@visiq/openclaw-plugin is an OpenClaw plugin that routes
every tool call through VisIQ’s action and retrieval governance and feeds the
audit trail. It installs from npm and requires OpenClaw 2026.5.18 or newer.
What it does
The plugin registers six OpenClaw hooks:
The retrieval facet is pre-seeded for ten tool names:
web_search, x_search,
web_fetch, tool_search, tool_describe, get_account, get_transactions,
get_devices, check_watchlist, and search_knowledge. Namespaced tools
(mcp__brave__web_search) match on the segment after the last __. The set is
a fast-path default, not a governance boundary — tools outside it still get
full action governance on every call.
Decisions evaluate in-process against the agent’s rule bundle, which the plugin
pre-warms before the first call — registering a human approval is the only decision-path network call. New agents
auto-provision in monitor mode on first contact: every decision is
evaluated and recorded, but nothing is blocked until you switch the agent to
enforce (see Verifying the install).
Interactive setup
You need a harness API key (vq_test_ or vq_prod_). The guided setup on the
OpenClaw card under Integration → Connectors mints a scoped key for you;
you can also create one under Settings → Harness Keys. Then install and
configure the plugin:
The
--dangerously-force-unsafe-install flag is required. OpenClaw’s install
scanner blocks any plugin that reads environment variables and makes network
calls, flagging it as “possible credential harvesting”. The VisIQ plugin does
exactly that by design — it reads VISIQ_API_KEY and sends governance
decisions to your VisIQ backend — so this is an expected false positive for a
governance plugin. Without the flag the install is hard-blocked.openclaw gateway run runs the gateway in the foreground and serves the
Control UI at http://localhost:18789. To run it as a background service
(launchd / systemd / schtasks) instead:
Automated / CI setup
For pipelines, containers, and anywhere without an interactive TTY, supply credentials via environment variables and run the gateway headless:visiq-openclaw-plugin helper bin (npx @visiq/openclaw-plugin configure)
that writes credentials into ~/.openclaw/openclaw.json — interactive on a
TTY, or non-interactive from the VISIQ_* env vars when there is none.
Credential resolution precedence
The plugin resolves credentials in this order (highest priority first):- CLI flags:
--api-key/--agent-id/--base-url - Environment variables:
VISIQ_API_KEY/VISIQ_AGENT_ID/VISIQ_BASE_URL(VISIQ_ENDPOINTis accepted as a base-URL fallback;VISIQ_BASE_URLwins when both are set) - JSON file at the path in
VISIQ_CONFIG_PATH ~/.openclaw/openclaw.json→plugins.entries["@visiq/openclaw-plugin"].config- Interactive prompt (only when both stdout and stdin are terminals)
Fail-open vs fail-closed
- Unconfigured (missing credentials): every hook no-ops. A single structured warning is emitted to stderr explaining how to configure the plugin. This fail-open behavior is by design — the plugin should never break OpenClaw on first install before credentials are provisioned.
- Governance evaluation errors: fail-closed. The tool call is blocked
with a clear
[VisIQ ...]-prefixed reason. - Telemetry errors: never affect agent behavior. Failures are logged to stderr and swallowed — telemetry is best-effort.
Verifying the install
Start the gateway and trigger aweb_search. In the dashboard at
app.visiqlabs.com, the agent appears under
Harness → Agents tagged as a CLI Harness, and the decision appears in the
Harness → Runtime Enforcement ledger. Governed decisions feed the audit
trail, including signed decision receipts.
When the recorded decisions look right, open the agent on the Agents page and
switch its mode from Monitor — Log only to Enforce — Block. The mode is
server-authoritative and per-agent; the plugin picks it up with its next rule
bundle refresh.