loongsuite-js-plugins
agent
Basarisiz
Health Uyari
- License — License: NOASSERTION
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Low visibility — Only 5 GitHub stars
Code Basarisiz
- rm -rf — Recursive force deletion command in opentelemetry-instrumentation-claude/scripts/install.sh
- rm -rf — Recursive force deletion command in opentelemetry-instrumentation-claude/scripts/remote-install.sh
- rm -rf — Recursive force deletion command in opentelemetry-instrumentation-claude/scripts/uninstall.sh
- process.env — Environment variable access in opentelemetry-instrumentation-claude/scripts/uninstall.sh
- fs module — File system access in opentelemetry-instrumentation-claude/scripts/uninstall.sh
- child_process — Shell command execution capability in opentelemetry-instrumentation-claude/src/cli.js
- execSync — Synchronous shell command execution in opentelemetry-instrumentation-claude/src/cli.js
- fs.rmSync — Destructive file system operation in opentelemetry-instrumentation-claude/src/cli.js
- os.homedir — User home directory access in opentelemetry-instrumentation-claude/src/cli.js
- process.env — Environment variable access in opentelemetry-instrumentation-claude/src/cli.js
- fs module — File system access in opentelemetry-instrumentation-claude/src/cli.js
- os.homedir — User home directory access in opentelemetry-instrumentation-claude/src/intercept.js
- process.env — Environment variable access in opentelemetry-instrumentation-claude/src/intercept.js
- fs module — File system access in opentelemetry-instrumentation-claude/src/intercept.js
- network request — Outbound network request in opentelemetry-instrumentation-claude/src/intercept.js
- fs.rmSync — Destructive file system operation in opentelemetry-instrumentation-claude/src/state.js
- os.homedir — User home directory access in opentelemetry-instrumentation-claude/src/state.js
- fs module — File system access in opentelemetry-instrumentation-claude/src/state.js
Permissions Gecti
- Permissions — No dangerous permissions requested
Purpose
This tool provides OpenTelemetry instrumentation plugins for AI coding agents, specifically Claude Code and OpenClaw. It automatically collects traces, tool calls, and LLM metrics, sending them to a compatible backend without requiring changes to your existing code.
Security Assessment
The overall risk is rated as High. The installation process heavily relies on shell scripts that execute recursive force deletions (`rm -rf`), which is inherently dangerous. Furthermore, the core application code extensively accesses sensitive system resources. It executes synchronous shell commands (`execSync`), probes the user's home directory (`os.homedir`), performs destructive file operations (`fs.rmSync`), and modifies the local file system. It also makes outbound network requests to transmit the telemetry data it collects. While there is no evidence of hardcoded secrets, the combination of remote script execution, shell access, and deep file system manipulation requires extreme caution. Users must thoroughly review the installation scripts before running them.
Quality Assessment
Maintained by Alibaba, the repository is highly active, with its last push occurring today. It claims an Apache-2.0 license, though the automated scan flagged the license as unasserted. The project includes a robust test suite of 101 tests. However, community trust and visibility are currently very low, with only 5 GitHub stars, indicating minimal external adoption or public auditing at this stage.
Verdict
Use with caution: while actively maintained, the tool requires unvetted remote script execution and requests highly sensitive system permissions.
This tool provides OpenTelemetry instrumentation plugins for AI coding agents, specifically Claude Code and OpenClaw. It automatically collects traces, tool calls, and LLM metrics, sending them to a compatible backend without requiring changes to your existing code.
Security Assessment
The overall risk is rated as High. The installation process heavily relies on shell scripts that execute recursive force deletions (`rm -rf`), which is inherently dangerous. Furthermore, the core application code extensively accesses sensitive system resources. It executes synchronous shell commands (`execSync`), probes the user's home directory (`os.homedir`), performs destructive file operations (`fs.rmSync`), and modifies the local file system. It also makes outbound network requests to transmit the telemetry data it collects. While there is no evidence of hardcoded secrets, the combination of remote script execution, shell access, and deep file system manipulation requires extreme caution. Users must thoroughly review the installation scripts before running them.
Quality Assessment
Maintained by Alibaba, the repository is highly active, with its last push occurring today. It claims an Apache-2.0 license, though the automated scan flagged the license as unasserted. The project includes a robust test suite of 101 tests. However, community trust and visibility are currently very low, with only 5 GitHub stars, indicating minimal external adoption or public auditing at this stage.
Verdict
Use with caution: while actively maintained, the tool requires unvetted remote script execution and requests highly sensitive system permissions.
OpenTelemetry instrumentation plugins for AI coding agents
README.md
loongsuite-js-plugins
OpenTelemetry instrumentation plugins for AI coding agents. Collect traces, tool calls, and LLM metrics from Claude Code and OpenClaw — zero code changes required.
