Code Pluginsource linked

Openclaw langsmithv1.2.0-maverick.2

LangSmith tracing plugin for OpenClaw. Automatic observability for agent turns, tool calls, and LLM invocations.

openclaw-langsmith·runtime openclaw-langsmith·by @maverick

Community code plugin. Review compatibility and verification before install.

openclaw plugins install clawhub:openclaw-langsmith

Latest release: v1.2.0-maverick.2Download zip

Capabilities

Compatibility

Built With Open Claw Version

2026.2.6-3

Plugin Api Range

>=2026.2.6

Plugin Sdk Version

2026.2.6-3

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

high confidence

Purpose & Capability

The network tracing behavior fits the stated LangSmith observability purpose, but the artifacts show it captures full prompts, message history, tool parameters/results, LLM outputs, session identifiers, and metadata that can contain sensitive user or tenant data.

Instruction Scope

Tracing is gated by a configured LangSmith API key and has feature toggles, but the defaults enable agent, tool, and Engram LLM tracing and there is no field-level allowlist, redaction, truncation, or metadata-only mode.

Install Mechanism

The package metadata is source-linked but lacks provenance, and INSTALL_GITHUB.md instructs users to install from a modified fork using a dangerously unsafe install override; the reason is disclosed, but it materially increases review burden.

Credentials

Exporting raw conversational and tool telemetry to LangSmith is proportionate for deep observability only in environments where the operator has approved that external data flow and checked downstream retention/compliance.

ℹ

Persistence & Privilege

The plugin registers runtime hooks, global trace callbacks, a service, and interval-based batching; it cleans these up on stop and does not show file-system persistence or privilege escalation.

Scan Findings in Context

[SDI-2] expected: The rich telemetry capture in src/tracer.ts is core to LangSmith tracing, but the scanner's concern is valid because the implementation only lightly sanitizes one metadata pattern and otherwise forwards sensitive content without general minimization.

[SQP-2] expected: The README discloses that agent turns, tool calls, prompts, responses, token usage, and metadata are sent to LangSmith, but it lacks a prominent privacy warning and the default configuration enables the sensitive trace types.

[SQP-2] expected: The Engram section explicitly says full prompt and output text are traced with no truncation; that is coherent for debugging but high-risk for memory workflows that may contain personal, secret, or proprietary context.

[SQP-2] expected: The src and dist findings match the code path: hooks collect prompts, histories, tool inputs/results, assistant output, and LLM trace events, then LangSmithClient sends them to the configured endpoint via fetch.

[SQP-2] expected: The manifest exposes endpoint and trace toggles but does not itself provide a user-facing consent notice, endpoint allowlist, redaction controls, or safe defaults for content capture.

What to consider before installing

Review this before installing. Use it only if you are comfortable sending full agent conversations, tool inputs/outputs, and memory-related LLM prompts to LangSmith or another configured endpoint. Avoid it for regulated, confidential, customer, credential-bearing, or proprietary workloads unless you add redaction/minimization controls and confirm LangSmith retention and access policies. Treat the unsafe-install override and fork/provenance mismatch as reasons to inspect the source and pin the exact artifact.

✗

dist/index.js:6

Environment variable access combined with network send.

✗

dist/index.js:64

File appears to expose a hardcoded API secret or token.

✗

src/client.ts:20

File appears to expose a hardcoded API secret or token.

Patterns worth reviewing

These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Verification

Tier

source linked

Scope

artifact only

Summary

Validated package structure and linked the release to source metadata.

Source

github.com/joshuaswarren/openclaw-langsmith

Commit

Tag

Provenance

Scan status

suspicious

openclaw-langsmith

LangSmith tracing plugin for OpenClaw. Automatically traces agent turns, tool calls, and LLM invocations to LangSmith for observability, debugging, and cost tracking.

Features

Agent turn tracing — Each agent turn becomes a LangSmith run with prompt, response, and token usage
Token tracking — Prompt tokens, completion tokens, and total tokens displayed in LangSmith dashboard
Smart tagging — Auto-tags traces with source (cron, discord, slack, telegram), job names, channel IDs
Tool call tracing — Tool calls nested under their parent agent run
Engram LLM tracing — Memory extraction/consolidation calls appear as LLM runs with full prompts
Batch queue — Operations batched for efficient API usage (configurable interval and size)
Per-feature toggles — Enable/disable each trace type independently
Zero runtime dependencies — Uses native fetch and crypto.randomUUID()
Error isolation — Tracing errors never affect gateway operation

Quick Start

1. Get a LangSmith API Key

Sign up at smith.langchain.com
Go to Settings > API Keys
Create a new API key (starts with lsv2_pt_...)

