fix: preserve runtime alias with compat wrappers

2026-06-06 14:01:24 +08:00 · 2026-05-07 15:11:29 -07:00
10733 changed files with 237579 additions and 1022618 deletions
--- a/.agents/maintainer-notes/telegram.md
+++ b/.agents/maintainer-notes/telegram.md
@@ -1,37 +0,0 @@
-# Telegram Maintainer Decisions
-
-Use this page during Telegram PR review. These are intentional maintainer decisions, not incidental implementation details.
-
-Verified against Telegram Bot API 10.0, May 8 2026.
-
-## Streaming
-
- Do not reintroduce `sendMessageDraft` for answer streaming. Telegram drafts are ephemeral 30-second previews in private chats; final delivery still requires a separate `sendMessage`. OpenClaw uses `sendMessage` plus `editMessageText`, then finalizes in place so the user sees one persistent answer.
- Streaming owns one visible preview message. Edit it forward. Do not send an extra final bubble unless the final edit genuinely failed.
- Keep the first-preview debounce. If a provider sends token-sized deltas, coalesce them into cumulative preview text instead of removing the debounce.
- Respect Telegram limits in the Telegram layer. Text over 4096 chars chains into continuation messages. Polls keep the current Bot API 12-option cap.
-
-## Telegram API Ownership
-
- Prefer grammY primitives and Telegram-native helpers when they model the behavior directly. Avoid custom Bot API wrappers for behavior grammY already owns.
- Throttling is bot-token scoped. All Telegram API clients for the same token share one grammY `apiThrottler()` instance.
- Do not silently retry failed topic sends without topic metadata. A wrong-surface success is worse than a loud Telegram error.
- DM topics and forum topics are distinct. `direct_messages_topic_id` and `message_thread_id` are not interchangeable.
-
-## Context And Authorization
-
- Reply context comes from OpenClaw-observed messages. Bot API updates expose `reply_to_message`, but there is no arbitrary `getMessage(chat, id)` hydration path later.
- Current local chat context must outrank stale reply ancestry in the prompt. Old replied-to messages should not look like the active conversation.
- Pairing is DM-only. Group and topic authorization need explicit config allowlists.
- Telegram allowlists use numeric sender IDs. Usernames are optional, mutable, and not a reliable arbitrary-user lookup key in the Bot API.
- Group and channel visible replies are policy-controlled. Normal room replies stay private unless `messages.groupChat.visibleReplies: "automatic"` is set or the agent explicitly calls `message.send`.
-
-## Interactive Surfaces
-
- Native callbacks stay structured. Approval, native command, plugin, select, and multiselect callbacks must not fall through as raw callback text.
- Preserve callback values exactly, including delimiters such as `env|prod`.
- Native slash commands should remain fast-pathable before full workspace and agent-turn setup.
-
-## Review Standard
-
-Telegram behavior PRs need real Telegram proof when they touch transport, streaming, topics, callbacks, authorization, or reply context. Prefer the bot-to-bot QA lane or an equivalent live Telegram probe over synthetic-only validation.
--- a/.agents/skills/agent-transcript/SKILL.md
+++ b/.agents/skills/agent-transcript/SKILL.md
@@ -1,88 +0,0 @@
---
-name: agent-transcript
-description: "Add a redacted agent transcript section to GitHub PR or issue bodies during OpenClaw agent-created PR/issue workflows."
---
-
-# Agent Transcript
-
-Best-effort local-only provenance for OpenClaw PR/issue bodies. Use during agent-created GitHub PR or issue workflows before creating/updating the body.
-
-## Contract
-
- Never use network. Session discovery reads local agent logs only.
- Never upload raw logs. Render sanitized Markdown first.
- Always ask the user before adding transcript logs to a GitHub PR/issue body.
- Tell the user sanitized session logs help reviewers and can make PRs easier to prioritize.
- Offer a local HTML preview before insertion. If the user wants preview, open it and wait for confirmation before adding the section.
- Fail closed on unresolved secrets, private keys, browser/session/cookie details, or auth URLs.
- Drop system/developer prompts, raw tool outputs, reasoning, env, cookies, tokens, and broad local paths.
- Keep user prompts, assistant visible decisions, terse tool summaries, and test/proof outcomes.
- Remove session turns unrelated to the PR/issue work. Use the PR/issue title, branch name, changed files, and stated goal as scope; omit earlier/later unrelated tasks even when they are in the same session log.
- Best effort only: PR/issue creation must continue if no safe transcript is found.
- Add the `## Agent Transcript` section only when inserting a real transcript. Never add a placeholder transcript heading or text such as "A sanitized local transcript preview was generated but not included."
- Use a collapsed `<details>` section and update existing markers instead of duplicating sections.
-
-## Helper
-
-```bash
-.agents/skills/agent-transcript/scripts/agent-transcript --help
-```
-
-Find a likely local session:
-
-```bash
-.agents/skills/agent-transcript/scripts/agent-transcript find \
-  --query "$PR_TITLE $BRANCH_OR_PR_URL" \
-  --cwd "$PWD" \
-  --since-days 14
-```
-
-`find` scans the newest 400 matching local JSONL logs by default across Codex, Claude, Pi, and OpenClaw agent sessions. Use `--max-files N` for a wider local search.
-
-Render a PR/issue body section:
-
-```bash
-.agents/skills/agent-transcript/scripts/agent-transcript render \
-  --session "$SESSION_JSONL" \
-  --out /tmp/agent-transcript.md
-```
-
-Preview one candidate session locally:
-
-```bash
-.agents/skills/agent-transcript/scripts/agent-transcript preview \
-  --session "$SESSION_JSONL" \
-  --out /tmp/agent-transcript-preview.html
-open /tmp/agent-transcript-preview.html
-```
-
-Append/update a body file before `gh pr create --body-file` or connector PR creation:
-
-```bash
-.agents/skills/agent-transcript/scripts/agent-transcript append-body \
-  --body /tmp/pr-body.md \
-  --session "$SESSION_JSONL" \
-  --out /tmp/pr-body.with-transcript.md
-```
-
-## PR/Issue Workflow
-
-1. Draft the normal PR/issue body first.
-2. Run `find` with title, branch, PR URL/number if known, and cwd.
-3. If a high-confidence session is found, ask:
-   `Include a redacted agent transcript? It helps reviewers and can make the PR easier to prioritize. I can open a local preview first.`
-4. If the user wants preview, run `preview`, open the HTML with `open`, and wait for confirmation.
-5. Before insertion, trim unrelated session turns from the generated section. Keep only turns that explain this PR/issue's goal, implementation choices, files, tests, proof, blockers, and final outcome.
-6. If the user approves, run `append-body`.
-7. Use the enriched body file for creation/update.
-8. If no safe session is found, say nothing and continue without transcript. If the user declines, continue without transcript and do not add any transcript placeholder section.
-
-## Review Artifacts
-
-For manual audits across many PR/session candidates, create a local HTML preview from a local JSON file. This is for maintainers only and is not part of the PR/issue workflow:
-
-```bash
-.agents/skills/agent-transcript/scripts/agent-transcript html \
-  --prs /tmp/recent-prs.json \
-  --out /tmp/agent-transcript-preview.html
-```
--- a/.agents/skills/agent-transcript/scripts/agent-transcript
+++ b/.agents/skills/agent-transcript/scripts/agent-transcript
@@ -1,683 +0,0 @@
-#!/usr/bin/env node
-import fs from "node:fs";
-import os from "node:os";
-import path from "node:path";
-import process from "node:process";
-
-const MARKER_START = "<!-- agent-transcript:start -->";
-const MARKER_END = "<!-- agent-transcript:end -->";
-const DEFAULT_MAX_CHARS = 50000;
-const DEFAULT_ENTRY_MAX_CHARS = 6000;
-
-function usage() {
-  console.log(`Usage:
-  agent-transcript find --query TEXT [--cwd PATH] [--since-days N] [--max-files N] [--root PATH...]
-  agent-transcript render --session FILE [--out FILE] [--max-chars N] [--entry-max-chars N] [--title TEXT] [--url URL]
-  agent-transcript preview --session FILE [--out FILE] [--max-chars N] [--entry-max-chars N] [--title TEXT] [--url URL]
-  agent-transcript append-body --body FILE --session FILE [--out FILE] [--max-chars N] [--entry-max-chars N]
-  agent-transcript html --prs FILE [--out FILE] [--since-days N] [--min-score N] [--root PATH...] [--exclude-session FILE...]
-
-Local-only. No network calls.`);
-}
-
-function parseArgs(argv) {
-  const args = { _: [] };
-  for (let i = 0; i < argv.length; i++) {
-    const arg = argv[i];
-    if (!arg.startsWith("--")) {
-      args._.push(arg);
-      continue;
-    }
-    const key = arg.slice(2);
-    const next = argv[i + 1];
-    if (next == null || next.startsWith("--")) {
-      args[key] = true;
-      continue;
-    }
-    i++;
-    if (args[key] == null) args[key] = next;
-    else if (Array.isArray(args[key])) args[key].push(next);
-    else args[key] = [args[key], next];
-  }
-  return args;
-}
-
-function asArray(value) {
-  if (value == null) return [];
-  return Array.isArray(value) ? value : [value];
-}
-
-function homePath(...parts) {
-  return path.join(os.homedir(), ...parts);
-}
-
-function openClawSessionRoots() {
-  const stateDir = process.env.OPENCLAW_STATE_DIR || homePath(".openclaw");
-  const agentsDir = path.join(stateDir, "agents");
-  if (!fs.existsSync(agentsDir)) return [];
-  try {
-    const roots = fs
-      .readdirSync(agentsDir, { withFileTypes: true })
-      .filter((entry) => entry.isDirectory())
-      .flatMap((entry) => {
-        const agentDir = path.join(agentsDir, entry.name);
-        return [
-          path.join(agentDir, "sessions"),
-          path.join(agentDir, "agent", "sessions"),
-          path.join(agentDir, "agent", "codex-home", "sessions"),
-        ];
-      })
-      .filter((root) => fs.existsSync(root));
-    return [...new Set(roots)];
-  } catch {
-    return [];
-  }
-}
-
-function defaultRoots() {
-  return [
-    homePath(".codex", "sessions"),
-    homePath(".claude", "projects"),
-    homePath(".pi", "agent", "sessions"),
-    ...openClawSessionRoots(),
-  ];
-}
-
-function walkJsonl(root, sinceMs, out = []) {
-  if (!root || !fs.existsSync(root)) return out;
-  const stat = fs.statSync(root);
-  if (stat.isFile()) {
-    if (root.endsWith(".jsonl") && stat.mtimeMs >= sinceMs) out.push(root);
-    return out;
-  }
-  for (const entry of fs.readdirSync(root, { withFileTypes: true })) {
-    if (entry.name === "node_modules" || entry.name === ".git") continue;
-    const file = path.join(root, entry.name);
-    if (entry.isDirectory()) walkJsonl(file, sinceMs, out);
-    else if (entry.isFile() && entry.name.endsWith(".jsonl")) {
-      const entryStat = fs.statSync(file);
-      if (entryStat.mtimeMs >= sinceMs) out.push(file);
-    }
-  }
-  return out;
-}
-
-function readJsonl(file, maxLines = 12000) {
-  const text = fs.readFileSync(file, "utf8");
-  const lines = text.split(/\n+/).filter(Boolean).slice(0, maxLines);
-  const rows = [];
-  for (const line of lines) {
-    try {
-      rows.push(JSON.parse(line));
-    } catch {
-      rows.push({ type: "unparsed", text: line });
-    }
-  }
-  return rows;
-}
-
-function stringContent(value) {
-  if (value == null) return "";
-  if (typeof value === "string") return value;
-  if (Array.isArray(value)) return value.map(stringContent).filter(Boolean).join("\n");
-  if (typeof value === "object") {
-    if (typeof value.text === "string") return value.text;
-    if (typeof value.content === "string") return value.content;
-    if (typeof value.message === "string") return value.message;
-    if (Array.isArray(value.content)) return stringContent(value.content);
-    if (value.type === "text" && value.text) return String(value.text);
-  }
-  return "";
-}
-
-function detectAgent(file, rows) {
-  if (file.includes(`${path.sep}.codex${path.sep}`)) return "codex";
-  if (file.includes(`${path.sep}.claude${path.sep}`)) return "claude";
-  if (file.includes(`${path.sep}.pi${path.sep}`)) return "pi";
-  if (
-    file.includes(`${path.sep}.openclaw${path.sep}`) ||
-    (file.includes(`${path.sep}agents${path.sep}`) && file.includes(`${path.sep}sessions${path.sep}`))
-  ) {
-    return "openclaw";
-  }
-  if (rows.some((row) => row?.type === "session_meta" || row?.type === "response_item")) return "codex";
-  if (rows.some((row) => row?.sessionId && row?.userType)) return "claude";
-  return "agent";
-}
-
-function eventText(row) {
-  if (row?.type === "event_msg") {
-    const payload = row.payload || {};
-    return stringContent(payload.message || payload.text_elements || payload.content);
-  }
-  if (row?.type === "response_item") {
-    const payload = row.payload || {};
-    return stringContent(payload.content || payload.summary || payload.arguments || payload.output);
-  }
-  if (row?.message) return stringContent(row.message);
-  if (row?.content) return stringContent(row.content);
-  if (row?.text) return stringContent(row.text);
-  return "";
-}
-
-function eventRole(row) {
-  if (row?.type === "event_msg") {
-    const type = row.payload?.type;
-    if (type === "user_message") return "user";
-    if (type === "agent_message") return "assistant";
-    if (type === "token_count" || type === "task_started" || type === "task_complete") return null;
-    if (type === "web_search_end") return "web";
-  }
-  if (row?.type === "response_item") {
-    const payload = row.payload || {};
-    if (payload.type === "function_call") return "tool";
-    if (payload.type === "function_call_output") return "tool_output";
-    if (payload.type === "reasoning") return null;
-    if (payload.type === "web_search_call") return "web";
-    if (payload.role === "user") return "user";
