ByteRover
ByteRover context engine plugin for OpenClaw — curates and queries conversation context via brv CLI
Community code plugin. Review compatibility and verification before install.
@byterover/byterover · runtime id byterover
Install
openclaw plugins install clawhub:@byterover/byteroverLatest Release
Version 1.1.2
Compatibility
{
"builtWithOpenClawVersion": "1.1.2",
"pluginApiRange": ">=2026.3.22"
}Capabilities
{
"bundledSkills": [],
"capabilityTags": [
"executes-code",
"kind:context-engine"
],
"channels": [],
"commandNames": [],
"configSchema": true,
"configUiHints": false,
"executesCode": true,
"hooks": [],
"httpRouteCount": 0,
"materializesDependencies": false,
"pluginKind": "context-engine",
"providers": [],
"runtimeId": "byterover",
"serviceNames": [],
"setupEntry": false,
"toolNames": []
}Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description match the implementation: the plugin spawns the external brv CLI to 'curate' and 'query' conversation data and injects retrieved context into prompts. No unrelated credentials, binaries, or installs are requested.
Instruction Scope
SKILL.md and code limit behavior to calling brv curate/query, serializing messages, and injecting results. However, the plugin passes full conversation text to the brv CLI (as an argument) and runs the CLI in a configurable working directory — so the external brv process will receive conversation content and may read/write files in the specified cwd. The skill itself does not attempt to read unrelated system files or environment variables.
Install Mechanism
No install spec is present (plugin is shipped as source files). The README instructs users to install the brv CLI separately. Nothing in this package downloads or executes external code during install.
Credentials
The plugin does not request any environment variables or credentials. It spawns the brv binary with env: process.env, so the brv process inherits the agent's environment (and thus any secrets present there). This is expected for a wrapper around an external CLI, but it increases blast radius if the brv binary is untrusted.
Persistence & Privilege
The plugin does not request elevated privileges, does not set always:true, and does not modify other plugins' configurations. It registers a context engine and uses normal lifecycle hooks; no persistent system-level changes are made by the plugin code.
Assessment
This plugin appears to do what it says: it sends conversation text to a local brv CLI and injects brv's query results into prompts. Before installing, verify you trust the brv binary (install from the official source) because the plugin spawns that binary with your full environment and conversation text. Specific things to consider:
- The brv process inherits process.env, so any secrets in the agent environment are available to that binary; avoid running this with sensitive credentials in env if you don't trust brv.
- The plugin passes conversation content as a command-line argument to brv; on some systems command-line arguments can be observed by other local users (ps, /proc), so this could expose chat content on multi-user machines.
- brv runs in the configured cwd (defaults to a workspace under your HOME); ensure the cwd you set is a project directory you want brv to access and not a system or secrets directory.
- The plugin itself does not request external network access or credentials, but the brv CLI may perform network operations — review brv's behavior and source before use.
If you trust the brv CLI and configure brvPath/cwd deliberately (or run the plugin in an isolated account/container), the plugin is coherent with its purpose and reasonable to use.src/brv-process.ts:90
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Verification
{
"hasProvenance": false,
"scanStatus": "clean",
"scope": "artifact-only",
"sourceCommit": "8ba9545",
"sourceRepo": "https://github.com/campfirein/brv-openclaw-plugin",
"sourceTag": "v1.1.2",
"summary": "Validated package structure and linked the release to source metadata.",
"tier": "source-linked"
}Tags
{
"latest": "1.1.2"
}@byterover/byterover
ByteRover context engine plugin for OpenClaw. Integrates the brv CLI as a context engine that curates conversation knowledge and retrieves relevant context for each prompt — giving your AI agent persistent, queryable memory.
Table of contents
- What it does
- Prerequisites
- Quick start
- Configuration
- How it works
- Development
- Project structure
- License
What it does
When you chat with an OpenClaw agent, the conversation is ephemeral — older messages get compacted or lost as the context window fills up. ByteRover changes that by:
- Curating every turn — after each conversation turn, the plugin feeds the new messages to
brv curate, which extracts and stores facts, decisions, technical details, and preferences worth remembering - Querying on demand — before each new prompt is sent to the LLM, the plugin runs
brv querywith the user's message to retrieve curated knowledge relevant to the current request - Injecting context — retrieved knowledge is appended to the system prompt so the LLM has the right context without the user needing to repeat themselves
The result: your agent remembers what matters, forgets what doesn't, and retrieves context that's actually relevant to what you're asking about right now.
