IDE Agent Kit
Connect your IDE coding agents into real-time teams through OpenClaw. Filesystem-based message bus, room polling, automation rules, and multi-model agent coordination. Zero dependencies.
Security Model
This skill operates in two tiers:
Core (local-only, no credentials needed):
- - Local filesystem queue and receipt log — agents read/write files in the working directory
- INLINECODE0�,
receipt tail, memory (local backend), keepalive — no network, no secrets - INLINECODE4� binds to
127.0.0.1 only by default — receives webhooks, writes to local queue
Advanced (requires explicit opt-in and credentials):
- -
sessions, gateway — talk to an OpenClaw gateway (requires openclaw.token in config) - INLINECODE9� — connects to Ant Farm rooms (requires
--api-key flag) - INLINECODE11�,
hooks create — POST data to external URLs you specify - INLINECODE13�,
exec — execute shell commands (restricted to an allowlist in config)
No advanced features activate without explicit configuration. The default init config has empty credential fields and a minimal command allowlist.
Network behavior
| Command | Outbound connections | Inbound connections |
|---|
INLINECODE16�, receipt tail, memory (local), �INLINECODE19 | None | None |
| INLINECODE20 |
None | localhost:8787 only (configurable) |
|
poll | Ant Farm API (HTTPS) | None |
|
sessions,
gateway | OpenClaw gateway (localhost by default) | None |
|
emit | User-specified URL | None |
|
hooks create | User-specified webhook URL | None |
Command execution
INLINECODE26� and exec only run commands listed in tmux.allow in your config. Default allowlist: npm test, npm run build, pytest, git status, git diff. Commands not on the list are rejected.
INLINECODE34� adds an approval flow: commands go through exec request → human/agent exec resolve before running.
Quick Start
CODEBLOCK0
Creates a local ide-agent-kit.json config. All credential fields are blank. Nothing connects to any server until you configure it.
Connectivity Modes
Four modes that compose freely. Only mode 1 is active by default.
1. Local Filesystem Bus (default)
Agents on the same machine communicate through a shared queue directory and receipt log. No network, no server, no API keys.
- - Queue: �INLINECODE38
- Receipts: �INLINECODE39
2. Webhook Relay Server (optional)
Receives inbound webhooks from GitHub/GitLab and writes them to the local event queue.
CODEBLOCK1
Binds to 127.0.0.1:8787 by default. Set github.webhook_secret in config to verify signatures. Does not make outbound connections.
3. Ant Farm Room Polling (optional)
Connects to Ant Farm rooms for cross-machine coordination.
CODEBLOCK2
Requires: --api-key flag (Ant Farm API key). Rate-limited, default 120s interval.
4. GitHub Events (optional)
When serve is running, point a GitHub webhook at your relay URL. Translates PR/issue/CI events into local queue events.
Requires: github.webhook_secret in config to verify inbound signatures.
Commands
Core (local-only, no credentials)
| Command | Description |
|---|
| INLINECODE45 | Generate starter config |
| INLINECODE46 |
Print last N receipts |
|
watch [--config <path>] | Watch event queue, nudge IDE session on new events |
|
serve [--config <path>] | Start webhook relay server (localhost only) |
|
memory list\|get\|set\|search | Manage agent memory (local file backend) |
|
keepalive start\|stop\|status | Prevent macOS sleep for remote sessions |
Advanced (requires credentials or explicit config)
| Command | Requires | Description |
|---|
| INLINECODE51 | INLINECODE52 | Send message to agent via gateway |
| INLINECODE53 |
openclaw.token | Spawn a new agent session |
|
sessions list\|history\|status |
openclaw.token | Query sessions |
|
gateway trigger\|health\|agents |
openclaw.token | Gateway operations |
|
poll --rooms <r> --api-key <k> --handle <h> | Ant Farm API key | Poll rooms for messages |
|
emit --to <url> --json <file> | None (user specifies target) | POST event JSON to a URL |
|
hooks create --webhook-url <url> | None (user specifies target) | Create webhook forwarder |
|
tmux run --cmd <command> | Allowlisted commands only | Run command in tmux, capture receipt |
|
exec request\|resolve\|list | Allowlisted commands only | Execution approval workflow |
|
cron add\|list\|remove\|run\|status |
openclaw.token | Scheduled task management |
Configuration
Generated by ide-agent-kit init. All credential fields default to empty.
| Field | Purpose | Default |
|---|
| INLINECODE67 | Webhook server bind address | INLINECODE68 |
| INLINECODE69 |
Webhook server port |
8787 |
|
tmux.allow | Allowlisted shell commands |
[npm test, npm run build, pytest, git status, git diff] |
|
openclaw.token | Gateway auth (advanced commands) | empty |
|
github.webhook_secret | Verify GitHub webhooks | empty |
Data Access
| Path | Access | Purpose |
|---|
| INLINECODE75 | append | Audit log of all agent actions |
| INLINECODE76 |
read/write | Event queue |
|
ide-agent-kit.json | read | Runtime configuration (may contain secrets) |
|
memory/ | read/write | Local agent memory files |
Source & Verification
- - npm: https://www.npmjs.com/package/ide-agent-kit
- Source: https://github.com/ThinkOffApp/ide-agent-kit
- Maintainer: petruspennanen (npm), ThinkOffApp (GitHub)
- License: AGPL-3.0-only
The npm package contains no install scripts (preinstall/postinstall). All code is plain ESM JavaScript. Verify with npm pack --dry-run before installing.