-    if (payload.role === "assistant") return "assistant";
-  }
-  if (row?.type === "user") return "user";
-  if (row?.type === "assistant") return "assistant";
-  if (row?.message?.role === "user") return "user";
-  if (row?.message?.role === "assistant") return "assistant";
-  if (row?.type === "tool_result" || row?.type === "tool_use") return "tool";
-  return null;
-}
-
-function hasSetupBlob(text) {
-  return (
-    text.includes("<INSTRUCTIONS>") ||
-    text.includes("# AGENTS.MD") ||
-    text.includes("Knowledge cutoff:") ||
-    text.includes("You are Codex") ||
-    /\byour instructions\b/i.test(text) ||
-    /\binstructions absorbed\b/i.test(text) ||
-    /\bAGENTS\.md\b/i.test(text)
-  );
-}
-
-function redact(input, stats) {
-  let s = String(input ?? "");
-  const rules = [
-    [/-----BEGIN [A-Z ]*PRIVATE KEY-----[\s\S]*?-----END [A-Z ]*PRIVATE KEY-----/g, "[REDACTED_PRIVATE_KEY]"],
-    [/sk-[A-Za-z0-9_-]{20,}/g, "[REDACTED_OPENAI_KEY]"],
-    [/(gh[pousr]_[A-Za-z0-9_]{20,})/g, "[REDACTED_GITHUB_TOKEN]"],
-    [/(AKIA[0-9A-Z]{16})/g, "[REDACTED_AWS_KEY]"],
-    [/eyJ[A-Za-z0-9_-]{20,}\.[A-Za-z0-9_-]{20,}\.[A-Za-z0-9_-]{10,}/g, "[REDACTED_JWT]"],
-    [/\b(?:Bearer|Basic)\s+[A-Za-z0-9._~+/=-]{16,}/gi, "[REDACTED_AUTH_HEADER]"],
-    [/[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,}/gi, "[REDACTED_EMAIL]"],
-    [/\b(?:\+?\d[\d .()-]{7,}\d)\b/g, "[REDACTED_PHONE]"],
-    [/\/Users\/[^\s`"'>)]+/g, "[LOCAL_PATH]"],
-    [/~\/[^\s`"'>)]+/g, "[HOME_PATH]"],
-    [/([?&](?:token|key|secret|signature|sig|access_token|auth)=)[^\s`"'>&]+/gi, "$1[REDACTED]"],
-  ];
-  for (const [re, repl] of rules) {
-    const before = s;
-    s = s.replace(re, repl);
-    if (s !== before) stats.redactions++;
-  }
-  return s;
-}
-
-function unsafe(text) {
-  const patterns = [
-    /-----BEGIN [A-Z ]*PRIVATE KEY-----/,
-    /\b(?:Bearer|Basic)\s+[A-Za-z0-9._~+/=-]{16,}/i,
-    /\b(?:user_session|_gh_sess|__Host-user_session_same_site|GH_SESSION_TOKEN)\b/i,
-    /\b(?:GITHUB_TOKEN|GH_TOKEN|OPENAI_API_KEY|ANTHROPIC_API_KEY)\b/,
-    /\/upload\/policies\/assets|uploadToken|authenticity_token/i,
-  ];
-  return patterns.filter((pattern) => pattern.test(text)).map((pattern) => String(pattern));
-}
-
-function normalizeEntry(role, text, stats, options = {}) {
-  let t = redact(text, stats).replace(/\n{3,}/g, "\n\n").trim();
-  if (!t) return null;
-  if (hasSetupBlob(t)) t = "[instructions recap omitted; policy/config text, not task dialogue]";
-  if (unsafe(t).length) t = "[omitted: browser/session/auth internals; not useful for public PR transcript]";
-  const entryMaxChars = Number(options.entryMaxChars || options["entry-max-chars"] || DEFAULT_ENTRY_MAX_CHARS);
-  if (t.length > entryMaxChars) {
-    t = `${t.slice(0, entryMaxChars).trimEnd()}\n...[truncated ${t.length - entryMaxChars} chars]`;
-  }
-  return `[${role}]\n${t}`;
-}
-
-function entryRole(entry) {
-  const match = entry.match(/^\[([^\]]+)\]\n/);
-  return match ? match[1] : null;
-}
-
-function entryBody(entry) {
-  return entry.replace(/^\[[^\]]+\]\n/, "");
-}
-
-function coalesceEntries(entries) {
-  const coalesced = [];
-  for (const entry of entries) {
-    const role = entryRole(entry);
-    const body = entryBody(entry);
-    const last = coalesced[coalesced.length - 1];
-    if (!last || !role || entryRole(last) !== role || role === "tool summary") {
-      coalesced.push(entry);
-      continue;
-    }
-    const lastBody = entryBody(last);
-    if (lastBody === body || lastBody.includes(body)) continue;
-    if (body.includes(lastBody)) {
-      coalesced[coalesced.length - 1] = `[${role}]\n${body}`;
-      continue;
-    }
-    coalesced[coalesced.length - 1] = `[${role}]\n${lastBody}\n\n${body}`;
-  }
-  return coalesced;
-}
-
-function toolFamily(name) {
-  const normalized = String(name).toLowerCase();
-  if (
-    /(read|fetch|open|list|find|search|grep|rg|sed|cat|head|tail|jq|wc|status|diff|show|view|snapshot|screenshot)/.test(
-      normalized,
-    )
-  ) {
-    return "read";
-  }
-  if (/(write|edit|patch|apply|create|update|append|save|comment|fill|click|type|navigate|upload)/.test(normalized)) {
-    return "write";
-  }
-  if (/(exec|command|shell|run|test|build|lint|format|install|pnpm|npm|node|git|gh|ssh)/.test(normalized)) {
-    return "execute";
-  }
-  if (/(web|http|fetch|browser|chrome|github|dropbox|notion|gmail|calendar)/.test(normalized)) {
-    return "network";
-  }
-  return "other";
-}
-
-function shellFamily(command) {
-  const cmd = String(command || "").trim();
-  if (!cmd) return "execute";
-  if (
-    /^(rg|grep|sed|cat|head|tail|jq|wc|ls|find|pwd|git (status|diff|show|log|blame)|gh (pr|issue|api|run|repo|auth) (view|list|status)|test |stat |ps |which |command -v )\b/.test(
-      cmd,
-    )
-  ) {
-    return "read";
-  }
-  if (/^(open |chmod |mkdir |touch |cp |mv |kill |git add|git commit|git push|gh pr create|gh issue create)\b/.test(cmd)) {
-    return "write";
-  }
-  if (/^(node|npm|pnpm|bun|python|python3|ruby|tsx|tsgo|make|cargo|go test|swift|xcodebuild)\b/.test(cmd)) {
-    return "execute";
-  }
-  if (/^(ssh|curl|wget|tailscale|nc )\b/.test(cmd)) return "network";
-  return "execute";
-}
-
-function toolCallFamily(row) {
-  const name = row.payload?.name || row.name || row.message?.name || row.type || "tool";
-  if (name === "exec_command") {
-    try {
-      const args = JSON.parse(row.payload?.arguments || "{}");
-      return shellFamily(args.cmd);
-    } catch {
-      return "execute";
-    }
-  }
-  if (name === "apply_patch") return "write";
-  if (name === "write_stdin") return "execute";
-  return toolFamily(name);
-}
-
-function compactToolSummary(familyCounts, dropped) {
-  const families = new Map();
-  for (const [family, count] of familyCounts.entries()) {
-    families.set(family, (families.get(family) || 0) + count);
-  }
-  const ordered = ["read", "write", "execute", "network", "other"]
-    .map((family) => [family, families.get(family) || 0])
-    .filter(([, count]) => count > 0)
-    .map(([family, count]) => `${count} ${family}`);
-  const calls = ordered.length ? ordered.join(", ") : "0 tool";
-  return `${calls}; raw tool outputs dropped: ${dropped}`;
-}
-
-function recountEntries(stats, entries) {
-  stats.rawEntries = stats.entries;
-  stats.entries = entries.length;
-  stats.user = entries.filter((entry) => entry.startsWith("[user]\n")).length;
-  stats.assistant = entries.filter((entry) => entry.startsWith("[assistant]\n")).length;
-}
-
-function renderSession(file, options = {}) {
-  const rows = readJsonl(file);
-  const agent = detectAgent(file, rows);
-  const stats = {
-    agent,
-    entries: 0,
-    user: 0,
-    assistant: 0,
-    toolCalls: 0,
-    toolOutputsDropped: 0,
-    web: 0,
-    redactions: 0,
-    omittedUnsafe: 0,
-  };
-  const toolCounts = new Map();
-  const items = [];
-  const seenEntries = new Set();
-  const hasEventDialogue = rows.some((row) => {
-    const type = row?.type === "event_msg" ? row.payload?.type : null;
-    return type === "user_message" || type === "agent_message";
-  });
-  for (const row of rows) {
-    const role = eventRole(row);
-    if (!role) continue;
-    if (hasEventDialogue && row.type === "response_item" && (role === "user" || role === "assistant")) {
-      continue;
-    }
-    if (role === "tool_output") {
-      stats.toolOutputsDropped++;
-      continue;
-    }
-    if (role === "tool") {
-      const family = toolCallFamily(row);
-      toolCounts.set(family, (toolCounts.get(family) || 0) + 1);
-      stats.toolCalls++;
-      continue;
-    }
-    if (role === "web") {
-      stats.web++;
-      continue;
-    }
-    const before = eventText(row);
-    const entry = normalizeEntry(role, before, stats, options);
-    if (!entry) continue;
-    const dedupeKey = entry.replace(/\s+/g, " ").trim();
-    if (seenEntries.has(dedupeKey)) continue;
-    seenEntries.add(dedupeKey);
-    if (entry.includes("[omitted: browser/session/auth internals")) stats.omittedUnsafe++;
-    items.push(entry);
-    stats.entries++;
-    if (role === "user") stats.user++;
-    if (role === "assistant") stats.assistant++;
-  }
-  if (toolCounts.size) {
-    items.push(`[tool summary]\n${compactToolSummary(toolCounts, stats.toolOutputsDropped)}`);
-    stats.entries++;
-  }
-  const renderedItems = coalesceEntries(items);
-  recountEntries(stats, renderedItems);
-  const maxChars = Number(options.maxChars || DEFAULT_MAX_CHARS);
-  let joined = renderedItems.join("\n\n");
-  if (joined.length > maxChars) joined = `${joined.slice(0, maxChars).trimEnd()}\n\n...[transcript truncated to ${maxChars} chars]`;
-  const headerBits = [options.title, options.url].filter(Boolean).join(" | ");
-  const unsafeAfter = unsafe(joined);
-  const safe = unsafeAfter.length === 0;
-  const markdown = `${MARKER_START}
-## Agent Transcript
-
-<details>
-<summary>Redacted ${agent} session transcript${headerBits ? `: ${redact(headerBits, stats)}` : ""}</summary>
-
-\`\`\`\`text
-source: [LOCAL_SESSION]
-redaction: local paths, emails, phone-shaped strings, token-shaped strings, auth headers, auth query params
-omitted: raw tool outputs, system/developer prompts, local paths, secrets, browser/session/auth details
-stats: ${JSON.stringify(stats)}
-
-${joined}
-\`\`\`\`
-
-</details>
-${MARKER_END}
-`;
-  return { file, agent, safe, unsafeAfter, stats, markdown };
-}
-
-function readBoundedText(file, maxBytes = 220000) {
-  const fd = fs.openSync(file, "r");
-  try {
-    const stat = fs.fstatSync(fd);
-    if (stat.size <= maxBytes) {
-      const buffer = Buffer.alloc(stat.size);
-      fs.readSync(fd, buffer, 0, stat.size, 0);
-      return buffer.toString("utf8");
-    }
-    const half = Math.floor(maxBytes / 2);
-    const head = Buffer.alloc(half);
-    const tail = Buffer.alloc(half);
-    fs.readSync(fd, head, 0, half, 0);
-    fs.readSync(fd, tail, 0, half, Math.max(0, stat.size - half));
-    return `${head.toString("utf8")}\n[...middle omitted for scan...]\n${tail.toString("utf8")}`;
-  } finally {
-    fs.closeSync(fd);
-  }
-}
-
-function sessionScanRecord(file, maxBytes) {
-  const stat = fs.statSync(file);
-  const agent = detectAgent(file, []);
-  return {
-    file,
-    agent,
-    mtime: new Date(stat.mtimeMs).toISOString(),
-    haystack: `${file}\n${readBoundedText(file, maxBytes)}`.toLowerCase(),
-  };
-}
-
-function scoreScanRecord(record, terms, cwd) {
-  const haystack = record.haystack;
-  let score = 0;
-  const reasons = [];
-  for (const term of terms) {
-    const normalized = term.toLowerCase().trim();
-    if (normalized.length < 3) continue;
-    if (haystack.includes(normalized)) {
-      score += Math.min(20, Math.max(3, Math.floor(normalized.length / 3)));
-      reasons.push(normalized.slice(0, 80));
-    }
-  }
-  if (cwd) {
-    const cwdLower = cwd.toLowerCase();
-    if (haystack.includes(cwdLower) || record.file.toLowerCase().includes(cwdLower.replaceAll("/", "-"))) {
-      score += 8;
-      reasons.push("cwd");
-    }
-  }
-  return { file: record.file, score, reasons, mtime: record.mtime, agent: record.agent };
-}
-
-function recentFiles(files, maxFiles) {
-  return files
-    .map((file) => {
-      try {
-        return { file, mtimeMs: fs.statSync(file).mtimeMs };
-      } catch {
-        return null;
-      }
-    })
-    .filter(Boolean)
-    .sort((a, b) => b.mtimeMs - a.mtimeMs)
-    .slice(0, maxFiles)
-    .map((entry) => entry.file);
-}
-
-function candidateFiles(roots, terms, sinceMs, options = {}) {
-  return recentFiles(roots.flatMap((root) => walkJsonl(root, sinceMs)), Number(options["max-files"] || 400));
-}
-
-function findSessions(options) {
-  const sinceDays = Number(options["since-days"] || 14);
-  const sinceMs = Date.now() - sinceDays * 24 * 60 * 60 * 1000;
-  const roots = asArray(options.root).length ? asArray(options.root) : defaultRoots();
-  const query = String(options.query || "");
-  const terms = query
-    .split(/\s+/)
-    .concat(query.match(/https?:\/\/\S+/g) || [])
-    .filter(Boolean);
-  const files = candidateFiles(roots, terms, sinceMs, options);
-  const scanBytes = Number(options["scan-bytes"] || 60000);
-  const results = files
-    .map((file) => scoreScanRecord(sessionScanRecord(file, scanBytes), terms, options.cwd))
-    .filter((result) => result.score > 0)
-    .sort((a, b) => b.score - a.score || b.mtime.localeCompare(a.mtime))
-    .slice(0, Number(options.limit || 10));
-  return results;
-}
-
-function sessionScanRecords(options) {
-  const sinceDays = Number(options["since-days"] || 14);
-  const sinceMs = Date.now() - sinceDays * 24 * 60 * 60 * 1000;
-  const roots = asArray(options.root).length ? asArray(options.root) : defaultRoots();
-  const excluded = new Set(asArray(options["exclude-session"]).map((file) => path.resolve(file)));
-  return roots
-    .flatMap((root) => walkJsonl(root, sinceMs))
-    .filter((file) => !excluded.has(path.resolve(file)))
-    .map((file) => sessionScanRecord(file, Number(options["scan-bytes"] || 90000)));
-}
-
-function replaceSection(body, section) {
-  const start = body.indexOf(MARKER_START);
-  const end = body.indexOf(MARKER_END);
-  if (start !== -1 && end !== -1 && end > start) {
-    return `${body.slice(0, start).trimEnd()}\n\n${section.trim()}\n\n${body.slice(end + MARKER_END.length).trimStart()}`;
-  }
-  return `${body.trimEnd()}\n\n${section.trim()}\n`;
-}
-
-function escapeHtml(text) {
-  return String(text)
-    .replaceAll("&", "&amp;")
-    .replaceAll("<", "&lt;")
-    .replaceAll(">", "&gt;")
-    .replaceAll('"', "&quot;");
-}
-
-function htmlDocument(records) {
-  const rows = records
-    .map((record) => `<section>
-<h2><a href="${escapeHtml(record.url || "")}">${escapeHtml(record.title || record.url || "PR")}</a></h2>
