller to package_artifact_name, but the pinned ClawHub workflow rejects source_path when a prebuilt artifact is used and then invokes the CLI without --source-path. The CLI defaults tarball publish source metadata to ., so OpenClaw plugin releases would point at the repo root instead of extensions/<plugin>, losing the monorepo provenance the current direct publish path preserves.
  Confidence: 0.91

Overall correctness: patch is incorrect
Overall confidence: 0.9

AGENTS.md: found and applied where relevant.

Codex review notes: model gpt-5.5, reasoning high; reviewed against c9050c982d95.

Label changes

Label justifications:

• P2: This is a normal-priority release automation improvement with a concrete pre-merge blocker, not an active user-facing outage.
• merge-risk: 🚨 automation: The PR rewires the Plugin ClawHub Release workflow around artifact upload and a reusable workflow call, so release automation behavior can change even with unit tests green.
• merge-risk: 🚨 security-boundary: The PR changes official package publishing provenance and passes publish credentials/OIDC through a pinned reusable workflow, which is a supply-chain boundary.
• rating: 🧂 unranked krab: Overall readiness is 🧂 unranked krab; proof is 🧂 unranked krab and patch quality is 🧂 unranked krab.
• status: 📣 needs proof: The PR needs real behavior proof before ClawSweeper can clear the contributor ask. Needs real behavior proof before merge: Missing: the PR body lists tests/static checks only, so the contributor should add redacted workflow-dispatch or ClawHub reusable publish output, update the PR body to trigger re-review, and redact secrets, IPs, private endpoints, phone numbers, and other private details.

Evidence reviewed

PR surface:

Tests +84, Config -12, Other +25. Total +97 across 5 files.

View PR surface stats

Area	Files	Added	Removed	Net
Source	0	0	0	0
Tests	2	90	6	+84
Docs	0	0	0	0
Config	1	61	73	-12
Generated	0	0	0	0
Other	2	29	4	+25
Total	5	180	83	+97

Security concerns:

• [medium] Official package provenance can point at repo root — .github/workflows/plugin-clawhub-release.yml:452
  The reusable artifact publish path cannot carry source_path, so official OpenClaw plugin releases would be recorded against the repository root instead of the package directory, weakening supply-chain auditability.
  Confidence: 0.9

What I checked:

• Repository policy read: Root AGENTS.md and the scoped scripts/test guides were read; their release automation, security-boundary, proof, and script wrapper rules are relevant to this PR. (AGENTS.md:1, c9050c982d95)
• Current main behavior: Current main still publishes via scripts/plugin-clawhub-publish.sh --publish, and that helper sends --source-path "${package_dir}", so current direct publishing preserves monorepo plugin source paths. (scripts/plugin-clawhub-publish.sh:122, c9050c982d95)
• PR caller behavior: The PR head calls ClawHub's reusable workflow in prebuilt artifact mode with package_artifact_name, source_repo, source_commit, and source_ref, but it does not pass a package source path for matrix.plugin.packageDir. (.github/workflows/plugin-clawhub-release.yml:448, 76d36d543392)
• ClawHub reusable workflow contract: The pinned ClawHub workflow defines source_path, but explicitly rejects source_path when package_artifact_name resolves to a prebuilt artifact; it only appends --source-path to the CLI command when that input is set. (openclaw/clawhub/.github/workflows/package-publish.yml:384, c9bb13023598)
• ClawHub CLI source provenance fallback: For tarball publishes with sourceRepo and sourceCommit but no sourcePath, ClawHub's CLI builds publish source metadata with path: rawPath || ".", which would point OpenClaw plugin releases at the repository root. (openclaw/clawhub/packages/clawhub/src/cli/commands/packages.ts:2227, c9bb13023598)
• Test coverage gap: The PR updates workflow string assertions for the reusable workflow and artifact name, but the assertions do not prove source-path provenance is preserved through the artifact publish path. (test/scripts/package-acceptance-workflow.test.ts:1567, 76d36d543392)

Likely related people:

• vincentkoc: Current main blame and file history for the OpenClaw ClawHub release workflow and helper point to recent Vincent Koc commits that own the existing release path being changed. (role: recent OpenClaw release workflow contributor; confidence: high; commits: 5f6ee9f913c7, 3ed8d5f2c39b; files: .github/workflows/plugin-clawhub-release.yml, scripts/plugin-clawhub-publish.sh, scripts/lib/plugin-clawhub-release.ts)
• Patrick-Erichsen: The pinned ClawHub commit adding prebuilt package publish artifacts and recent package publish command history are authored by Patrick-Erichsen, so the cross-repo workflow contract issue likely routes through that area. (role: ClawHub reusable workflow and package publish contributor; confidence: high; commits: c9bb13023598, be70ae5e9f9c; files: openclaw/clawhub/.github/workflows/package-publish.yml, openclaw/clawhub/packages/clawhub/src/cli/commands/packages.ts)
• steipete: ClawHub workflow history shows Peter Steinberger authored the earlier monorepo package publish support, which is the invariant this PR needs to preserve for OpenClaw plugin packages. (role: adjacent ClawHub monorepo provenance contributor; confidence: medium; commits: 768a50149eee; files: openclaw/clawhub/.github/workflows/package-publish.yml)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.