IDE Agent Kit
通过OpenClaw将您的IDE编码代理连接到实时团队中。基于文件系统的消息总线、房间轮询、自动化规则以及多模型代理协调。零依赖。
安全模型
此技能分为两个层级运行:
核心层(仅本地,无需凭证):
- - 本地文件系统队列和回执日志 — 代理在工作目录中读写文件
- init、receipt tail、memory(本地后端)、keepalive — 无网络连接,无密钥
- serve 默认仅绑定到 127.0.0.1 — 接收webhook,写入本地队列
高级层(需要明确选择加入和凭证):
- - sessions、gateway — 与OpenClaw网关通信(需要在配置中提供openclaw.token)
- poll — 连接到Ant Farm房间(需要--api-key标志)
- emit、hooks create — 向您指定的外部URL发送POST数据
- tmux run、exec — 执行shell命令(仅限于配置中的允许列表)
没有明确配置,高级功能不会激活。默认的init配置具有空的凭证字段和最少的命令允许列表。
网络行为
| 命令 | 出站连接 | 入站连接 |
|---|
| init、receipt tail、memory(本地)、keepalive | 无 | 无 |
| serve |
无 | 仅localhost:8787(可配置) |
| poll | Ant Farm API(HTTPS) | 无 |
| sessions、gateway | OpenClaw网关(默认localhost) | 无 |
| emit | 用户指定的URL | 无 |
| hooks create | 用户指定的webhook URL | 无 |
命令执行
tmux run和exec仅运行配置中tmux.allow列出的命令。默认允许列表:npm test、npm run build、pytest、git status、git diff。不在列表中的命令将被拒绝。
exec增加了审批流程:命令在运行前需经过exec request → 人工/代理exec resolve。
快速开始
bash
npm install -g ide-agent-kit
ide-agent-kit init --ide claude-code
创建本地ide-agent-kit.json配置文件。所有凭证字段均为空白。在您配置之前,不会连接到任何服务器。
连接模式
四种可自由组合的模式。默认仅激活模式1。
1. 本地文件系统总线(默认)
同一台机器上的代理通过共享队列目录和回执日志进行通信。无需网络、无需服务器、无需API密钥。
- - 队列:./ide-agent-queue.jsonl
- 回执:./ide-agent-receipts.jsonl
2. Webhook中继服务器(可选)
接收来自GitHub/GitLab的入站webhook并将其写入本地事件队列。
bash
ide-agent-kit serve [--config ]
默认绑定到127.0.0.1:8787。在配置中设置github.webhook_secret以验证签名。不进行出站连接。
3. Ant Farm房间轮询(可选)
连接到Ant Farm房间以实现跨机器协调。
bash
ide-agent-kit poll --rooms --api-key --handle <@handle> [--interval ]
需要: --api-key标志(Ant Farm API密钥)。有速率限制,默认间隔120秒。
4. GitHub事件(可选)
当serve运行时,将GitHub webhook指向您的中继URL。将PR/问题/CI事件转换为本地队列事件。
需要: 配置中的github.webhook_secret以验证入站签名。
命令
核心命令(仅本地,无需凭证)
| 命令 | 描述 |
|---|
| init [--ide <name>] [--profile <balanced\ | low-friction>] | 生成初始配置 |
| receipt tail [--n <count>] |
打印最后N条回执 |
| watch [--config
] | 监视事件队列,新事件时提示IDE会话 |
| serve [--config ] | 启动webhook中继服务器(仅localhost) |
| memory list\|get\|set\|search | 管理代理记忆(本地文件后端) |
| keepalive start\|stop\|status | 防止macOS在远程会话期间休眠 |
高级命令(需要凭证或明确配置)
| 命令 | 需要 | 描述 |
|---|
| sessions send --agent <id> --message <text> | openclaw.token | 通过网关向代理发送消息 |
| sessions spawn --task <text> |
openclaw.token | 生成新的代理会话 |
| sessions list\|history\|status | openclaw.token | 查询会话 |
| gateway trigger\|health\|agents | openclaw.token | 网关操作 |
| poll --rooms --api-key --handle | Ant Farm API密钥 | 轮询房间消息 |
| emit --to --json | 无(用户指定目标) | 将事件JSON POST到URL |
| hooks create --webhook-url | 无(用户指定目标) | 创建webhook转发器 |
| tmux run --cmd | 仅允许列表中的命令 | 在tmux中运行命令,捕获回执 |
| exec request\|resolve\|list | 仅允许列表中的命令 | 执行审批工作流 |
| cron add\|list\|remove\|run\|status | openclaw.token | 计划任务管理 |
配置
由ide-agent-kit init生成。所有凭证字段默认为空。
| 字段 | 用途 | 默认值 |
|---|
| listen.host | Webhook服务器绑定地址 | 127.0.0.1 |
| listen.port |
Webhook服务器端口 | 8787 |
| tmux.allow | 允许的shell命令列表 | [npm test, npm run build, pytest, git status, git diff] |
| openclaw.token | 网关认证(高级命令) | 空 |
| github.webhook_secret | 验证GitHub webhook | 空 |
数据访问
| 路径 | 访问方式 | 用途 |
|---|
| ide-agent-receipts.jsonl | 追加 | 所有代理操作的审计日志 |
| ide-agent-queue.jsonl |
读/写 | 事件队列 |
| ide-agent-kit.json | 读取 | 运行时配置(可能包含密钥) |
| memory/ | 读/写 | 本地代理记忆文件 |
来源与验证
- - npm: https://www.npmjs.com/package/ide-agent-kit
- 源代码: https://github.com/ThinkOffApp/ide-agent-kit
- 维护者: petruspennanen(npm)、ThinkOffApp(GitHub)
- 许可证: AGPL-3.0-only
npm包不包含安装脚本(preinstall/postinstall)。所有代码均为纯ESM JavaScript。安装前可使用npm pack --dry-run进行验证。