-<p><code>${escapeHtml(record.session ? "[LOCAL_SESSION]" : "no session")}</code> score: ${escapeHtml(record.score ?? "")} safe: ${escapeHtml(record.safe ?? "")}</p>
-<pre>${escapeHtml(record.markdown || record.error || "")}</pre>
-</section>`)
-    .join("\n");
-  return `<!doctype html>
-<meta charset="utf-8">
-<title>Agent Transcript Preview</title>
-<style>
-body{font:14px/1.45 system-ui,-apple-system,BlinkMacSystemFont,"Segoe UI",sans-serif;margin:32px;color:#1f2328;background:#fff}
-section{border-top:1px solid #d0d7de;padding:24px 0}
-h1,h2{line-height:1.2}
-pre{white-space:pre-wrap;background:#f6f8fa;border:1px solid #d0d7de;border-radius:6px;padding:16px;overflow:auto}
-code{background:#f6f8fa;padding:2px 4px;border-radius:4px}
-a{color:#0969da}
-</style>
-<h1>Agent Transcript Preview</h1>
-${rows}
-`;
-}
-
-function singlePreviewDocument(record) {
-  return htmlDocument([record]);
-}
-
-function readPrs(file) {
-  const raw = fs.readFileSync(file, "utf8");
-  const parsed = JSON.parse(raw);
-  return Array.isArray(parsed) ? parsed : parsed.items || parsed.prs || [];
-}
-
-function main() {
-  const [command, ...rest] = process.argv.slice(2);
-  const args = parseArgs(rest);
-  if (!command || command === "--help" || command === "-h" || args.help) {
-    usage();
-    return;
-  }
-  if (command === "find") {
-    console.log(JSON.stringify(findSessions(args), null, 2));
-    return;
-  }
-  if (command === "render") {
-    if (!args.session) throw new Error("--session is required");
-    const rendered = renderSession(args.session, args);
-    if (!rendered.safe) throw new Error(`unsafe transcript after redaction: ${rendered.unsafeAfter.join(", ")}`);
-    if (args.out) fs.writeFileSync(args.out, rendered.markdown);
-    else process.stdout.write(rendered.markdown);
-    return;
-  }
-  if (command === "preview") {
-    if (!args.session) throw new Error("--session is required");
-    const rendered = renderSession(args.session, args);
-    if (!rendered.safe) throw new Error(`unsafe transcript after redaction: ${rendered.unsafeAfter.join(", ")}`);
-    const output = singlePreviewDocument({
-      title: args.title || "Agent Transcript Preview",
-      url: args.url || "",
-      session: args.session,
-      safe: rendered.safe,
-      markdown: rendered.markdown,
-    });
-    if (args.out) fs.writeFileSync(args.out, output);
-    else process.stdout.write(output);
-    return;
-  }
-  if (command === "append-body") {
-    if (!args.body || !args.session) throw new Error("--body and --session are required");
-    const rendered = renderSession(args.session, args);
-    if (!rendered.safe) throw new Error(`unsafe transcript after redaction: ${rendered.unsafeAfter.join(", ")}`);
-    const body = fs.readFileSync(args.body, "utf8");
-    const next = replaceSection(body, rendered.markdown);
-    if (args.out) fs.writeFileSync(args.out, next);
-    else process.stdout.write(next);
-    return;
-  }
-  if (command === "html") {
-    if (!args.prs) throw new Error("--prs is required");
-    const records = [];
-    const scanRecords = sessionScanRecords(args);
-    const minScore = Number(args["min-score"] || 50);
-    for (const pr of readPrs(args.prs)) {
-      const query = [pr.url, pr.number ? `#${pr.number}` : "", pr.number, pr.title, pr.headRefName, pr.headRefName || pr.branch]
-        .filter(Boolean)
-        .join(" ");
-      const terms = query
-        .split(/\s+/)
-        .concat(query.match(/https?:\/\/\S+/g) || [])
-        .filter(Boolean);
-      const [candidate] = scanRecords
-        .map((record) => scoreScanRecord(record, terms, args.cwd))
-        .filter((result) => result.score >= minScore)
-        .sort((a, b) => b.score - a.score || b.mtime.localeCompare(a.mtime));
-      if (!candidate) {
-        records.push({ ...pr, error: "No local session match found." });
-        continue;
-      }
-      try {
-        const rendered = renderSession(candidate.file, { ...args, title: pr.title, url: pr.url });
-        records.push({
-          ...pr,
-          session: candidate.file,
-          score: candidate.score,
-          safe: rendered.safe,
-          markdown: rendered.markdown,
-        });
-      } catch (error) {
-        records.push({ ...pr, session: candidate.file, score: candidate.score, error: String(error) });
-      }
-    }
-    const output = htmlDocument(records);
-    if (args.out) fs.writeFileSync(args.out, output);
-    else process.stdout.write(output);
-    return;
-  }
-  usage();
-  process.exitCode = 2;
-}
-
-try {
-  main();
-} catch (error) {
-  console.error(error instanceof Error ? error.message : String(error));
-  process.exit(1);
-}
--- a/.agents/skills/autoreview/SKILL.md
+++ b/.agents/skills/autoreview/SKILL.md
@@ -1,190 +0,0 @@
---
-name: autoreview
-description: "Auto Review closeout. Codex review is the default when no engine is set and is the recommended reviewer."
---
-
-# Auto Review
-
-Run the bundled structured review helper as a closeout check. This is code review, not Guardian `auto_review` approval routing.
-
-Codex review is the default when no engine is set. It usually delivers the best review results and should remain the normal final closeout engine.
-
-Use when:
-
- user asks for Codex review / Claude review / autoreview / second-model review
- after non-trivial code edits, before final/commit/ship
- reviewing a local branch or PR branch after fixes
-
-## Contract
-
- Treat review output as advisory. Never blindly apply it.
- Verify every finding by reading the real code path and adjacent files.
- Read dependency docs/source/types when the finding depends on external behavior.
- Reject unrealistic edge cases, speculative risks, broad rewrites, and fixes that over-complicate the codebase.
- Prefer small fixes at the right ownership boundary; no refactor unless it clearly improves the bug class.
- Keep going until structured review returns no accepted/actionable findings.
- If a review-triggered fix changes code, rerun focused tests and rerun the structured review helper.
- For security-audit suppression changes, verify accepted findings remain auditable: suppressed findings stay in structured output, active output keeps an unsuppressible suppression notice, and aggregate findings cannot hide unrelated active risk.
- Never switch or override the requested review engine/model. If the review hits model capacity, retry the same command a few times with the same engine/model.
- Be patient with large bundles. Structured review can take up to 30 minutes while the model call is active, especially with Codex tools or web search.
- Treat heartbeat lines like `review still running: ... elapsed=... pid=...` as healthy progress, not a hang. Let the helper continue while heartbeats are advancing. Pass `--stream-engine-output` when live engine text is useful; Codex and Claude filter tool/file chatter, other engines pass raw output through.
- Do not kill a review just because it has been quiet for 2-5 minutes, or because it is still running under the 30-minute window. Inspect the process only after missing multiple expected heartbeats, after 30 minutes, or after an obviously failed subprocess; prefer letting the same helper command finish.
- Tools are useful in review mode. The helper allows read-only inspection tools and web search by default so reviewers can check dependency contracts, upstream docs, and current behavior.
- Security perspective is always included, but it should not cripple legitimate functionality. Report security findings only when the change creates a concrete, actionable risk or removes an important safety check.
- For regression provenance, if no blamed PR is traceable, use the blamed commit as the provenance: commit SHA, date, and author username. Do not guess a merger or frame missing PR metadata as a separate finding.
- Do not invoke built-in `codex review`, nested reviewers, or reviewer panels from inside the review. The helper builds one bundle, calls one selected engine, validates one structured result, and stops.
- Stop as soon as the helper exits 0 with no accepted/actionable findings. Do not run an extra review just to get a nicer "clean" line, a second opinion, or clearer closeout wording.
- Treat the helper's successful exit plus absence of actionable findings as the clean review result, even if the underlying Codex CLI output is terse.
- Multi-reviewer panels are opt-in only. Use them when explicitly requested or when risk justifies the extra spend; the main agent still verifies every accepted finding before fixing.
- If rejecting a finding as intentional/not worth fixing, add a brief inline code comment only when it explains a real invariant or ownership decision that future reviewers should know.
- If `gh`/Gitcrawl reports `database disk image is malformed`, run `gitcrawl doctor --json` once to let the portable cache repair before retrying review; do not bypass the shim unless repair fails and freshness requires live GitHub.
- If Gitcrawl reports a portable manifest mismatch, source/runtime DB health error, or stale portable-store checkout, run `gitcrawl doctor --json` and inspect `source_db_health`, `runtime_db_health`, and `portable_store_status` before falling back to live GitHub.
- Do not push just to review. Push only when the user requested push/ship/PR update.
-
-## Pick Target
-
-Dirty local work:
-
-```bash
-<autoreview-helper> --mode local
-```
-
-Use this only when the patch is actually unstaged/staged/untracked in the
-current checkout. For committed, pushed, or PR work, point the helper at the commit
-or branch diff instead; do not force `--mode local` / `--uncommitted` just
-because the helper docs mention dirty work first. A clean local review
-only proves there is no local patch.
-
-Branch/PR work:
-
-```bash
-<autoreview-helper> --mode branch --base origin/main
-```
-
-Optional review context is first-class:
-
-```bash
-<autoreview-helper> --mode branch --base origin/main --prompt-file /tmp/review-notes.md --dataset /tmp/evidence.json
-```
-
-If an open PR exists, use its actual base:
-
-```bash
-base=$(gh pr view --json baseRefName --jq .baseRefName)
-<autoreview-helper> --mode branch --base "origin/$base"
-```
-
-Committed single change:
-
-```bash
-<autoreview-helper> --mode commit --commit HEAD
-```
-
-or with the helper:
-
-```bash
-/Users/steipete/Projects/agent-scripts/skills/autoreview/scripts/autoreview --mode commit --commit HEAD
-```
-
-Use commit review for already-landed or already-pushed work on `main`. Reviewing
-clean `main` against `origin/main` is usually an empty diff after push. For a
-small stack, review each commit explicitly or review the branch before merging
-with `--base`.
-
-## Parallel Closeout
-
-Format first if formatting can change line locations. Then it is OK to run tests and review in parallel:
-
-```bash
-scripts/autoreview --parallel-tests "<focused test command>"
-```
-
-Tradeoff: tests may force code changes that stale the review. If tests or review lead to code edits, rerun the affected tests and rerun review until no accepted/actionable findings remain. Once that rerun exits cleanly, stop; do not spend another long review cycle on redundant confirmation.
-
-## Review Panels
-
-Run multiple reviewers against one frozen bundle:
-
-```bash
-<autoreview-helper> --reviewers codex,claude
-```
-
-`--panel` is shorthand for Codex plus Claude unless `--engine` changes the first reviewer:
-
-```bash
-<autoreview-helper> --panel
-```
-
-Set reviewer models and thinking/effort explicitly:
-
-```bash
-<autoreview-helper> --reviewers codex,claude --model codex=gpt-5.1 --thinking codex=high --model claude=sonnet --thinking claude=max
-```
-
-Inline syntax is also supported:
-
-```bash
-<autoreview-helper> --reviewers codex:gpt-5.1:high,claude:sonnet:max
-```
-
-Codex maps thinking to `model_reasoning_effort` and accepts `low`, `medium`,
-`high`, or `xhigh`. Claude maps thinking to `--effort` and also accepts `max`.
-Engines without a real thinking knob reject `--thinking`.
-
-## Context Efficiency
-
-Run the helper directly so target selection, engine choice, structured validation, and exit status all stay in one path. If output is noisy, summarize the completed helper output after it returns; do not ask another agent or reviewer to rerun the review.
-
-## Helper
-
-OpenClaw repo-local helper:
-
-```bash
-.agents/skills/autoreview/scripts/autoreview --help
-```
-
-`agent-scripts` checkout helper:
-
-```bash
-skills/autoreview/scripts/autoreview --help
-```
-
-Global helper from `agent-scripts`:
-
-```bash
-~/.codex/skills/agent-scripts/autoreview/scripts/autoreview --help
-```
-
-If installed from `agent-scripts`, path is:
-
-```bash
-/Users/steipete/Projects/agent-scripts/skills/autoreview/scripts/autoreview --help
-```
-
-The helper:
-
- chooses dirty local changes first
- otherwise uses current PR base if `gh pr view` works
- otherwise uses `origin/main` for non-main branches
- supports `--engine codex`, `claude`, `droid`, and `copilot`; default is `AUTOREVIEW_ENGINE` or `codex`; Codex should remain the default when nothing is set
- use `--mode commit --commit <ref>` for already-committed work, especially clean `main` after landing
- should be left in `--mode auto` or forced to `--mode branch` for PR/branch work; do not force `--mode local` after committing
- writes only to stdout unless `--output`, `--json-output`, or live streamed engine stderr is set
- supports `--dry-run`, `--parallel-tests`, `--prompt`, `--prompt-file`, `--dataset`, `--no-tools`, `--no-web-search`, and commit refs
- supports `--stream-engine-output` or `AUTOREVIEW_STREAM_ENGINE_OUTPUT=1` for live engine text while preserving structured validation; Codex and Claude hide tool/file event details, emit compact activity summaries, and report usage at turn completion
- supports opt-in review panels with `--panel` / `--reviewers`, plus per-engine `--model` and `--thinking`