📦 Plugins
| Plugin | Platform | Description |
|---|---|---|
| opentelemetry-instrumentation-claude | Claude Code | Hook-based session tracing + in-process LLM call capture via intercept.js |
| opentelemetry-instrumentation-openclaw | OpenClaw | Native gateway plugin: Traces + Metrics to any OTLP backend |
Both plugins follow the OpenTelemetry GenAI semantic conventions and work with any OTLP-compatible backend (Jaeger, Honeycomb, Grafana Tempo, Alibaba Cloud ARMS, etc.).
⚡ Quick Start
Claude Code — 5 minutes to first trace
One-line install (with OTLP backend):
curl -fsSL https://arms-apm-cn-hangzhou-pre.oss-cn-hangzhou.aliyuncs.com/agenttrack/remote-install.sh | bash -s -- \
--endpoint "https://your-otlp-endpoint:4318" \
--service-name "my-claude-agent"
The script automatically installs hooks, sets up the claude alias, and writes the OTLP config to your shell profile. Traces appear in your backend automatically. The Span tree looks like:
🤖 Claude Session: "Analyze this codebase..."
├── 👤 Turn 1: Analyze this codebase...
│ ├── 🔧 Read: /src/index.js gen_ai.span.kind=TOOL
│ ├── 🔧 Bash: npm test gen_ai.span.kind=TOOL
│ └── 🧠 LLM call (claude-sonnet-4-5) gen_ai.span.kind=LLM
│ ├── input_tokens: 2048
│ └── output_tokens: 512
└── 👤 Turn 2: ...
📖 Full documentation → opentelemetry-instrumentation-claude
OpenClaw — one-line install
curl -fsSL https://<your-plugin-host>/install.sh | bash -s -- \
--endpoint "https://your-otlp-endpoint:4318" \
--serviceName "my-openclaw-agent"
📖 Full documentation → opentelemetry-instrumentation-openclaw
🏗️ Repository Structure
loongsuite-js-plugins/
├── opentelemetry-instrumentation-claude/ # Claude Code plugin (JavaScript)
│ ├── src/ # Core source files
│ ├── test/ # Jest test suite (101 tests)
│ ├── scripts/ # Install / uninstall / pack scripts
│ ├── bin/otel-claude-hook # CLI entry point
│ └── README.md
└── opentelemetry-instrumentation-openclaw/ # OpenClaw platform plugin (TypeScript)
├── src/ # TypeScript source files
├── scripts/ # Install / uninstall scripts
└── README.md
🛠️ Development
Prerequisites
- Node.js >= 18.0.0
- npm >= 8.0.0
Clone and set up
git clone https://github.com/alibaba/loongsuite-js-plugins.git
cd loongsuite-js-plugins
# Claude plugin
cd opentelemetry-instrumentation-claude
npm install
npm test
# OpenClaw plugin (TypeScript, requires build)
cd ../opentelemetry-instrumentation-openclaw
npm install
npm run build
Run tests
cd opentelemetry-instrumentation-claude
npm test # run tests
npm test -- --coverage # with coverage report
Commit style
Follow Conventional Commits:
feat: new feature
fix: bug fix
docs: documentation changes
test: test additions or fixes
refactor: code refactoring
perf: performance improvements
chore: build / toolchain
🔧 Environment Variables
Common OTel variables
| Variable | Description | Example |
|---|---|---|
OTEL_EXPORTER_OTLP_ENDPOINT |
OTLP export endpoint | https://your-backend:4318 |
OTEL_EXPORTER_OTLP_HEADERS |
Request headers (comma-separated) | x-api-key=your-key |
OTEL_SERVICE_NAME |
Service name for traces | my-claude-agent |
OTEL_RESOURCE_ATTRIBUTES |
Additional resource attributes | env=prod,team=infra |
Claude plugin specific
| Variable | Description |
|---|---|
CLAUDE_TELEMETRY_DEBUG |
Set to 1 for console output (no backend needed) |
OTEL_CLAUDE_DEBUG |
Set to 1 for verbose intercept.js logging |
OTEL_CLAUDE_LANG |
Force language: zh or en (default: auto-detect) |
OTEL_CLAUDE_HOOK_CMD |
Override hook command name |
🤝 Contributing
Contributions are welcome! Please read the contributing guide for the plugin you're working on:
- opentelemetry-instrumentation-claude/CONTRIBUTING.md
- opentelemetry-instrumentation-openclaw/CONTRIBUTING.md
Summary:
- Fork the repo and create a feature branch from
main - Make your changes (follow Conventional Commits)
- Ensure tests pass:
npm test - Open a Pull Request
Please also read our Code of Conduct.
📄 License
Apache-2.0 — see LICENSE for details.
🔗 Related
Yorumlar (0)
Yorum birakmak icin giris yap.
Yorum birakSonuc bulunamadi