2. Install the Plugin

cd ~/.openclaw/extensions
git clone https://github.com/joshuaswarren/openclaw-langsmith.git
cd openclaw-langsmith
npm install && npm run build

3. Add API Key to Gateway Environment

The gateway needs the API key in its environment. Choose your platform:

<details> <summary>macOS (launchd)</summary>

Edit ~/Library/LaunchAgents/ai.openclaw.gateway.plist and add inside EnvironmentVariables:

<key>LANGSMITH_API_KEY</key>
<string>lsv2_pt_your_key_here</string>

</details> <details> <summary>Linux (systemd)</summary>

Edit ~/.config/systemd/user/openclaw-gateway.service and add to the [Service] section:

Environment="LANGSMITH_API_KEY=lsv2_pt_your_key_here"

Or create an environment file at ~/.config/openclaw/env:

LANGSMITH_API_KEY=lsv2_pt_your_key_here

Then reference it in the service file:

EnvironmentFile=%h/.config/openclaw/env

</details> <details> <summary>Docker</summary>

Add to your docker-compose.yml or pass via -e:

environment:
  - LANGSMITH_API_KEY=lsv2_pt_your_key_here

</details>

4. Enable in openclaw.json

{
  "plugins": {
    "allow": ["openclaw-langsmith"],
    "entries": {
      "openclaw-langsmith": {
        "enabled": true,
        "config": {
          "langsmithApiKey": "${LANGSMITH_API_KEY}",
          "projectName": "openclaw"
        }
      }
    }
  }
}

5. Restart Gateway

macOS:

launchctl kickstart -k gui/$(id -u)/ai.openclaw.gateway

Linux:

systemctl --user restart openclaw-gateway

Docker:

docker compose restart openclaw-gateway

Verify (all platforms):

tail -f ~/.openclaw/logs/gateway.log | grep langsmith
# Should see: [langsmith] langsmith tracing active

Configuration

Option	Type	Default	Description
`langsmithApiKey`	string	`$LANGSMITH_API_KEY`	LangSmith API key
`langsmithEndpoint`	string	`https://api.smith.langchain.com`	API endpoint
`projectName`	string	`openclaw`	LangSmith project name
`traceAgentTurns`	boolean	`true`	Trace agent turns
`traceToolCalls`	boolean	`true`	Trace tool calls
`traceEngramLlm`	boolean	`true`	Trace engram LLM calls
`batchIntervalMs`	number	`1000`	Batch flush interval (ms)
`batchMaxSize`	number	`20`	Max operations before flush
`debug`	boolean	`false`	Enable debug logging

Filtering Traces

Traces are automatically tagged for easy filtering in LangSmith:

Tag	Description	Example
`cron`	Cron job runs	Filter all scheduled jobs
`discord`	Discord messages	Filter Discord conversations
`slack`	Slack messages	Filter Slack conversations
`telegram`	Telegram messages	Filter Telegram conversations
`job:<id>`	Specific cron job	`job:96b7720d-02b1-4373-8846-33306c9913fc`
`name:<name>`	Cron job name	`name:X Bookmarks → Insights pipeline`
`channel:<id>`	Discord channel	`channel:1467253309348909241`
`guild:#<name>`	Discord guild	`guild:#proj-deckard`

How It Works

Agent Turns

Hooks into before_agent_start and agent_end. Creates LangSmith runs with:

Prompt content
Response messages
Token usage (prompt, completion, total)
Duration
Auto-generated tags based on session source

Tool Calls

Hooks into before_tool_call and after_tool_call. Tool runs are nested under the parent agent run using LangSmith's trace_id and dotted_order for proper hierarchy.

Engram LLM Calls

The engram memory plugin emits LlmTraceEvent objects via globalThis.__openclawEngramTrace. This plugin subscribes and creates LLM runs with:

Full prompt text (no truncation)
Full output text (no truncation)
Model and operation type
Token usage and duration

Error Isolation

No API key? No problem. If you install the plugin without configuring an API key, it simply logs a warning and disables itself — OpenClaw continues running normally
All LangSmith API calls wrapped in try/catch
Network failures log warnings but never affect gateway operation
Invalid API keys or LangSmith outages won't break your agents

Development

npm install
npm run build    # Build with tsup
npm run dev      # Watch mode

Related Projects

OpenClaw — The AI agent gateway
openclaw-engram — Local-first memory plugin
LangSmith — LLM observability platform