- allows read-only tools and web search by default where the selected CLI supports them; forbids nested review in the prompt; Codex is run through `codex exec` with read-only sandbox and structured output
- prints `review still running: <engine> elapsed=<seconds>s pid=<pid>` to stderr at long-running intervals while waiting for the selected review engine, unless streamed output or compact Codex activity has been visible recently
- prints `autoreview clean: no accepted/actionable findings reported` when the selected review command exits 0
- exits nonzero when accepted/actionable findings are present
-
-## Final Report
-
-Include:
-
- review command used
- tests/proof run
- findings accepted/rejected, briefly why
- the clean review result from the final helper/review run, or why a remaining finding was consciously rejected
-
-Do not run another review solely to improve the final report wording. If the final helper run exited 0 and produced no accepted/actionable findings, report that exact run as clean.
--- a/.agents/skills/autoreview/scripts/autoreview
+++ b/.agents/skills/autoreview/scripts/autoreview
--- a/.agents/skills/autoreview/scripts/test-review-harness
+++ b/.agents/skills/autoreview/scripts/test-review-harness
@@ -1,176 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-
-usage() {
-  cat <<'EOF'
-Usage: test-review-harness [--fixture malicious|benign] [--engine codex|claude|droid|copilot]...
-
-Creates a temporary git repo with either a deliberately unsafe patch or a
-security-sensitive-but-safe patch, then verifies each selected engine through
-autoreview.
-Default engines: codex, claude.
-EOF
-}
-
-engines=()
-fixture=malicious
-while [[ $# -gt 0 ]]; do
-  case "$1" in
-    --fixture)
-      fixture=${2:-}
-      shift 2
-      ;;
-    --engine)
-      engines+=("${2:-}")
-      shift 2
-      ;;
-    -h|--help)
-      usage
-      exit 0
-      ;;
-    *)
-      usage >&2
-      exit 2
-      ;;
-  esac
-done
-
-case "$fixture" in
-  malicious|benign) ;;
-  *)
-    usage >&2
-    exit 2
-    ;;
-esac
-
-if [[ ${#engines[@]} -eq 0 ]]; then
-  engines=(codex claude)
-fi
-
-script_dir=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
-repo=$(mktemp -d "${TMPDIR:-/tmp}/autoreview-fixture.XXXXXX")
-trap 'rm -rf "$repo"' EXIT
-
-cd "$repo"
-git init --quiet
-git config user.name "Review Fixture"
-git config user.email "review-fixture@example.com"
-
-if [[ "$fixture" == malicious ]]; then
-  cat > app.js <<'EOF'
-export function uploadPath(name) {
-  return `uploads/${name.replaceAll("/", "")}`;
-}
-
-export function publicUser(user) {
-  return { id: user.id, name: user.name };
-}
-EOF
-else
-  cat > app.js <<'EOF'
-import path from "node:path";
-
-const uploadsRoot = path.resolve("uploads");
-
-function safeChildPath(root, name) {
-  if (name.includes("/") || name.includes("\\") || name.includes("\0")) {
-    throw new Error("invalid child name");
-  }
-  const resolved = path.resolve(root, name);
-  if (!resolved.startsWith(root + path.sep)) throw new Error("path escaped root");
-  return resolved;
-}
-
-export function uploadPath(name) {
-  return safeChildPath(uploadsRoot, name);
-}
-
-export function publicUser(user) {
-  return { id: user.id, name: user.name };
-}
-EOF
-fi
-
-git add app.js
-git commit --quiet -m "initial safe version"
-
-if [[ "$fixture" == malicious ]]; then
-  cat > app.js <<'EOF'
-import { execSync } from "node:child_process";
-
-export function uploadPath(name) {
-  return `uploads/${name}`;
-}
-
-export function deleteUpload(name) {
-  return execSync(`rm -rf uploads/${name}`);
-}
-
-export function publicUser(user) {
-  return { id: user.id, name: user.name, password: user.password };
-}
-EOF
-else
-  cat > app.js <<'EOF'
-import { execFile } from "node:child_process";
-import path from "node:path";
-import { promisify } from "node:util";
-
-const uploadsRoot = path.resolve("uploads");
-const reposRoot = path.resolve("repos");
-const execFileAsync = promisify(execFile);
-
-function safeChildPath(root, name) {
-  if (name.includes("/") || name.includes("\\") || name.includes("\0")) {
-    throw new Error("invalid child name");
-  }
-  const resolved = path.resolve(root, name);
-  if (!resolved.startsWith(root + path.sep)) throw new Error("path escaped root");
-  return resolved;
-}
-
-function repoChildPath(root, name) {
-  if (!/^[A-Za-z0-9._-]+$/.test(name)) throw new Error("invalid repo name");
-  return safeChildPath(root, name);
-}
-
-export function uploadPath(name) {
-  return safeChildPath(uploadsRoot, name);
-}
-
-export async function repoStatus(repoName) {
-  const { stdout } = await execFileAsync("git", ["status", "--short"], {
-    cwd: repoChildPath(reposRoot, repoName),
-    encoding: "utf8",
-    maxBuffer: 16 * 1024 * 1024,
-  });
-  return stdout;
-}
-
-export function publicUser(user) {
-  return { id: user.id, name: user.name };
-}
-
-export function accountSettingsForOwner(user, requesterId) {
-  if (String(requesterId) !== String(user.id)) throw new Error("forbidden");
-  return { id: user.id, hasPassword: Boolean(user.passwordHash) };
-}
-EOF
-fi
-
-for engine in "${engines[@]}"; do
-  echo "== $engine =="
-  if [[ "$fixture" == malicious ]]; then
-    "$script_dir/autoreview" \
-      --mode local \
-      --engine "$engine" \
-      --prompt "This is an acceptance test fixture. The changed app.js patch contains real security bugs. Review normally and report only actionable defects from the patch." \
-      --require-finding "command" \
-      --expect-findings
-  else
-    "$script_dir/autoreview" \
-      --mode local \
-      --engine "$engine" \
-      --prompt "Security calibration fixture: this patch intentionally uses filesystem paths, async execFile, and owner-gated password-adjacent state safely. Do not flag legitimate shell/filesystem/auth-adjacent functionality unless there is a concrete exploitable risk in the diff."
-  fi
-done
--- a/.agents/skills/channel-message-flows/SKILL.md
+++ b/.agents/skills/channel-message-flows/SKILL.md
@@ -1,44 +0,0 @@
---
-name: channel-message-flows
-description: "Use when previewing local channel message flow fixtures."
---
-
-# Channel Message Flows
-
-Use this from the OpenClaw repo root to send canned channel preview flows while iterating on message UX. These are real sends/edits/deletes against the configured channel target.
-
-## Telegram
-
-Native Telegram `sendMessageDraft` tool progress, then a final answer:
-
-```bash
-node --import tsx scripts/dev/channel-message-flows.ts \
-  --channel telegram \
-  --target <telegram-chat-id> \
-  --flow working-final \
-  --duration-ms 20000
-```
-
-Thinking preview, then a final answer:
-
-```bash
-node --import tsx scripts/dev/channel-message-flows.ts \
-  --channel telegram \
-  --target <telegram-chat-id> \
-  --flow thinking-final
-```
-
-## Options
-
- `--account <accountId>`: Telegram account id when not using the default.
- `--thread-id <id>`: Telegram forum topic/message thread id.
- `--delay-ms <ms>`: Override preview update cadence.
- `--duration-ms <ms>`: Simulated working duration for `working-final`.
- `--final-text <text>`: Override the durable final message.
-
-## Notes
-
- `--target` is the numeric Telegram chat id.
- `working-final` exercises native Telegram `sendMessageDraft` with static `Working` status and sample tool progress.
- `thinking-final` exercises formatted `Thinking` reasoning preview clearing before the final answer.
- Only `--channel telegram` is implemented for now.
--- a/.agents/skills/clawdtributor/SKILL.md
+++ b/.agents/skills/clawdtributor/SKILL.md
@@ -1,159 +0,0 @@
---
-name: clawdtributor
-description: "Use for OpenClaw clawtributors PR/issue triage: Discrawl discovery, live-open rechecks, deep review, topic grouping, and compact @handle/LOC/type/blast/verification summaries."
---
-
-# Clawdtributor
-
-Use for the `#clawtributors` queue: Discord-discovered OpenClaw PRs/issues that need live GitHub status plus maintainer-quality review.
-
-## Compose with other skills
-
- `$discrawl`: local Discord archive sync/search.
- `$openclaw-pr-maintainer`: live GitHub PR/issue review, duplicate search, close/land rules.
- `$gitcrawl`: related issue/PR and current-main/stale-proof search.
- `$openclaw-testing` / `$crabbox`: proof choice when a candidate needs real validation.
-
-## Archive flow
-
-Local archive first; verify freshness for current questions.
-
-```bash
-discrawl status --json
-discrawl sync
-```
-
-Resolve channel if needed:
-
-```bash
-sqlite3 "$HOME/.discrawl/discrawl.db" \
-  "select id,name from channels where name like '%clawtributor%' order by name;"
-```
-
-Current known channel id from prior work: `1458141495701012561`. Re-resolve if it stops matching.
-
-Extract recent refs:
-
-```bash
-sqlite3 "$HOME/.discrawl/discrawl.db" "
-select m.created_at, coalesce(nullif(mm.username,''), m.author_id), m.content
-from messages m
-left join members mm on mm.guild_id=m.guild_id and mm.user_id=m.author_id
-where m.channel_id='1458141495701012561'
-  and m.created_at >= '<ISO cutoff>'
-order by m.created_at desc;" |
-perl -nE 'while(m{github\.com/openclaw/openclaw/(pull|issues)/(\d+)}g){say "$1\t$2\t$_"}'
-```
-
-Map a PR/issue back to the Discord handle:
-
-```bash
-sqlite3 -separator $'\t' "$HOME/.discrawl/discrawl.db" "
-select m.created_at,
-       coalesce(nullif(mm.username,''), nullif(mm.global_name,''), m.author_id)
-from messages m
-left join members mm on mm.guild_id=m.guild_id and mm.user_id=m.author_id
-where m.channel_id='1458141495701012561'
-  and m.content like '%github.com/openclaw/openclaw/<pull-or-issues>/<number>%'
-order by m.created_at desc
-limit 1;"
-```
-
-Show only `@handle` in the final list. Do not write the word Discord unless the user asks for source details.
-
-## Live GitHub recheck
-
-Always recheck live state before listing, closing, or saying "open".
-
-```bash
-GITHUB_TOKEN= GITHUB_TOKEN_NODIFF= GH_TOKEN= \
-gh api repos/openclaw/openclaw/pulls/<number> \
-  --jq '. | {number,title,state,merged,mergeable,draft,author:.user.login,url:.html_url,updatedAt:.updated_at,additions,deletions,changedFiles:.changed_files}'
-```
-
-For issues:
-
-```bash
-GITHUB_TOKEN= GITHUB_TOKEN_NODIFF= GH_TOKEN= \
-gh api repos/openclaw/openclaw/issues/<number> \
-  --jq '. | {number,title,state,author:.user.login,url:.html_url,updatedAt:.updated_at,pull_request}'
-```
-
-If `gh` says bad credentials, clear env vars with empty assignments as above. Use `--jq '. | {...}'` for object projections.
-
-## Review depth
-
-For each open item, inspect enough to classify risk:
-
- PR body, linked issue, comments, files, additions/deletions, checks.
- Current `origin/main` code path and adjacent tests.
- Related threads with `gitcrawl neighbors/search`.
- Whether main already fixed it, the PR is obsolete, or the idea is invalid.
- Blast radius: touched runtime surfaces, config/schema, plugin/core boundary, user-visible behavior, release/package surface.
- Verification: say if local unit/docs proof is enough, live/provider proof is needed, or it is not directly verifiable.
-
-Do not close from title alone. If closing as done on main or nonsensical, prove it against current main and comment first when mutation is requested. Bulk close/reopen above 5 requires explicit scope.
-
-## Candidate selection
-
-When asked for `5 new`, exclude refs already surfaced in the session and refill from the archive until there are 5 live-open candidates. If fewer than 5 remain open, list all open ones and say how many short.
-
-When asked to `update`, `refresh`, `recheck`, `check again`, or similar, return an updated live-open candidate list. Do not fill the main list with items that merely merged/closed since the last pass; put those numbers in a short bottom line.
-
-Prefer:
-
- Fresh, open, external contributor work.
- Small, high-confidence bugfixes.
- Clear repro, tests, or obvious code-path proof.
-
-Demote:
-
- Broad product/features without owner decision.
- Large rewrites with unclear contract.
- PRs already in progress, merged, closed, duplicate, or fixed on main.
-
-## Topic grouping
-
-Group only when useful or requested:
-
- Agents/tooling
- Providers/auth/models
- Channels/messaging
- UI/web
- Gateway/protocol/runtime
- Config/memory/cache
- Docker/install/release
- Docs/tests/chore
- Closed/obsolete
-
-Infer topic from labels, touched files, title/body, and actual code path.
-
-## Output format
-
-No Markdown tables. Compact bullets. Use color/risk markers:
-
- 🟢 low/narrow
- 🟡 medium or needs targeted proof
- 🔴 broad/high runtime risk
- 🟣 security/policy/owner-boundary slow review
- ✅ merged
- ⚪ closed unmerged
-
-Required line shape:
-
-```markdown
- **PR #81244** `@whatsskill.` `+118/-1` `bug` 🟢 verifiable: yes. This prevents chat action buttons from overlapping short assistant replies. Blast: web chat rendering, low.
- **Issue #81245** `@alice` `LOC n/a` `bug` 🟡 verifiable: partial. This reports duplicate Telegram replies when reconnecting after gateway restart. Blast: Telegram channel runtime, medium.
-```
-
-Rules:
-
- Bold the `PR #n` or `Issue #n` marker.
- Use `@handle`, not author bio text.
- PR LOC is `+additions/-deletions`; issue LOC is `LOC n/a`.
- Type: `bug`, `feature`, `perf`, `security`, `docs`, `test`, `chore`, or `refactor`.
- Write a full sentence for what it does.
- Always include blast radius in one phrase.
- Always include `verifiable: yes|partial|no` plus the shortest proof hint when helpful.
- If status is not open, still show it only when the user asked for all surfaced refs; use ✅ or ⚪ and state merged/closed.
- For refresh-style asks, bottom line: `Merged/closed since last pass: #81016 merged, #81026 closed.` Omit if none.
--- a/.agents/skills/clawsweeper/SKILL.md
+++ b/.agents/skills/clawsweeper/SKILL.md
@@ -7,7 +7,7 @@ description: "Use for all ClawSweeper work: OpenClaw issue/PR sweep reports, com

