{
"issues": [
{
"type": "npm-audit",
"message": "@anthropic-ai/sdk: Claude SDK for TypeScript has Insecure Default File Permissions in Local Filesystem Memory Tool",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@aws-sdk/xml-builder: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@hono/node-server: @hono/node-server: Middleware bypass via repeated slashes in serveStatic",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "@protobufjs/utf8: protobufjs has overlong UTF-8 decoding",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "axios: Axios has a NO_PROXY Hostname Normalization Bypass that Leads to SSRF",
"severity": "high"
},
{
"type": "npm-audit",
"message": "basic-ftp: basic-ftp: Incomplete CRLF Injection Protection Allows Arbitrary FTP Command Execution via Credentials and MKD Commands",
"severity": "high"
},
{
"type": "npm-audit",
"message": "brace-expansion: brace-expansion: Large numeric range defeats documented `max` DoS protection",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "express-rate-limit: Vulnerability found",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "fast-uri: fast-uri vulnerable to path traversal via percent-encoded dot segments",
"severity": "high"
},
{
"type": "npm-audit",
"message": "fast-xml-builder: fast-xml-builder allows attribute values with unwanted quotes to bypass malicious or unwanted attributes",
"severity": "high"
},
{
"type": "npm-audit",
"message": "fast-xml-parser: fast-xml-parser XMLBuilder: XML Comment and CDATA Injection via Unescaped Delimiters",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "follow-redirects: follow-redirects leaks Custom Authentication Headers to Cross-Domain Redirect Targets",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "hono: Hono missing validation of cookie name on write path in setCookie()",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "ip-address: ip-address has XSS in Address6 HTML-emitting methods",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "openclaw: OpenClaw: Authenticated `/hooks/wake` and mapped `wake` payloads are promoted into the trusted `System:` prompt channel",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "postcss: PostCSS has XSS via Unescaped </style> in its CSS Stringify Output",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "protobufjs: Arbitrary code execution in protobufjs",
"severity": "critical"
},
{
"type": "npm-audit",
"message": "uuid: uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided",
"severity": "medium"
},
{
"type": "npm-audit",
"message": "vite: Vite Vulnerable to Path Traversal in Optimized Deps `.map` Handling",
"severity": "high"
},
{
"type": "npm-audit",
"message": "ws: ws: Uninitialized memory disclosure",
"severity": "medium"
}
],
"status": "FAILED",
"scannedAt": "2026-05-20T07:44:04.909Z",
"semgrepRan": false,
"npmAuditRan": true,
"pipAuditRan": true
}
README.md
openclaw-claude-code
Programmable bridge that turns coding CLIs into headless, agentic engines — persistent sessions, multi-engine orchestration, multi-agent council, and dynamic runtime control.
Why This Exists
Claude Code and Codex are powerful coding CLIs, but they're designed for interactive use. If you want AI agents to programmatically drive coding sessions — start them, send tasks, manage context, coordinate teams, switch models mid-conversation — you need a control layer.
This project wraps coding CLIs and exposes their capabilities as a clean, tool-based API. Your agents get persistent sessions, real-time streaming, multi-model routing, multi-engine support, and multi-agent council orchestration.
Why not just use the Claude API directly? The API gives you completions. This gives you a fully managed coding agent — file editing, tool use, git awareness, context management, and multi-turn conversations — all without building the orchestration yourself.
Drive Claude Code, OpenAI Codex, Google Gemini, Cursor Agent, or any custom coding CLI through a unified ISession interface. Each engine manages its own subprocess, events, and cost tracking.
See Multi-Engine for architecture and adding new engines.
Multi-Agent Council
Multiple agents collaborate in parallel on the same codebase with git worktree isolation, consensus voting, and a two-phase protocol (plan then execute).
Dedicated Opus planning session that explores your project for up to 30 minutes and produces a detailed implementation plan.
const plan = manager.ultraplanStart('Add OAuth2 support with Google and GitHub providers', {
cwd: '/project',
});
// Poll: manager.ultraplanStatus(plan.id)
Ultrareview
Fleet of 5-20 bug-hunting agents that review your codebase in parallel, each from a different angle (security, performance, logic, types, etc.).
Drop-in backend for any OpenAI-compatible webchat frontend. Stateful sessions maximize Anthropic prompt caching (90% discount on cached tokens).
# Start the server
claude-code-skill serve
# Use with any OpenAI client
curl http://127.0.0.1:18796/v1/chat/completions \
-H "Content-Type: application/json" \
-d '{"model":"claude-sonnet-4-6","messages":[{"role":"user","content":"Hello!"}],"stream":true}'
Works with ChatGPT-Next-Web, Open WebUI, LobeChat, and any app that speaks the OpenAI API format. Set the API base URL to http://127.0.0.1:18796/v1 and use any API key (or leave blank).
Session Persistence — 7-day disk TTL, auto-resume across restarts
Multi-Model Proxy — Anthropic ↔ OpenAI format translation for Gemini/GPT
Cost Tracking — per-model pricing with real-time token accounting
Effort Control — low to max thinking depth per message
Runtime Model/Tool Switching — hot-swap via --resume
Architecture
graph TD
A[OpenClaw / Your Code] -->|tool calls| B[Plugin Entry<br/>index.ts]
B --> C[SessionManager]
C --> D[Claude Engine<br/>persistent-session.ts]
C --> E[Codex Engine<br/>persistent-codex-session.ts]
C --> K[Gemini Engine<br/>persistent-gemini-session.ts]
C --> L[Cursor Engine<br/>persistent-cursor-session.ts]
C --> M[Custom Engine<br/>persistent-custom-session.ts]
C --> F[Council<br/>council.ts]
C --> G[Inbox / Ultraplan / Ultrareview]
F -->|git worktree per agent| D
B --> H[Proxy Handler]
H -->|Anthropic format| I[Gemini / GPT / Gateway]
B --> J[Embedded HTTP Server]
The agent harness performance optimization system. Skills, instincts, memory, security, and research-first development for Claude Code, Codex, Opencode, Cursor and beyond.
The agent harness performance optimization system. Skills, instincts, memory, security, and research-first development for Claude Code, Codex, Opencode, Cursor and beyond.
Claude Code is an agentic coding tool that lives in your terminal, understands your codebase, and helps you code faster by executing routine tasks, explaining complex code, and handling git workflows - all through natural language commands.
