Community code plugin. Review compatibility and verification before install.
Latest release: v1.0.14Download zip
Capabilities
Compatibility
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The stated purpose matches the artifacts: operate erxes Next through authenticated GraphQL, including reads plus create, update, delete, publish, transfer, convert, and membership workflows. Those capabilities are high-impact for production business data, and the manifest does not clearly separate read-only use from mutation and deletion authority.
Instruction Scope
The instructions include useful safeguards such as exact-record lookup and confirmation before destructive actions, but they also tell the agent to assume owner-mode access and treat backend permission definitions or missing permission checks as non-blocking unless the API rejects the call. Keyword and intent routing is broad enough to activate on generic CRM/API terms.
Install Mechanism
The package has a simple JavaScript entry, no dependency installation or postinstall behavior, and helper scripts limited to OAuth login and refresh against the configured ERXES_BASE_URL. However, the documentation uses copy-paste command examples that place the confidential client secret directly on the command line.
Credentials
Network access, OAuth credentials, and GraphQL calls are coherent with the plugin purpose, but the scope is broad: it can operate across contacts, products, team members, automations, block workflows, and operation workflows. This is proportionate only for users who intend to grant production-level erxes administration to the agent.
Persistence & Privilege
The artifacts repeatedly instruct agents not to store tokens in project files and to keep sessions in memory only, and the helper scripts print session JSON rather than persisting it. The main privilege concern is not persistence, but assumed owner authority and broad mutation access.
Scan Findings in Context
[SDI-4] unexpected: The owner-mode instruction is artifact-backed and materially concerning because it normalizes privileged operation for workflows that include delete, remove-member, end-cycle, and status deletion.
[SDI-4] unexpected: The template-permission finding is supported: the artifact says missing checkPermission calls are a backend detail and owner-mode access should still be assumed, which is under-scoped for mutation-capable template operations.
[SQP-1] unexpected: The broad activation concern is supported by generic keywords and high-level intents despite the plugin having write, delete, publish, transfer, and conversion workflows.
[SQP-3] unexpected: Default owner-mode access is a material concern because the plugin exposes administrative GraphQL operations and does not require explicit privilege verification before elevated workflows.
[SQP-2] expected: A confidential OAuth secret is expected for this integration, but the command-line examples create an avoidable secret-exposure risk through shell history, process listings, or logs.
[SQP-2] unexpected: The plaintext sample password in the user-invite example is not needed for the purpose and encourages unsafe credential handling.
[SQP-1] unexpected: The manifest keywords include generic terms such as contacts, companies, products, graphql, and oauth, increasing accidental activation risk for a credentialed business-data plugin.
[SQP-1] unexpected: The manifest intents for read, create, update, and delete erxes records are too broad for a plugin operating on authenticated production data.
[SQP-1] unexpected: The plugin.json keyword concern is supported and duplicates the openclaw.plugin.json routing issue because both manifests contain the same broad matching terms.
[SQP-2] unexpected: The manifest advertises mutation and deletion capabilities but lacks a prominent user-facing warning about modifying or deleting remote erxes data.
What to consider before installing
Install only if you intentionally want an agent to use a confidential erxes OAuth client with broad access to business records. Use a least-privilege OAuth client where possible, avoid pasting real secrets into shell-history-producing commands, start with read-only tests, and require explicit human confirmation for every create, update, delete, publish, transfer, convert, membership, and template change.Verification
Tags
erxes Next Agent Plugin
This Clawhub/OpenClaw agent plugin lets agents operate erxes Next through the live GraphQL API using confidential OAuth device-flow authentication.
The plugin is intentionally scoped to erxes. It should not fall back to generic CRM schemas, invented REST endpoints, or guessed GraphQL operations when an erxes lookup fails.
What It Supports
- Core erxes workflows: contacts, products, tags, documents, brands, automations, organization structure, and team members.
- Block plugin workflows: projects, buildings, floor zonings, units, unit types, opportunities, statuses, payment plans, contracts, offers, invoices, documents, attachments, notes, and developer profile.
- Operation plugin workflows: projects, tasks, triage, teams, statuses, cycles, milestones, notes, activities, and templates.
- Safe read/list/search/group actions.
- Guarded write actions that require enough fields and confirmation for risky mutations.
Required Configuration
The plugin requires these values when installed or used:
ERXES_BASE_URL=https://<subdomain>.next.erxes.io/gateway
ERXES_CLIENT_ID=<confidential-oauth-client-id>
ERXES_CLIENT_SECRET=<confidential-oauth-client-secret>
For local development, ERXES_BASE_URL can also point to a local gateway, for example:
ERXES_BASE_URL=http://localhost:4000
Authentication
Use the login helper:
ERXES_BASE_URL=<url> ERXES_CLIENT_ID=<client-id> ERXES_CLIENT_SECRET=<client-secret> bash scripts/login.sh
The helper opens the browser for approval and prints the session JSON to stdout. Do not commit tokens, .env files, raw session JSON, auth headers, cookies, or secrets.
If an access token expires during a task, refresh it with:
ERXES_BASE_URL=<url> ERXES_CLIENT_ID=<client-id> ERXES_CLIENT_SECRET=<client-secret> ERXES_REFRESH_TOKEN=<refresh-token> bash scripts/refresh-token.sh
Plugin Files
plugin.json- agent plugin manifest.instructions.md- main agent behavior and safety rules.erxes-app-token-auth.md- confidential OAuth reference.erxes-graphql-api.md- core erxes GraphQL operation reference.block-api.md- block plugin workflows and exact GraphQL operations.operation-api.md- operation plugin workflows and exact GraphQL operations.scripts/login.sh- browser login helper.scripts/refresh-token.sh- token refresh helper.
Updating the Plugin on Clawhub
After editing plugin files:
-
Confirm the plugin docs and manifests are valid.
node -e "for (const f of ['plugin.json','_meta.json']) JSON.parse(require('fs').readFileSync(f,'utf8')); console.log('json ok')" -
Review the changed files, then commit and push only the intended plugin updates.
git status --short git add agent-plugin/erxes-next/README.md agent-plugin/erxes-next/instructions.md agent-plugin/erxes-next/erxes-graphql-api.md agent-plugin/erxes-next/block-api.md agent-plugin/erxes-next/operation-api.md git commit -m "docs: update erxes next plugin" git push origin main -
In Clawhub, open the
erxes-next-pluginplugin page. -
Use the Clawhub update or publish action for the existing plugin slug:
erxes-next-plugin -
Verify the installed plugin version or updated contents in a fresh Clawhub agent chat.
-
Test a read-only GraphQL workflow first, then test any write workflow only with explicit confirmation and known record IDs.
Safety Rules
- Never invent record IDs, statuses, users, teams, dates, prices, or permissions.
- Search first when the user provides a name instead of an
_id. - Ask for missing required fields before write mutations.
- Ask for explicit confirmation before delete, remove, deactivate, publish, unpublish, transfer, convert, or end actions.
- Never expose access tokens, refresh tokens, raw session JSON, auth headers, API keys, cookies, or
.envvalues.