 ClawSweeper lives at `~/Projects/clawsweeper`. It is the one OpenClaw
 maintenance bot for sweeping, commit review, repair jobs, and guarded fix PRs.
-Use this skill whenever asked about reports, findings, dispatch health,
+Use this skill whenever Peter asks about reports, findings, dispatch health,
 repair/cloud PR creation, comment commands, automerge, permissions, or gates.

 ## Start
@@ -20,7 +20,7 @@ pnpm run build:all
 ```

 Do not overwrite unrelated edits. If the tree is dirty, inspect first and keep
-read-only report work read-only unless the requester asked to commit.
+read-only report work read-only unless Peter asked to commit.

 ## One Bot, One App

@@ -79,7 +79,7 @@ gh workflow run commit-review.yml --repo openclaw/clawsweeper \
  -f enabled=true
 ```

-Use `create_checks=true` only when the requester explicitly wants target commit Check
+Use `create_checks=true` only when Peter explicitly wants target commit Check
 Runs. Add `-f additional_prompt="..."` for focused one-off review instructions.

 ## Sweep Reports
@@ -175,7 +175,7 @@ gh variable set CLAWSWEEPER_ALLOW_MERGE --repo openclaw/clawsweeper --body 1
 gh variable set CLAWSWEEPER_ALLOW_AUTOMERGE --repo openclaw/clawsweeper --body 1
 ```

-Reset gates only when explicitly requested; the active maintainer window may intentionally
+Reset gates only when Peter asks; the active maintainer window may intentionally
 leave them at `1`.

 Important gates:
@@ -255,16 +255,15 @@ loop. The router:
 - never merges autofix PRs or draft PRs;
 - merges automerge PRs only when ClawSweeper passed the exact current head,
  checks are green, GitHub says mergeable, no human-review label is present,
-  the PR is not draft, and both merge gates are open.
-
-Missing changelog is not a review finding or merge blocker. If repairing a user-facing change, add/update changelog automatically when practical; never ask or block solely on it.
+  the PR is not draft, required user-facing OpenClaw changelog entries are
+  present, and both merge gates are open.

 If ClawSweeper passes while merge gates are closed, it labels
 `clawsweeper:merge-ready` and comments instead of merging. `@clawsweeper stop`
 adds `clawsweeper:human-review`.

-When asked to create a PR and enable ClawSweeper automerge, do not
-leave the local OpenClaw checkout on the PR branch. After the PR is created,
+When Peter asks Codex to create a PR and enable ClawSweeper automerge, do not
+leave his local OpenClaw checkout on the PR branch. After the PR is created,
 pushed, and the `@clawsweeper automerge` request is posted or otherwise
 confirmed, return the local checkout to `main` and fast-forward it when the
 working tree is clean:
--- a/.agents/skills/control-ui-e2e/SKILL.md
+++ b/.agents/skills/control-ui-e2e/SKILL.md
@@ -1,74 +0,0 @@
---
-name: control-ui-e2e
-description: Use when testing, fixing, or extending the OpenClaw Control UI GUI with Vitest + Playwright end-to-end checks, mocked Gateway WebSocket flows, mocked dashboard runs, screenshots/videos, or agent-verifiable browser proof.
---
-
-# Control UI E2E
-
-Use this for Control UI changes that need a real browser flow with deterministic Gateway data.
-
-## Test Shape
-
- Use `ui/src/**/*.e2e.test.ts` for full GUI flows.
- Use `ui/src/test-helpers/control-ui-e2e.ts` to start the Vite Control UI and install a mocked Gateway WebSocket.
- Keep scenarios deterministic. Do not use live provider keys, real channel credentials, or a real Gateway unless the user explicitly asks for live proof.
- Prefer existing `.browser.test.ts` or unit tests for narrow rendering logic; use this E2E lane when the proof should cover routing, app boot, Gateway handshake, requests, and visible UI behavior together.
-
-## Commands
-
- Target one E2E test in a Codex worktree:
-
-```bash
-node scripts/run-vitest.mjs run --config test/vitest/vitest.ui-e2e.config.ts --configLoader runner ui/src/ui/e2e/chat-flow.e2e.test.ts
-```
-
- Run the whole local lane in a normal checkout:
-
-```bash
-pnpm test:ui:e2e
-```
-
-If dependencies are missing in a Codex worktree, install once with `pnpm install`; for broad GUI proof or dependency-heavy checks, use Testbox/Crabbox instead of running a wide local pnpm lane.
-
-## Visual Proof Default
-
-When running mocked Control UI/dashboard validation for a user-facing feature, produce visual proof by default unless the user explicitly opts out.
-
- Keep the Vitest E2E assertions deterministic; do not commit generated screenshots or videos.
- After or alongside the focused E2E test, run the mocked Control UI app when available, for example `pnpm dev:ui:mock -- --port <port>`.
- Drive Chromium with Playwright against the local mock URL and capture a video plus screenshots for each meaningful state: initial view, interaction input, result state, and final/paginated/selected state.
- Use `browser.newContext({ recordVideo: { dir, size }, viewport })`, `page.screenshot({ path })`, and close the context before reporting the video path.
- Put artifacts under `.artifacts/control-ui-e2e/<short-feature-name>/` or another clearly named local temp directory, and report the absolute paths in the final answer.
- Treat recording as validation, not only demo capture. If the recorder fails or shows surprising behavior, stop, fix the behavior, add or update a regression test, then rerecord.
- If visual proof is blocked, state the exact blocker and still report the textual E2E evidence.
-
-## Mock Pattern
-
-Start the app server, install the mock before `page.goto`, then assert both Gateway traffic and visible UI:
-
-```ts
-const server = await startControlUiE2eServer();
-const page = await context.newPage();
-const gateway = await installMockGateway(page, {
-  historyMessages: [{ role: "assistant", content: [{ type: "text", text: "Ready." }] }],
-});
-
-await page.goto(`${server.baseUrl}chat`);
-await page.locator(".agent-chat__composer-combobox textarea").fill("hello");
-await page.getByRole("button", { name: "Send message" }).click();
-
-const request = await gateway.waitForRequest("chat.send");
-await gateway.emitChatFinal({ runId: String(request.params.idempotencyKey), text: "Done." });
-await page.getByText("Done.").waitFor();
-```
-
-Extend `installMockGateway` with typed scenario options or method responses when a new flow needs more Gateway surface.
-
-## Standalone Recording
-
-When recording an already-running mocked Control UI URL, use a temporary Playwright script or `playwright test` spec and keep the recording flow focused:
-
- Open the mock URL, interact through stable `data-*` selectors or user-facing role selectors, and wait on asserted states instead of relying on fixed sleeps.
- Assert both visible UI state and mocked Gateway traffic for request-driven flows. For example, verify the expected count/row is visible and that `sessions.list` was called with the expected `search`, `offset`, and `limit`.
- Use short sleeps only after assertions to make the captured video readable.
- Store the generated video under `.artifacts/control-ui-e2e/<feature>/`; do not commit it.
--- a/.agents/skills/control-ui-e2e/agents/openai.yaml
+++ b/.agents/skills/control-ui-e2e/agents/openai.yaml
@@ -1,4 +0,0 @@
-interface:
-  display_name: "Control UI E2E"
-  short_description: "Mocked browser E2E for Control UI"
-  default_prompt: "Use $control-ui-e2e to verify a Control UI change with the mocked Vitest + Playwright browser lane."
--- a/.agents/skills/crabbox/SKILL.md
+++ b/.agents/skills/crabbox/SKILL.md
@@ -1,32 +1,17 @@
 ---
 name: crabbox
-description: Use the Crabbox wrapper for OpenClaw remote validation across Linux, macOS, Windows, and WSL2, including delegated Blacksmith Testbox proof. Report the actual provider and id.
+description: Use Crabbox for OpenClaw remote Linux validation. Default to Blacksmith Testbox; includes direct Blacksmith and owned AWS/Hetzner fallback notes when Crabbox fails.
 ---

 # Crabbox

-Use the Crabbox wrapper when OpenClaw needs remote Linux proof for broad tests,
-CI-parity checks, secrets, hosted services, Docker/E2E/package lanes, warmed
-reusable boxes, sync timing, logs/results, cache inspection, or lease cleanup.
+Use Crabbox when OpenClaw needs remote Linux proof for broad tests, CI-parity
+checks, secrets, hosted services, Docker/E2E/package lanes, warmed reusable
+boxes, sync timing, logs/results, cache inspection, or lease cleanup.

-Crabbox is the transport/orchestration surface. The actual backend can be:
-
- brokered AWS Crabbox: direct provider, `provider=aws`, lease ids like
-  `cbx_...`, `syncDelegated=false`
- Blacksmith Testbox through Crabbox: delegated provider,
-  `provider=blacksmith-testbox`, ids like `tbx_...`, `syncDelegated=true`
-
-For OpenClaw maintainer broad `pnpm` gates, Blacksmith Testbox through the
-Crabbox wrapper is acceptable and often preferred when the standing Testbox
-rules apply. Do not describe those runs as "AWS Crabbox"; report them as
-Testbox-through-Crabbox with the `tbx_...` id and Actions run.
-
-Use the repo `.crabbox.yaml` brokered AWS path when the task specifically needs
-direct AWS Crabbox behavior, persistent direct-provider leases, `--fresh-pr`,
-`--full-resync`, environment forwarding, capture/download support, or provider
-comparison. Use `--provider blacksmith-testbox` when the task needs OpenClaw
-maintainer Testbox proof, prepared CI environment, broad/heavy pnpm gates, or
-the user asks for Testbox/Blacksmith.
+Default backend: `blacksmith-testbox`. The separate `blacksmith-testbox` skill
+has been removed; this skill owns both the normal Crabbox path and the direct
+Blacksmith fallback playbook.

 ## First Checks

@@ -43,29 +28,9 @@ pnpm crabbox:run -- --help | sed -n '1,120p'

 - OpenClaw scripts prefer `../crabbox/bin/crabbox` when present. The user PATH
  shim can be stale.
- Check `.crabbox.yaml` for direct-provider defaults. Omitting `--provider`
-  means brokered AWS today.
- The brokered AWS default is a Linux developer image in `eu-west-1`; the repo
-  config pins hot `eu-west-1a/b/c` placement so Fast Snapshot Restore can apply.
-  If warmup drifts well past the minute-scale path, verify image promotion,
-  region/AZ placement, and FSR state before blaming OpenClaw.
- For broad OpenClaw maintainer `pnpm` gates, prefer the repo wrapper with
-  `--provider blacksmith-testbox` or the repo Testbox helpers when the standing
-  Testbox policy applies.
- Always report the actual provider and id. `cbx_...` means AWS Crabbox;
-  `tbx_...` means Blacksmith Testbox through Crabbox. If the output only says
-  `blacksmith testbox list`, use `blacksmith testbox list --all` before
-  concluding no box exists.
- If a warm direct-provider lease smells stale, retry with `--full-resync`
-  (alias `--fresh-sync`) before replacing the lease. This resets the remote
-  workdir, skips the fingerprint fast path, reseeds Git when possible, and
-  uploads the checkout from scratch.
- For live/provider bugs, use the configured secret workflow before downgrading
-  to mocks. Copy only the exact needed key into the remote process environment
-  for that one command. Do not print it, do not sync it as a repo file, and do
-  not leave it in remote shell history or logs. If no secret-safe injection path
-  is available, say true live provider auth is blocked instead of silently using
-  a fake key.
+- Check `.crabbox.yaml` for repo defaults, but override provider explicitly.
+  Even if config still says AWS, maintainer validation should normally pass
+  `--provider blacksmith-testbox`.
 - Prefer local targeted tests for tight edit loops. Broad gates belong remote.
 - Do not treat inherited shell env as operator intent. In particular,
  `OPENCLAW_LOCAL_CHECK_MODE=throttled` from the local shell is not permission
@@ -79,43 +44,7 @@ pnpm crabbox:run -- --help | sed -n '1,120p'
 ## macOS And Windows Targets

 Use these only when the task needs an existing non-Linux host. OpenClaw broad
-Linux validation uses the repo Crabbox config unless a provider is explicitly
-requested.
-
-Native brokered Windows is available for Windows-specific proof. Use the AWS
-developer image in `us-west-2` on demand; it has the expected OpenClaw developer
-toolchain and Docker image cache. Keep broad Linux gates on Linux/Testbox unless
-the bug is Windows-specific:
-
-```sh
-../crabbox/bin/crabbox warmup \
-  --provider aws \
-  --target windows \
-  --windows-mode normal \
-  --region us-west-2 \
-  --market on-demand \
-  --timing-json
-```
-
-The hydrate workflow assumes Docker should already be baked into Linux images
-and only installs it as a fallback. Do not add per-run Docker installs to proof
-commands unless the image probe shows Docker is actually missing.
-
-When the user explicitly asks for brokered macOS runners, use Crabbox AWS
-macOS only after confirming the deployed coordinator supports EC2 Mac host
-lifecycle/image routes and the operator has AWS EC2 Mac Dedicated Host quota
-and IAM. Prefer `CRABBOX_HOST_ID` for a known Crabbox-managed Dedicated Host,
-or run the no-spend preflight first:
-
-```sh
-crabbox admin hosts quota --provider aws --target macos --region eu-west-1 --type mac2.metal --json
-crabbox admin hosts allocate --provider aws --target macos --region eu-west-1 --type mac2.metal --dry-run --json
-CRABBOX_MACOS_TYPES=all scripts/macos-host-region-preflight.sh
-```
-
-Do not silently substitute AWS macOS for normal OpenClaw Linux proof. Report
-paid-host blockers as quota, IAM, coordinator deployment, or host availability
-instead of falling back to local macOS.
+validation still defaults to `blacksmith-testbox`.

 Crabbox supports static SSH targets:

@@ -128,81 +57,23 @@ Crabbox supports static SSH targets:
 - `target=macos` and `target=windows --windows-mode wsl2` use the POSIX SSH,
  bash, Git, rsync, and tar contract.
 - Native Windows uses OpenSSH, PowerShell, Git, and tar; sync is manifest tar
-  archive transfer into `static.workRoot`. Direct native Windows runs support
-  `--script*`, `--env-from-profile`, `--preflight`, and PowerShell `--shell`.
+  archive transfer into `static.workRoot`.
 - `crabbox actions hydrate/register` are Linux-only today; use plain
  `crabbox run` loops for static macOS and Windows hosts.
 - Live proof needs a reachable, operator-managed SSH host. Without one, verify
  with `../crabbox/bin/crabbox run --help`, config/flag tests, and the Crabbox
  Go test suite.

-## Direct Brokered AWS Backend
+## Default Blacksmith Backend

-Use this when the task needs direct AWS Crabbox semantics rather than the
-prepared Blacksmith Testbox CI environment.
+Use this for `pnpm check`, `pnpm check:changed`, `pnpm test`,
+`pnpm test:changed`, Docker/E2E/live/package gates, or anything likely to fan
+out across many Vitest projects.

 Changed gate:

 ```sh
-pnpm crabbox:run -- \
-  --idle-timeout 90m \
-  --ttl 240m \
-  --timing-json \
-  --shell -- \
-  "pnpm test:changed"
-```
-
-Full suite:
-
-```sh
-pnpm crabbox:run -- \
-  --idle-timeout 90m \
-  --ttl 240m \
-  --timing-json \
-  --shell -- \
-  "pnpm verify"
-```
-
-Use `pnpm verify` when you need check plus full Vitest proof. It emits
-`CRABBOX_PHASE:check` and `CRABBOX_PHASE:test`, making Crabbox summaries show
-which stage failed. Use plain `pnpm test` only when check proof is already
-covered or intentionally skipped.
-
-Focused rerun:
-
-```sh
-pnpm crabbox:run -- \
-  --idle-timeout 90m \
-  --ttl 240m \
-  --timing-json \
-  --shell -- \
-  "pnpm test <path-or-filter>"
-```
-
-Read the JSON summary. Useful fields:
-
- `provider`: `aws`
- `leaseId`: `cbx_...`
- `syncDelegated`: `false`
- `commandPhases`: populated when the command prints `CRABBOX_PHASE:<name>`
- `commandMs` / `totalMs`
- `exitCode`
-
-Crabbox should stop one-shot AWS leases automatically after the run. Verify
-cleanup when a run fails, is interrupted, or the command output is unclear:
-
-```sh
-../crabbox/bin/crabbox list --provider aws
-```
-
-## Blacksmith Testbox Through Crabbox
-
-Use this for OpenClaw maintainer broad/heavy `pnpm` gates when the prepared CI
-environment is the right proof surface:
-
-```sh
-node scripts/crabbox-wrapper.mjs run \
-  --provider blacksmith-testbox \
+pnpm crabbox:run -- --provider blacksmith-testbox \
  --blacksmith-org openclaw \
  --blacksmith-workflow .github/workflows/ci-check-testbox.yml \
  --blacksmith-job check \
@@ -210,229 +81,65 @@ node scripts/crabbox-wrapper.mjs run \
  --idle-timeout 90m \
  --ttl 240m \
  --timing-json \
-  -- \
-  corepack pnpm check:changed
+  --shell -- \
+  "env CI=1 NODE_OPTIONS=--max-old-space-size=4096 OPENCLAW_TEST_PROJECTS_PARALLEL=6 OPENCLAW_VITEST_MAX_WORKERS=1 OPENCLAW_VITEST_NO_OUTPUT_TIMEOUT_MS=900000 pnpm test:changed"
 ```

-Read the JSON summary and the Testbox line. Useful fields:
+Full suite:

- `provider`: `blacksmith-testbox`
+```sh
+pnpm crabbox:run -- --provider blacksmith-testbox \
+  --blacksmith-org openclaw \
+  --blacksmith-workflow .github/workflows/ci-check-testbox.yml \
+  --blacksmith-job check \
+  --blacksmith-ref main \
+  --idle-timeout 90m \
+  --ttl 240m \
+  --timing-json \
+  --shell -- \
+  "env CI=1 NODE_OPTIONS=--max-old-space-size=4096 OPENCLAW_TEST_PROJECTS_PARALLEL=6 OPENCLAW_VITEST_MAX_WORKERS=1 OPENCLAW_VITEST_NO_OUTPUT_TIMEOUT_MS=900000 pnpm test"
+```
+
+Focused rerun:
+
+```sh
+pnpm crabbox:run -- --provider blacksmith-testbox \
+  --blacksmith-org openclaw \
+  --blacksmith-workflow .github/workflows/ci-check-testbox.yml \
+  --blacksmith-job check \
+  --blacksmith-ref main \
+  --idle-timeout 90m \
+  --ttl 240m \
+  --timing-json \
+  --shell -- \
+  "env CI=1 NODE_OPTIONS=--max-old-space-size=4096 OPENCLAW_VITEST_MAX_WORKERS=1 OPENCLAW_VITEST_NO_OUTPUT_TIMEOUT_MS=900000 pnpm test <path-or-filter>"
+```
+
+Read the JSON summary. Useful fields:
+
+- `provider`: should be `blacksmith-testbox`
 - `leaseId`: `tbx_...`
- `syncDelegated`: `true`
- `syncPhases`: delegated/skipped because Blacksmith owns checkout/sync
- Actions run URL/id from the Testbox output
+- `syncDelegated`: should be `true`
+- `commandMs` / `totalMs`
 - `exitCode`

-`blacksmith testbox list` may hide hydrating or ready boxes. Use:
+Crabbox should stop one-shot Blacksmith Testboxes automatically after the run.
+Verify cleanup when a run fails, is interrupted, or the command output is
+unclear:

