# ElizaOS Developer Update (2026-01-25 → 2026-01-31) ## 1) Core Framework ### CLI + project scaffolding “front door” restored Work this week focused on unblocking new project creation and stabilizing first-run paths across environments: - **Fixed `elizaos create` project generation failure**: root cause tracked and resolved in core repo ([Issue #6388](https://github.com/elizaos/eliza/issues/6388), [PR #6389](https://github.com/elizaos/eliza/pull/6389)). - **Docs aligned to the corrected CLI package**: installation guidance updated to use the scoped package, avoiding the broken path that caused the generator failure ([docs PR #83](https://github.com/elizaos/docs/pull/83)). **Developer action**: ensure you’re using the scoped CLI package in your toolchains/CI: ```bash # recommended going forward npm i -g @elizaos/cli # or bun add -g @elizaos/cli ``` ### Security process formalized - Added a formal vulnerability reporting process via `SECURITY.md` ([PR #6428](https://github.com/elizaos/eliza/pull/6428)). This is important for plugin authors shipping auth + wallet integrations. ### Reliability: inference pipeline unblocked - AI inference was blocked by gateway credit exhaustion and was restored by topping up credits ([Issue #6393](https://github.com/elizaos/eliza/issues/6393)). If you operate your own gateway, treat this as an operational SLO item (alerts + budget enforcement). ### QA / versioning pain points (V1x vs V2x) Discord discussion highlights recurring breakages in **1x** compared to **2x**, and a need for better integration testing patterns (Stan’s `plugin-n8n-workflow` test approach was cited as a model). This is not yet reflected as a specific merged PR this week, but it’s impacting developer velocity and should be treated as a near-term platform priority. - Discussion context: provider selection fails in *one-shot mode* on `develop` (reported; not confirmed fixed). ## 2) New Features ### Code Execution plugin (native code run loop for agents) ElizaOS introduced a **Code Execution** plugin enabling agents to write and execute code as part of task completion (tracked at [Issue #6408](https://github.com/elizaos/eliza/issues/6408)). This expands agents from “tool calling” to “tool building,” especially when paired with workflow engines (see N8N below). **Typical usage pattern (plugin author / agent runtime)** (Exact API surface varies by runtime; this shows the intended flow: generate → execute → capture stdout/stderr → feed back into the agent.) ```ts // Pseudocode illustrating the agent loop with a code execution tool. // Use this as a conceptual template for integrating the plugin into your agent/tool registry. const result = await agent.run({ input: "Parse this CSV and return a JSON summary by category.", tools: ["code.execute"], // provided by the Code Execution plugin }); // result.messages may include tool output that you can persist/log console.log(result.final); ``` **Security note**: treat code execution as a privileged capability. Run it in a sandbox/container, restrict FS/network access, and never mount production secrets into the execution environment. ### GitHub Plugin finalized (repo management + automation) A **GitHub plugin** for repository management landed/was finalized ([Issue #6406](https://github.com/elizaos/eliza/issues/6406)). This enables agents to file issues, comment, and automate repo hygiene tasks. ### N8N workflow engine integration (in progress) Integration work began to connect Eliza agents to **N8N** workflows for “real business automation” across thousands of apps (noted in the weekly summary: [elizaos/eliza](https://github.com/elizaos/eliza)). This is the backbone for “agent does the work” sequences (triage → enrich → notify → file ticket). ### “Eliza App” research track initiated Competitive analysis and requirements gathering for a consumer-facing “Eliza App” started ([Issue #6394](https://github.com/elizaos/eliza/issues/6394)). Discord feedback emphasized gaps vs competitors (mobile footprint + voice), and the strategic need to reach users who won’t run Mac Minis. ### TEE direction: Babylon fast-track (architecture decision, parallel workstreams) Core-dev discussions converged on prioritizing **Babylon** (agent social platform w/ personas) and rushing **TEE (Trusted Execution Environment)** deployment within a ~3 month market window (Discord: `core-devs`, 2026-01-31). A key engineering recommendation: - **Parallelize**: keep the game engine outside TEE for fast iteration, while preparing TEE integration in parallel; switch once TEE path is stable to avoid slowing tuning/debug loops. Related action items: - Fast-track with Phala team; set up an execution group chat (Discord, 2026-01-31). ## 3) Bug Fixes (with technical context) ### Fixed: broken project generation (`elizaos create`) **Impact**: blocked onboarding; new devs couldn’t scaffold projects reliably. **Fix**: core repo patch + pathing updates ([Issue #6388](https://github.com/elizaos/eliza/issues/6388), [PR #6389](https://github.com/elizaos/eliza/pull/6389)). **Docs follow-up**: corrected CLI install instructions to prevent recurrence ([docs PR #83](https://github.com/elizaos/docs/pull/83)). ### Fixed: inference blocked due to gateway credit depletion **Impact**: agent runs failing at runtime despite correct configuration. **Mitigation applied**: credits topped up ([Issue #6393](https://github.com/elizaos/eliza/issues/6393)). **Recommendation**: