Skip to content

Add OSuite tool plugin#2709

Open
jw-ond wants to merge 1 commit into
langgenius:mainfrom
jw-ond:codex/add-osuite-dify-plugin
Open

Add OSuite tool plugin#2709
jw-ond wants to merge 1 commit into
langgenius:mainfrom
jw-ond:codex/add-osuite-dify-plugin

Conversation

@jw-ond

@jw-ond jw-ond commented Jul 14, 2026

Copy link
Copy Markdown

Plugin Submission

Plugin information

Submission type

  • New plugin
  • Version update

What changed

Adds the OSuite tool plugin for Dify workflows and agents. The plugin lets a Dify workflow create an OSuite governed action checkpoint before consequential work, check approval state, record the final outcome, and read a runtime exposure summary.

Included tools:

  • review_planned_work
  • check_if_approved
  • record_final_outcome
  • summarize_runtime_exposure

Risk level

  • Low risk
  • Medium risk
  • High risk

The plugin calls a fixed, user-configured OSuite HTTPS endpoint and sends user-provided workflow/action context to OSuite for governance review and audit recording. It does not execute code, run shell commands, query databases, browse the web, proxy arbitrary URLs, or operate on local files.

Required checks

  • I have read and followed the Marketplace submission requirements.
  • I have read and comply with the Plugin Developer Agreement.
  • I tested this plugin on Dify Community Edition and Dify Cloud, or documented any limitation below.
  • The package contains only files needed at runtime.
  • The package does not contain secrets, local credentials, .env files, .git directories, virtual environments, caches, logs, or IDE files.
  • The package does not contain executables or bundled binaries, or I explained why they are required below.
  • The plugin README includes setup steps, usage instructions, required APIs or credentials, connection requirements, and the source repository link.
  • The plugin includes PRIVACY.md or a hosted privacy policy, and manifest.yaml references it.
  • All user-facing text is primarily in English, with any localized README files following the i18n guidance.

Security and privacy notes

The plugin requires an OSuite API key and OSuite Studio base URL. It transmits the action goal, proposed action, systems touched, risk estimate, optional decision context, optional compact tool input summary, and final outcome fields to the configured OSuite workspace. API keys are used only in the x-api-key request header and are not returned in tool outputs.

Sensitive capabilities: sends user-provided workflow/action context to an external service configured by the user and writes governance/audit records in that service. No command execution, code execution, SQL, SSH/SFTP, filesystem access, browser automation, arbitrary URL fetching, proxying, crawling, or bundled executables.

Local validation

Ran the following local checks:

ruby -ryaml -e 'ARGV.each { |p| YAML.load_file(p); puts "YAML OK: #{p}" }' /tmp/osuite-dify-plugin/manifest.yaml /tmp/osuite-dify-plugin/provider/osuite.yaml /tmp/osuite-dify-plugin/tools/*.yaml
/opt/homebrew/bin/python3.11 -m py_compile /tmp/osuite-dify-plugin/main.py /tmp/osuite-dify-plugin/provider/osuite.py /tmp/osuite-dify-plugin/tools/*.py
unzip -q ondco/osuite/osuite-0.1.0.difypkg -d /tmp/osuite-dify-unpacked
ruby -ryaml -e 'm=YAML.load_file("/tmp/osuite-dify-unpacked/manifest.yaml"); raise unless m["author"]=="ondco" && m["name"]=="osuite" && m["version"]=="0.1.0"'
/opt/homebrew/bin/python3.11 -m py_compile /tmp/osuite-dify-unpacked/main.py /tmp/osuite-dify-unpacked/provider/osuite.py /tmp/osuite-dify-unpacked/tools/*.py
curl https://marketplace.dify.ai/api/v1/plugins/ondco/osuite/0.1.0

Results:

  • YAML parse: passed
  • Python syntax compile: passed
  • Package manifest/icon/privacy presence: passed
  • Package content scan for .env, .git, venv, caches, pyc, .DS_Store: passed
  • Marketplace version check: returned plugin version not found, so ondco/osuite/0.1.0 appears available

Limitation: local machine has Python 3.11, while the package declares Python 3.12 and dify_plugin>=0.9.0, matching the repository's CI runtime. I also ran an import smoke test with dify_plugin==0.7.4 on Python 3.11 to catch basic import/class issues.

Reviewer notes

This is a governance checkpoint plugin for Dify. Dify owns workflow execution; OSuite records the proposed action, policy decision, approval state, outcome, and audit trail.

@github-actions github-actions Bot added the risk: medium Medium-risk Marketplace submission label Jul 14, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

risk: medium Medium-risk Marketplace submission

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant