#18713: feat(extensions): add BlockRun LLM provider with ClawRouter integration

## Summary Adds BlockRun extension — a provider plugin for smart LLM routing with x402 micropayments via ClawRouter. ### Why BlockRun? | Feature | Benefit | |---------|---------| | **Smart Routing** | Auto-selects the best model for each request | | **30+ Models** | OpenAI, Anthropic, Google, DeepSeek, xAI — all through one integration | | **No API Keys** | Pay-per-request with USDC micropayments (x402 protocol) | | **Free Tier** | NVIDIA GPT-OSS-120B at $0 for simple queries | ### How It Works ``` User prompt → ClawRouter classifier → Best model for the job ↓ 80% handled by rules (<1ms) 20% use LLM fallback (~$0.00003) ``` ### Routing Examples | Prompt | Routed To | Why | |--------|-----------|-----| | "What's 2+2?" | Free (NVIDIA) | Simple math | | "Write a haiku" | DeepSeek | Creative, affordable | | "Debug this React code" | GPT-4o | Code expertise | | "Analyze this legal contract" | Claude Opus | Complex reasoning | ## Changes - **New extension**: `extensions/blockrun/` - **package.json**: Version `2026.2.16` (matches monorepo), depends on `@blockrun/clawrouter` - **openclaw.plugin.json**: Proper `configSchema` with `additionalProperties: false` and defined `properties` - **index.ts**: Full provider implementation with auth flow and model definitions - **README.md**: Setup and usage instructions - **.github/labeler.yml**: Added `extensions: blockrun` label ## Fixes from Previous PR (#16746) - ✅ Version now matches monorepo (`2026.2.16`) - ✅ `configSchema` has proper `properties` and `additionalProperties: false` - ✅ Lockfile updated with `@blockrun/clawrouter` dependency - ✅ Added `.github/labeler.yml` entry ## Usage ```bash # Enable the extension openclaw plugins enable blockrun # Install and start ClawRouter npm install -g @blockrun/clawrouter clawrouter start # Authenticate openclaw models auth login --provider blockrun --set-default # Use smart routing openclaw config set model blockrun/auto ``` ## Test Plan - [x] `pnpm install` succeeds - [x] `pnpm lint` passes (0 warnings, 0 errors) - [x] `pnpm tsgo` passes (typecheck) - [ ] Verify plugin loads with `openclaw plugins list` - [ ] Test routing with `blockrun/auto` model ## Links - npm: [@blockrun/clawrouter](https://www.npmjs.com/package/@blockrun/clawrouter) - GitHub: [BlockRunAI/ClawRouter](https://github.com/BlockRunAI/ClawRouter) - x402: [x402.org](https://x402.org) <!-- greptile_comment --> <h3>Greptile Summary</h3> Adds the BlockRun extension — a provider plugin for LLM routing via a local ClawRouter proxy with x402 micropayments. The implementation follows established patterns (closely mirrors the `copilot-proxy` extension) with proper auth flow, model definitions, and config patching. - **Unused dependency**: `@blockrun/clawrouter` is declared in `package.json` `dependencies` but never imported in `index.ts`. This pulls in a non-trivial dependency tree (viem, `@noble/*`, `@scure/*`) with no runtime benefit. If it's only needed as a globally-installed CLI, it should be removed from `dependencies`. - **Config schema mismatch**: `openclaw.plugin.json` declares `walletKey` and `routingMode` config properties, but `index.ts` uses `emptyPluginConfigSchema()` (which rejects all properties) and never reads these values. The manifest schema should match the code — either remove the properties or implement support for them. - **Security concern**: The `walletKey` config property stores a private key in plaintext config, which is a security risk. If wallet key support is planned, it should use a secure credential mechanism rather than the plugin config file. <h3>Confidence Score: 2/5</h3> - The PR has an unused dependency adding bloat and a config schema that contradicts the actual code, with a potential security issue in exposing a private key field. - The core provider implementation is clean and follows existing patterns, but there are three issues that need resolution: (1) an unused runtime dependency that inflates the install, (2) a config schema mismatch between the manifest and the code where declared properties have no effect, and (3) a private key field exposed in plaintext config. None are runtime-breaking, but they indicate the PR needs cleanup before merge. - Pay close attention to `extensions/blockrun/package.json` (unused dependency) and `extensions/blockrun/openclaw.plugin.json` (schema mismatch and private key exposure). _{Last reviewed commit: 7172659} <!-- greptile_other_comments_section --> **Context used:** - Context from `dashboard` - AGENTS.md ([source](https://app.greptile.com/review/custom-context?memory=0d0c8278-ef8e-4d6c-ab21-f5527e322f13)) <!-- /greptile_comment -->