TypeScript SDK for OpenClaw deployments backed by secr. Provides the OpenClawSecretBroker, OpenClawGateway, and an IDENTITY.md parser that reads the secr: frontmatter binding.
Most users want
@secr/openclaw-plugininstead — that's the native OpenClaw plugin built on top of this SDK. This package is for direct embedding, custom runtimes, or testing.
npm install @secr/openclawimport { OpenClawSecretBroker, loadIdentity } from "@secr/openclaw";
// Parse IDENTITY.md (with secr binding in frontmatter)
const parsed = await loadIdentity("./IDENTITY.md");
// Build broker — token comes from SECR_AGENT_TOKEN env var
const broker = OpenClawSecretBroker.fromIdentity(parsed);
// Drop allowed secrets into process.env (server-enforced allowlist)
await broker.materializeEnv();---
secr:
org: acme
project: support-bot
environment: production
---
## Name
SupportBot
## Creature
AI AgentThe agent token never lives in this file — pass via SECR_AGENT_TOKEN env var or directly to the broker constructor.
OpenClawSecretBroker— token exchange + secret resolver. SupportsgetSecret(key),getAll(),materializeEnv().OpenClawGateway— wraps tool calls with rate limits, approval queues, and audit logging. Built on top of@secr/mcp's gateway.parseIdentity(source)/loadIdentity(path)— IDENTITY.md parser.
- Integration landing page
- Getting started
- Plugin source — the native plugin built on this SDK
MIT