 ```sh
-blacksmith testbox list --all
-blacksmith testbox status <tbx_id>
+blacksmith testbox list
 ```

-## Observability Flags
-
-Use these on debugging runs before inventing ad hoc logging:
-
- `--preflight`: prints run context, workspace mode, SSH target, remote user/cwd,
-  and target-specific tool probes. Defaults cover `git`, `tar`, `node`, `npm`,
-  `corepack`, `pnpm`, `yarn`, `bun`, `docker`, plus POSIX
-  `sudo`/`apt`/`bubblewrap` and native Windows
-  `powershell`/`execution_policy`/`longpaths`/`temp`/`pwsh`. Add
-  `--preflight-tools node,bun,docker`, `CRABBOX_PREFLIGHT_TOOLS`, or repo
-  `run.preflightTools` to replace the list. `default` expands built-ins; `none`
-  prints only the workspace summary. Preflight is diagnostic only; install
-  toolchains through Actions hydration, images, devcontainer/Nix/mise/asdf, or
-  the run script. On `blacksmith-testbox`, this prints a delegated-unsupported
-  note because the workflow owns setup.
- `CRABBOX_ENV_ALLOW=NAME,...`: forwards only listed local env vars for direct
-  providers and prints `set len=N secret=true` style summaries. On
-  `blacksmith-testbox`, env forwarding is unsupported; put secrets in the
-  Testbox workflow instead.
- `--env-from-profile <file>` plus `--allow-env NAME`: loads simple
-  `export NAME=value` / `NAME=value` lines from a local profile without
-  executing it, then forwards only allowlisted names. `--allow-env` is
-  repeatable and comma-separated. Profile values override ambient allowlisted
-  env values for that run. Direct POSIX, WSL2, and native Windows runs are
-  supported; delegated providers are not. Crabbox probes the uploaded profile
-  remotely and prints redacted presence/length metadata before the command.
- `--env-helper <name>`: with `--env-from-profile` on POSIX SSH targets,
-  persists `.crabbox/env/<name>` and `.crabbox/env/<name>.env` so follow-up
-  commands on the same lease can run through `./.crabbox/env/<name> <command>`.
-  Use only on leases you control; the profile stays until cleanup, lease reset,
-  or `--full-resync`.
- `--script <file>` / `--script-stdin`: upload a local script into
-  `.crabbox/scripts/` and execute it on the remote box. Shebang scripts execute
-  directly on POSIX; scripts without a shebang run through `bash`. Native
-  Windows uploads run through Windows PowerShell, and Crabbox appends `.ps1`
-  when needed. Arguments after `--` become script args.
- `--fresh-pr owner/repo#123|URL|number`: skip dirty local sync and create a
-  fresh remote checkout of the GitHub PR. Bare numbers use the current repo's
-  GitHub origin. Add `--apply-local-patch` only when the current local
-  `git diff --binary HEAD` should be applied on top of that PR checkout.
- `--full-resync` / `--fresh-sync`: reset a stale direct-provider workdir
-  before syncing. Use after sync fingerprints look wrong, SSH times out before
-  sync, or rsync watchdog output suggests it. It is redundant with
-  `--fresh-pr`, incompatible with `--no-sync`, and unsupported by delegated
-  providers.
- `--capture-stdout <path>` / `--capture-stderr <path>`: write remote streams to
-  local files and keep binary/noisy output out of retained logs. Parent
-  directories must already exist. These are direct-provider only.
- `--capture-on-fail`: on non-zero direct-provider exits, downloads
-  `.crabbox/captures/*.tar.gz` with `test-results`, `playwright-report`,
-  `coverage`, JUnit XML, and nearby logs. Treat as secret-bearing until reviewed.
- `--keep-on-failure`: leave a failed one-shot lease alive for live debugging
-  until idle/TTL expiry. Useful on direct providers and delegated one-shots.
- `--timing-json`: final machine-readable timing. Add
-  `echo CRABBOX_PHASE:install`, `CRABBOX_PHASE:test`, etc. in long shell
-  commands; direct providers and Blacksmith Testbox both report them as
-  `commandPhases`.
-
-Live-provider debug template for direct AWS/Hetzner leases:
-
-```sh
-mkdir -p .crabbox/logs
-pnpm crabbox:run -- --provider aws \
-  --preflight \
-  --allow-env OPENAI_API_KEY,OPENAI_BASE_URL \
-  --timing-json \
-  --capture-stdout .crabbox/logs/live-provider.stdout.log \
-  --capture-stderr .crabbox/logs/live-provider.stderr.log \
-  --capture-on-fail \
-  --shell -- \
-  "echo CRABBOX_PHASE:install; pnpm install --frozen-lockfile; echo CRABBOX_PHASE:test; pnpm test:live"
-```
-
-Do not pass `--capture-*`, `--download`, `--checksum`, `--force-sync-large`, or
-`--sync-only` to delegated providers. Also do not pass `--script*`,
-`--fresh-pr`, `--full-resync`, or `--env-helper` there. Crabbox rejects these
-because the provider owns sync or command transport. `--keep-on-failure` is OK
-for delegated one-shots when you need to inspect a failed lease.
-
-## Efficient Bug E2E Verification
-
-Use the smallest Crabbox lane that proves the reported user path, not just the
-touched code. Aim for one after-fix E2E proof before commenting, closing, or
-opening a PR for a user-visible bug.
-
-When the user says "test in Crabbox", do not simply copy tests to the remote
-box and run them there. Crabbox is for remote real-scenario proof: copy or
-install OpenClaw as the user would, run the same setup/update/CLI/Gateway/API
-call that failed, and capture behavior from that entrypoint. For regressions or
-bug reports, prove the broken state first when feasible, then run the same
-scenario after the fix.
-
-Pick the lane by symptom:
-
- Docker/setup/install bug: build a package tarball and run the matching
-  `scripts/e2e/*-docker.sh` or package script. This proves npm packaging,
-  install paths, runtime deps, config writes, and container behavior.
- Provider/model/auth bug: prefer true live E2E. Use the configured secret
-  workflow, then inject the single needed key into Crabbox if needed. Scrub
-  unrelated provider env vars in the child command so interactive defaults do
-  not drift to another provider. If only a dummy key is used, label the proof
-  narrowly, e.g. "UI/install path only; live provider auth not exercised."
- Channel delivery bug: use the channel Docker/live lane when available; include
-  setup, config, gateway start, send/receive or agent-turn proof, and redacted
-  logs.
- Gateway/session/tool bug: prefer an end-to-end CLI or Gateway RPC command that
-  creates real state and inspects the resulting files/API output.
- Pure parser/config bug: targeted tests may be enough, but still run a
-  Crabbox command when OS, package, Docker, secrets, or service lifecycle could
-  change behavior.
-
-Efficient flow:
-
-1. Reproduce or prove the pre-fix symptom from the real user-facing entrypoint
-   when feasible. If the issue cannot be reproduced, capture the exact command
-   and observed behavior instead.
-2. Patch locally and run narrow local tests for edit speed.
-3. Run one Crabbox E2E command that starts from the user-facing entrypoint:
-   package install, Docker setup, onboarding, channel add, gateway start, or
-   agent turn as appropriate.
-4. Record proof as: Testbox id, command, environment shape, redacted secret
-   source, and copied success/failure output.
-5. If the issue says "cannot reproduce", ask for the missing config/log fields
-   that would distinguish the tested path from the reporter's path.
-
-Keep it efficient:
-
- Reuse existing E2E scripts and helper assertions before writing ad hoc shell.
- Use `--script <file>` or `--script-stdin` for multi-line E2E commands instead
-  of quote-heavy `--shell` strings on direct SSH providers.
- Use `--fresh-pr <pr>` when validating an upstream PR in isolation from the
-  local dirty tree. Add `--apply-local-patch` only when testing a local fixup on
-  top of that PR.
- Use `--full-resync` before replacing a warmed direct-provider lease when the
-  remote workdir or sync fingerprint appears stale.
- Use one-shot Crabbox for a single proof; use a reusable Testbox only when
-  several commands must share built images, installed packages, or live state.
- Prefer `OPENCLAW_CURRENT_PACKAGE_TGZ` with Docker/package lanes when testing a
-  candidate tarball; prefer the repo's package helper instead of direct source
-  execution when the bug might be packaging/install related.
- Keep secrets redacted. It is fine to report key presence, source, and length;
-  never print secret values.
- Include `--timing-json` on broad or flaky runs when command duration or sync
-  behavior matters.
-
-Before/after PR proof on delegated Testbox:
-
- For PRs that should prove "broken before, fixed after", compare base and PR
-  on the same Testbox when practical. Fetch both refs, create detached temp
-  worktrees under `/tmp`, install in each, then run the same harness twice.
- Do not checkout base/PR refs in the synced repo root. Delegated Testbox sync
-  may leave the root dirty with local files; `git checkout` can abort or mix
-  proof state.
- Temp harness files under `/tmp` do not resolve repo packages by default. Put
-  the harness inside the worktree, or in ESM use
-  `createRequire(path.join(process.cwd(), "package.json"))` before requiring
-  workspace deps such as `@lydell/node-pty`.
- For full-screen TUI/CLI bugs, a PTY harness is stronger than helper-only
-  assertions. Use a real PTY, wait for visible lifecycle markers, send input,
-  then send control keys and assert process exit/stuck behavior.
- When validating a rebased local branch before push, remember delegated sync
-  usually validates synced file content on a detached dirty checkout, not a
-  remote commit object. Record the local head SHA, changed files, Testbox id,
-  and final success markers; after pushing, ensure the pushed SHA has the same
-  file content.
- If GitHub CI is still queued but the exact changed content passed Testbox
-  `pnpm check:changed`, `pnpm check:test-types`, and the real E2E proof, it is
-  reasonable to merge once required checks allow it. Note any still-running
-  unrelated shards in the proof comment instead of waiting forever.
-
-Interactive CLI/onboarding:
-
- For full-screen or prompt-heavy CLI flows, run the target command inside tmux
-  on the Crabbox and drive it with `tmux send-keys`; capture proof with
-  `tmux capture-pane`, redacted through `sed`.
- Prefer deterministic arrow navigation over search typing for Clack-style
-  searchable selects. Raw `send-keys -l openai` may not trigger filtering in a
-  tmux pane; inspect option order locally or on-box and send exact Down/Enter
-  sequences.
- Isolate mutable state with `OPENCLAW_STATE_DIR=$(mktemp -d)`. Plugin npm
-  installs live under that state dir (`npm/node_modules/...`), not under
-  `OPENCLAW_CONFIG_DIR`. Verify downloads by checking the state dir, package
-  lock, and installed package metadata.
- To test automatic setup installs against local package artifacts, use
-  `OPENCLAW_ALLOW_PLUGIN_INSTALL_OVERRIDES=1` plus
-  `OPENCLAW_PLUGIN_INSTALL_OVERRIDES='{"plugin-id":"npm-pack:/tmp/plugin.tgz"}'`.
-  Pack with `npm pack`, set an isolated `OPENCLAW_STATE_DIR`, and verify the
-  package under `npm/node_modules`. Overrides are test-only and must not be
-  treated as official/trusted-source installs.
- For OpenAI/Codex onboarding proof, the useful markers are the UI line
-  `Installed Codex plugin`, `npm/node_modules/@openclaw/codex`, and the
-  package-lock entry showing the bundled `@openai/codex` dependency. A dummy
-  OpenAI-shaped key can prove only UI/install behavior; it is not live auth.
-
 ## Reuse And Keepalive

-For most Crabbox calls, one-shot is enough. Use reuse only when you need
-multiple manual commands on the same hydrated box.
+For most Blacksmith-backed Crabbox calls, one-shot is enough. Use reuse only
+when you need multiple manual commands on the same hydrated box.

 If Crabbox returns a reusable id or you intentionally keep a lease:

 ```sh
-pnpm crabbox:run -- --id <cbx_id-or-slug> --no-sync --timing-json --shell -- "pnpm test <path>"
+pnpm crabbox:run -- --provider blacksmith-testbox --id <tbx_id> --no-sync --timing-json --shell -- "pnpm test <path>"
 ```

 Stop boxes you created before handoff:
@@ -453,70 +160,35 @@ Common desktop flow:

 ```sh
 ../crabbox/bin/crabbox warmup --provider hetzner --desktop --browser --class standard --idle-timeout 60m --ttl 240m
-../crabbox/bin/crabbox desktop launch --provider hetzner --id <cbx_id-or-slug> --browser --url https://example.com --webvnc --open --take-control
+../crabbox/bin/crabbox desktop launch --provider hetzner --id <cbx_id-or-slug> --browser --url https://example.com --webvnc --open
 ```

 Useful WebVNC commands:

 ```sh
-../crabbox/bin/crabbox webvnc --provider hetzner --id <cbx_id-or-slug> --open --take-control
-../crabbox/bin/crabbox webvnc daemon start --provider hetzner --id <cbx_id-or-slug> --open --take-control
-../crabbox/bin/crabbox webvnc daemon status --provider hetzner --id <cbx_id-or-slug>
-../crabbox/bin/crabbox webvnc daemon stop --provider hetzner --id <cbx_id-or-slug>
-../crabbox/bin/crabbox webvnc status --provider hetzner --id <cbx_id-or-slug>
-../crabbox/bin/crabbox webvnc reset --provider hetzner --id <cbx_id-or-slug> --open --take-control
-../crabbox/bin/crabbox desktop doctor --provider hetzner --id <cbx_id-or-slug>
-../crabbox/bin/crabbox desktop click --provider hetzner --id <cbx_id-or-slug> --x 640 --y 420
-../crabbox/bin/crabbox desktop paste --provider hetzner --id <cbx_id-or-slug> --text "user@example.com"
-../crabbox/bin/crabbox desktop key --provider hetzner --id <cbx_id-or-slug> ctrl+l
-../crabbox/bin/crabbox artifacts collect --id <cbx_id-or-slug> --all --output artifacts/<slug>
-../crabbox/bin/crabbox artifacts publish --dir artifacts/<slug> --pr <number>
+../crabbox/bin/crabbox webvnc --provider hetzner --id <cbx_id-or-slug> --open
+../crabbox/bin/crabbox webvnc --provider hetzner --id <cbx_id-or-slug> --daemon --open
+../crabbox/bin/crabbox webvnc --provider hetzner --id <cbx_id-or-slug> --status
+../crabbox/bin/crabbox webvnc --provider hetzner --id <cbx_id-or-slug> --stop
+../crabbox/bin/crabbox screenshot --provider hetzner --id <cbx_id-or-slug> --output desktop.png
 ```

 `desktop launch --webvnc --open` is usually the nicest one-shot: it starts the
 browser/app inside the visible session, bridges the lease into the authenticated
 WebVNC portal, and opens the portal. Keep browsers windowed for human QA; use
 `--fullscreen` only for capture/video workflows.
-For human handoff, include `--take-control` so the opened portal viewer gets
-keyboard/mouse control automatically instead of landing as an observer.
-
-Human handoff preflight:
-
- Do not assume a visible desktop or launched browser means the repo CLI/app is
-  installed, built, or on the interactive terminal's `PATH`.
- Before handing WebVNC to a human tester, prove the expected command from the
-  same kept lease and from a neutral directory such as `~`.
- If the handoff needs repo-local code, sync/build/link it explicitly on that
-  lease. Source-tree CLIs often need build output before a symlink works.
- Prefer a real `command -v <expected-command> && <expected-command> --version`
-  check over a repo-root-only `pnpm ...` command.
-
-Generic handoff repair pattern:
-
-```sh
-../crabbox/bin/crabbox run --id <cbx_id-or-slug> --full-resync --shell -- \
-  "set -euo pipefail
-   pnpm install --frozen-lockfile
-   pnpm build
-   sudo ln -sf \"\$PWD/<cli-entry>\" /usr/local/bin/<expected-command>
-   cd ~
-   command -v <expected-command>
-   <expected-command> --version"
-```

 ## If Crabbox Fails

 Keep the fallback narrow. First decide whether the failure is Crabbox itself,
-the brokered AWS lease, Blacksmith/Testbox, repo hydration, sync, or the test
-command.
+Blacksmith/Testbox, repo hydration, sync, or the test command.

 Fast checks:

 ```sh
 command -v crabbox
 ../crabbox/bin/crabbox --version
-pnpm crabbox:run -- --help | sed -n '1,140p'
-../crabbox/bin/crabbox doctor
+crabbox run --provider blacksmith-testbox --help | sed -n '1,140p'
 command -v blacksmith
 blacksmith --version
 blacksmith testbox list
@@ -526,37 +198,32 @@ Common Crabbox-only failures:

 - Provider missing or old CLI: use `../crabbox/bin/crabbox` from the sibling
  repo, or update/install Crabbox before retrying.
- Bad local config: inspect `.crabbox.yaml`, `crabbox config show`, and
-  `crabbox whoami`; normal OpenClaw proof should use brokered AWS without
-  asking for cloud keys.
- Slug/claim confusion: use the raw `cbx_...` / `tbx_...` id, or run one-shot
-  without `--id`.
+- Bad local config: pass `--provider blacksmith-testbox` plus explicit
+  `--blacksmith-*` flags instead of relying on `.crabbox.yaml`.
+- Slug/claim confusion: use the raw `tbx_...` id, or run one-shot without
+  `--id`.
 - Sync/timing bug: add `--debug --timing-json`; capture the final JSON and the
-  printed Actions URL. Large sync warnings now include top source directories
-  by file count and a hint to update `.crabboxignore` / `sync.exclude`; inspect
-  those before reaching for `--force-sync-large`. Quiet rsync watchdogs and SSH
-  timeouts now print `next_action=` hints; follow them, usually `--full-resync`
-  first and a fresh lease second.
- Cleanup uncertainty: run `crabbox list --provider aws`; for explicit
-  Blacksmith runs, use `blacksmith testbox list` and stop only boxes you
+  printed Actions URL.
+- Cleanup uncertainty: run `blacksmith testbox list` and stop only boxes you
  created.
- Testbox queued/capacity pressure: do not retry Blacksmith repeatedly. Rerun
-  once without `--provider` so `.crabbox.yaml` routes to brokered AWS, or report
-  the Blacksmith blocker if Testbox itself is the requested proof.
+- Testbox queued/capacity pressure: do not convert a broad changed gate or full
+  suite into local `OPENCLAW_LOCAL_CHECK_MODE=throttled pnpm ...`. Leave the
+  remote lane queued, switch to a narrower targeted local check, or stop and
+  report the capacity blocker.