Prerequisites
- OpenClaw with plugin context engine support
- Node.js 22+
- brv CLI installed and available on your
PATH(or provide a custom path via config). The brv path depends on how you installed it:- curl: the default path is
~/.brv-cli/bin/brv - npm: run
which brvto find the path, then set it viabrvPathin the plugin config
- curl: the default path is
Quick start
1. Install the plugin
openclaw plugins install @byterover/byterover
For local development, link your working copy instead:
openclaw plugins install --link /path/to/brv-openclaw-plugin
2. Configure the context engine slot
openclaw config set plugins.slots.contextEngine byterover
3. Set plugin options
Point the plugin to your brv binary and project directory:
openclaw config set plugins.entries.byterover.config.brvPath /path/to/brv
openclaw config set plugins.entries.byterover.config.cwd /path/to/your/project
4. Verify
openclaw plugins list
You should see byterover listed and enabled. Restart OpenClaw, then start a conversation — you'll see [byterover] Plugin loaded in the gateway logs.
5. Uninstall (if needed)
openclaw plugins uninstall byterover
openclaw config set plugins.slots.contextEngine ""
Configuration
ByteRover is configured through plugins.entries.byterover.config in your OpenClaw config file (~/.openclaw/openclaw.json):
{
"plugins": {
"slots": {
"contextEngine": "byterover"
},
"entries": {
"byterover": {
"enabled": true,
"config": {
"brvPath": "/usr/local/bin/brv",
"cwd": "/path/to/your/project",
"queryTimeoutMs": 12000,
"curateTimeoutMs": 60000
}
}
}
}
}
Options
| Option | Type | Default | Description |
|---|---|---|---|
brvPath | string | "brv" | Path to the brv CLI binary. Defaults to resolving brv from PATH. |
cwd | string | process.cwd() | Working directory for brv commands. Must be a project with .brv/ initialized. |
queryTimeoutMs | number | 12000 | Timeout in milliseconds for brv query calls. The effective assemble deadline is capped at 10,000 ms to stay within the agent ready timeout. |
curateTimeoutMs | number | 60000 | Timeout in milliseconds for brv curate calls. |
How it works
ByteRover hooks into three points in the OpenClaw context engine lifecycle:
afterTurn — curate conversation knowledge
After each conversation turn completes, the plugin:
- Extracts new messages from the turn (skipping pre-prompt messages)
- Strips OpenClaw metadata (sender info, timestamps, tool results) to get clean text
- Serializes messages with sender attribution
- Sends the text to
brv curate --detachfor asynchronous knowledge extraction
Curation runs in detached mode — the brv daemon queues the work and the CLI returns immediately, so it never blocks the conversation.
assemble — retrieve relevant context
Before each prompt is sent to the LLM, the plugin:
- Takes the current user message (or falls back to scanning message history)
- Strips metadata and skips trivially short queries (< 5 chars)
- Runs
brv querywith a 10-second deadline - Wraps the result in a
<byterover-context>block and injects it as a system prompt addition
If the query times out or fails, the conversation proceeds without context — it's always best-effort.
compact — delegated to runtime
ByteRover does not own compaction. The plugin sets ownsCompaction: false, so OpenClaw's built-in sliding-window compaction handles context window management as usual.
ingest — no-op
Ingestion is handled by afterTurn in batch (all new messages from the turn at once), so the per-message ingest hook is a no-op.
Development
# Install dependencies
npm install
# Type check
npx tsc --noEmit
# Run tests
npx vitest run --dir test
# Link for local testing with OpenClaw
openclaw plugins install --link .
openclaw config set plugins.slots.contextEngine byterover
Testing locally
- Initialize a brv project:
cd /your/project && brv init - Link the plugin and configure as shown in Quick start
- Restart OpenClaw
- Send a few messages — check gateway logs for:
[byterover] Plugin loaded— plugin registeredafterTurn curating N new messages— curation runningassemble injecting systemPromptAddition— context being retrieved and injected
Project structure
index.ts # Plugin entry point and registration
openclaw.plugin.json # Plugin manifest (id, kind, config schema)
src/
context-engine.ts # ByteRoverContextEngine — implements ContextEngine
brv-process.ts # brv CLI spawning (query, curate) with timeout/abort
message-utils.ts # Metadata stripping and message text extraction
types.ts # Standalone type definitions (structurally compatible with openclaw/plugin-sdk)
License
MIT