add budget/health checks if you depend on managed gateways; fail over to secondary providers where possible. ### Reported (not confirmed fixed): ElizaCloud MCP / A2A endpoint failures Developers attempting to connect OpenClaw agents to ElizaCloud MCP saw: - `isomorphic-dompurify` module loading errors (CommonJS/ESM compatibility mismatch) - `contentModerationService` function failures on `A2A message/send` These appear server-side in ElizaCloud deployment (Discord: `💬-coders`, 2026-01-31). **Docs**: A2A protocol reference was shared here: https://www.dev.elizacloud.ai/docs/a2a ### Reported (not confirmed fixed): Eliza v1.7.2 action callback ordering bug A critical behavioral regression was reported for **Eliza 1.7.2**: - Callbacks fire **in reverse order** - The structured return message is **omitted** - Impacts custom plugins (notably `plugin-sql`, `plugin-openai`, `plugin-bootstrap`) Status: reported in Discord (2026-01-29); no linked PR/issue in the provided GitHub summary yet. If you depend on sequential callback messaging, consider pinning to a known-good version or adding ordering guarantees at the plugin boundary until an upstream fix lands. ## 4) API Changes ### CLI package naming / installation path (developer-facing) Docs were updated to standardize on the scoped CLI package: - `@elizaos/cli` is now the documented install target ([docs PR #83](https://github.com/elizaos/docs/pull/83)). If you maintain templates, internal docs, or Docker images, update accordingly. ### Twitter plugin: Broker Authentication mode (new auth pathway) The Twitter plugin added **Broker Authentication** for enterprise-grade workflows ([plugin-twitter PR #47](https://github.com/elizaos-plugins/plugin-twitter/pull/47)). This changes how credentials/tokens may be provisioned and rotated (exact config keys depend on your deployment stack). Conceptual example: ```jsonc { "plugins": { "twitter": { "authMode": "broker", "broker": { "endpoint": "https:///oauth", "audience": "eliza-twitter", "scopes": ["tweet.write", "users.read"] } } } } ``` ## 5) Social Media Integrations ### Twitter - **Broker Authentication** shipped ([PR #47](https://github.com/elizaos-plugins/plugin-twitter/pull/47)), improving security posture for automated social operations. ### Cross-platform messaging (planned) - A webhook service concept was opened to support multi-platform messaging (WhatsApp, Telegram) ([Issue #6429](https://github.com/elizaos/eliza/issues/6429)). ### “Connection page” + Composio exploration (in discussion) Discord discussions (2026-01-29) described a planned “connect social account → redirect back to bot” flow, with **Composio** considered for auth + integrations. A community Composio plugin was referenced: - https://github.com/standujar/plugin-composio (shared in Discord) ## 6) Model Provider Updates ### Provider operations + routing discussions - No new provider SDK integrations were merged in the provided GitHub summary this week. - Operationally, inference availability was affected by gateway credits (see bug fixes). - Discord discussion surfaced real-world provider constraints: - Users reported **Anthropic bans/TOS violations** when using certain subscription plans for non-human/agent usage. If your product uses Anthropic via consumer subscriptions, switch to compliant API plans and enforce human-in-the-loop where required. ### Local embeddings convenience (in progress) - `plugin-local-ai` work was mentioned as ongoing (easy embeddings integration on a dev branch). No PR link provided in the aggregated data; treat as pending. ## 7) Breaking Changes / V1 → V2 Migration Warnings ### Monorepo versioning instability (practical breaking behavior) Developers reported recurring breakage in **1x** vs **2x**, with insufficient integration tests. Even without a single flagged “breaking change” PR, the practical effect is the same: upgrades can silently break provider selection and plugin behavior. **Recommendations for teams shipping on ElizaOS today** - Pin exact versions of `eliza` + core plugins in production. - Add smoke tests that cover: - provider selection (including one-shot mode) - action callback ordering expectations - plugin load + tool registration - Prefer V2x lines where possible until V1x stabilizes. ### Ecosystem interoperability (OpenClaw skills → ElizaOS) A new `plugin-cskills` repo was created to support OpenClaw/ClawHub skills inside ElizaOS (Discord, 2026-01-31). This expands the plugin surface area but also increases compatibility risk (schema drift, sandbox assumptions). Validate skill manifests and isolate execution (VM/old machine guidance was reiterated in Discord). --- ## Links (PRs / Issues / Docs referenced) - Core CLI generator fix: https://github.com/elizaos/eliza/issues/6388, https://github.com/elizaos/eliza/pull/6389 - Docs CLI install update: https://github.com/elizaos/docs/pull/83 - SECURITY.md: https://github.com/elizaos/eliza/pull/6428 - Inference credits issue: https://github.com/elizaos/eliza/issues/6393 - GitHub plugin: https://github.com/elizaos/eliza/issues/6406 - Code execution plugin: https://github.com/elizaos/eliza/issues/6408 - Webhook service (WhatsApp/Telegram planning): https://github.com/elizaos/eliza/issues/6429 - Twitter Broker Auth: https://github.com/elizaos-plugins/plugin-twitter/pull/47 - ElizaCloud A2A docs: https://www.dev.elizacloud.ai/docs/a2a - Composio plugin (community): https://github.com/standujar/plugin-composio