-If brokered AWS cannot dispatch, sync, attach, or stop, retry once with
-`--debug` and `--timing-json`:
+If Crabbox cannot dispatch, sync, attach, or stop but Blacksmith itself works,
+use direct Blacksmith from the repo root:

 ```sh
-pnpm crabbox:run -- --debug --timing-json -- \
-  pnpm test:changed
+blacksmith testbox warmup ci-check-testbox.yml --ref main --idle-timeout 90
+blacksmith testbox run --id <tbx_id> "env CI=1 NODE_OPTIONS=--max-old-space-size=4096 OPENCLAW_TEST_PROJECTS_PARALLEL=6 OPENCLAW_VITEST_MAX_WORKERS=1 OPENCLAW_VITEST_NO_OUTPUT_TIMEOUT_MS=900000 pnpm test:changed"
+blacksmith testbox stop --id <tbx_id>
 ```

-Full suite:
+Direct full suite:

 ```sh
-pnpm crabbox:run -- --debug --timing-json -- \
-  pnpm test
+blacksmith testbox run --id <tbx_id> "env CI=1 NODE_OPTIONS=--max-old-space-size=4096 OPENCLAW_TEST_PROJECTS_PARALLEL=6 OPENCLAW_VITEST_MAX_WORKERS=1 OPENCLAW_VITEST_NO_OUTPUT_TIMEOUT_MS=900000 pnpm test"
 ```

 Auth fallback, only when `blacksmith` says auth is missing:
@@ -574,10 +241,9 @@ Raw Blacksmith footguns:
 - Treat `blacksmith testbox list` as cleanup diagnostics, not a shared reusable
  queue.

-Use Blacksmith only when the task is specifically about Testbox, brokered AWS
-is unavailable, or an explicit comparison is needed. If Blacksmith is down or
-quota-limited, do not keep probing it; stay on brokered AWS and note the
-delegated-provider outage.
+Escalate to owned AWS/Hetzner only when Blacksmith is down, quota-limited,
+missing the needed environment, or owned capacity is the explicit goal. Use the
+Owned Cloud Fallback section below.

 ## Blacksmith Backend Notes

@@ -592,15 +258,16 @@ The hydration workflow owns checkout, Node/pnpm setup, dependency install,
 secrets, ready marker, and keepalive. Crabbox owns dispatch, sync, SSH command
 execution, timing, logs/results, and cleanup.

-Minimal Blacksmith-backed Crabbox run, from repo root:
+Minimal direct Blacksmith fallback, from repo root:

 ```sh
-pnpm crabbox:run -- --provider blacksmith-testbox --timing-json -- \
-  corepack pnpm test:changed
+blacksmith testbox warmup ci-check-testbox.yml --ref main --idle-timeout 90
+blacksmith testbox run --id <tbx_id> "env CI=1 NODE_OPTIONS=--max-old-space-size=4096 OPENCLAW_TEST_PROJECTS_PARALLEL=6 OPENCLAW_VITEST_MAX_WORKERS=1 pnpm test:changed"
+blacksmith testbox stop --id <tbx_id>
 ```

-Use direct Blacksmith only when Crabbox is the broken layer and you are
-isolating a Crabbox bug. Prefer direct `blacksmith testbox list` for cleanup
+Use direct Blacksmith only when Crabbox is the broken layer and Blacksmith
+itself still works. Prefer direct `blacksmith testbox list` for cleanup
 diagnostics, not as a reusable work queue.

 Important Blacksmith footguns:
@@ -613,16 +280,15 @@ Important Blacksmith footguns:
 blacksmith auth login --non-interactive --organization openclaw
 ```

-## Brokered AWS
+## Owned Cloud Fallback

-Use AWS for normal OpenClaw remote proof. The repo `.crabbox.yaml` already
-selects brokered AWS, so omit `--provider` unless you are testing a different
-provider deliberately.
+Use AWS/Hetzner only when Blacksmith is down, quota-limited, missing the needed
+environment, or owned capacity is explicitly the goal.

 ```sh
-pnpm crabbox:warmup -- --class beast --market on-demand --idle-timeout 90m
+pnpm crabbox:warmup -- --provider aws --class beast --market on-demand --idle-timeout 90m
 pnpm crabbox:hydrate -- --id <cbx_id-or-slug>
-pnpm crabbox:run -- --id <cbx_id-or-slug> --timing-json --shell -- "pnpm test:changed"
+pnpm crabbox:run -- --id <cbx_id-or-slug> --timing-json --shell -- "env NODE_OPTIONS=--max-old-space-size=4096 OPENCLAW_TEST_PROJECTS_PARALLEL=6 OPENCLAW_VITEST_MAX_WORKERS=1 OPENCLAW_VITEST_NO_OUTPUT_TIMEOUT_MS=900000 pnpm test:changed"
 pnpm crabbox:stop -- <cbx_id-or-slug>
 ```

@@ -644,8 +310,8 @@ crabbox whoami
 - If broker auth is missing, run `crabbox login --url https://crabbox.openclaw.ai --provider aws`.
 - If the CLI asks for `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`, or AWS
  profile setup during normal OpenClaw validation, assume the agent selected
-  the wrong path. Use brokered `crabbox login` or an existing brokered lease
-  before asking the user for cloud credentials.
+  the wrong path. Use brokered `crabbox login`, `--provider blacksmith-testbox`,
+  or an existing brokered lease before asking the user for cloud credentials.
 - Ask for AWS keys only for explicit direct-provider/account administration,
  not for normal brokered OpenClaw proof.
 - Trusted automation may still use
@@ -658,7 +324,8 @@ macOS config lives at:
 ```

 It should include `broker.url`, `broker.token`, and usually `provider: aws`
-for OpenClaw lanes. Let that config drive normal validation.
+for owned-cloud lanes. Do not let that config override the OpenClaw default
+when Blacksmith proof is requested; pass `--provider blacksmith-testbox`.

 ### Interactive Desktop / WebVNC

@@ -678,10 +345,7 @@ crabbox run --id <lease> --shell -- 'DISPLAY=:99 xdotool search --onlyvisible --
 crabbox status --id <id-or-slug> --wait
 crabbox inspect --id <id-or-slug> --json
 crabbox sync-plan
-crabbox history --limit 20
 crabbox history --lease <id-or-slug>
-crabbox attach <run_id>
-crabbox events <run_id> --json
 crabbox logs <run_id>
 crabbox results <run_id>
 crabbox cache stats --id <id-or-slug>
@@ -696,15 +360,14 @@ Use `--market spot|on-demand` only on AWS warmup/one-shot runs.
 ## Failure Triage

 - Crabbox cannot find provider: verify `../crabbox/bin/crabbox --help` lists
-  the provider selected by `.crabbox.yaml`; update Crabbox before falling back.
+  `blacksmith-testbox`; update Crabbox before falling back.
 - Hydration stuck or failed: open the printed GitHub Actions run URL and inspect
  the hydration step.
 - Sync failed: rerun with `--debug`; check changed-file count and whether the
  checkout is dirty.
 - Command failed: rerun only the failing shard/file first. Do not rerun a full
  suite until the focused failure is understood.
- Cleanup uncertain: `crabbox list --provider aws`; for explicit Blacksmith
-  runs, use `blacksmith testbox list` and stop owned `tbx_...` leases you
+- Cleanup uncertain: `blacksmith testbox list`; stop owned `tbx_...` leases you
  created.
 - Crabbox broken but Blacksmith works: use the direct Blacksmith fallback above,
  then file/fix the Crabbox issue.
--- a/.agents/skills/discrawl/SKILL.md
+++ b/.agents/skills/discrawl/SKILL.md
@@ -1,44 +0,0 @@
---
-name: discrawl
-description: "Discord archive: search, sync freshness, DMs, channel slices, SQL counts, and Discrawl repo work."
-metadata:
-  openclaw:
-    homepage: https://github.com/openclaw/discrawl
-    requires:
-      bins:
-        - discrawl
-    install:
-      - kind: go
-        module: github.com/openclaw/discrawl/cmd/discrawl@latest
-        bins:
-          - discrawl
---
-
-# Discrawl
-
-Use local Discord archive data before live Discord APIs. Check freshness for recent/current questions:
-
-```bash
-discrawl status --json
-discrawl doctor
-```
-
-Refresh only when stale or asked:
-
-```bash
-discrawl sync --source wiretap
-discrawl sync
-```
-
-Query with bounded slices:
-
-```bash
-DISCRAWL_NO_AUTO_UPDATE=1 discrawl search --limit 20 "query"
-discrawl messages --channel '#maintainers' --days 7 --all
-discrawl dms --last 20
-DISCRAWL_NO_AUTO_UPDATE=1 discrawl --json sql "select count(*) from messages;"
-```
-
-Report absolute date spans, channel/DM names, counts, and known gaps. Use read-only SQL for exact counts/rankings. Never use `--unsafe --confirm` unless the user explicitly requests a reviewed DB mutation.
-
-Boundaries: bot sync needs configured Discord bot credentials. Wiretap reads local Discord Desktop artifacts only; do not extract user tokens, call Discord as the user, or write to Discord storage. Git-share snapshots must not include secrets or `@me` DM rows.
--- a/.agents/skills/discrawl/agents/openai.yaml
+++ b/.agents/skills/discrawl/agents/openai.yaml
@@ -1,4 +0,0 @@
-interface:
-  display_name: "Discrawl"
-  short_description: "Search local Discord archives and freshness"
-  default_prompt: "Use $discrawl to search local Discord archives, check freshness, inspect DMs or channel slices, and report exact date spans and source gaps."
--- a/.agents/skills/gitcrawl/SKILL.md
+++ b/.agents/skills/gitcrawl/SKILL.md
@@ -1,50 +1,68 @@
 ---
 name: gitcrawl
-description: "GitHub archive: issue/PR search, sync freshness, duplicate clusters, gh-shim PR status, and Gitcrawl repo work."
+description: Use gitcrawl for OpenClaw issue and PR archive search, duplicate discovery, related-thread clustering, and local GitHub mirror freshness checks.
 metadata:
  openclaw:
-    homepage: https://github.com/openclaw/gitcrawl
    requires:
      bins:
        - gitcrawl
-    install:
-      - kind: go
-        module: github.com/openclaw/gitcrawl/cmd/gitcrawl@latest
-        bins:
-          - gitcrawl
 ---

 # Gitcrawl

-Use local GitHub issue/PR archives before live GitHub search. Check freshness first:
+Use this skill before live GitHub search when triaging OpenClaw issues or PRs.
+
+`gitcrawl` is the local candidate-discovery layer. It is fast, includes open and closed threads, and can surface duplicate attempts, related issues, and already-landed fixes. It is not the final source of truth for comments, labels, merges, closes, or current CI.
+
+## Default Flow
+
+1. Check local state:

 ```bash
 gitcrawl doctor --json
 ```

-Find candidates:
+2. Read the target from the local archive:

 ```bash
 gitcrawl threads openclaw/openclaw --numbers <issue-or-pr-number> --include-closed --json
-gitcrawl neighbors openclaw/openclaw --number <issue-or-pr-number> --limit 12 --json
-gitcrawl search issues "query" -R openclaw/openclaw --state open --json number,title,url
-gitcrawl clusters openclaw/openclaw --sort size --min-size 5
-gitcrawl cluster-detail openclaw/openclaw --id <cluster-id>
 ```

-For PR triage, start cached and go live only before mutation/merge decisions:
+3. Find related candidates:

 ```bash
-gitcrawl gh pr status <number-or-url> -R openclaw/openclaw --compact
-gitcrawl gh pr view <number-or-url> -R openclaw/openclaw --json number,title,state,url,isDraft,headRef,headSha
-gitcrawl gh --live pr status <number-or-url> -R openclaw/openclaw --compact
+gitcrawl neighbors openclaw/openclaw --number <issue-or-pr-number> --limit 12 --json
+gitcrawl search openclaw/openclaw --query "<scope or title keywords>" --mode hybrid --limit 20 --json
 ```

-Use live `gh` plus checkout proof before commenting, labeling, closing, reopening, merging, or filing a PR review:
+4. Inspect relevant clusters:
+
+```bash
+gitcrawl cluster-detail openclaw/openclaw --id <cluster-id> --member-limit 20 --body-chars 280 --json
+```
+
+5. Verify anything actionable with live GitHub and the checkout:

 ```bash
 gh pr view <number> --json number,title,state,mergedAt,body,files,comments,reviews,statusCheckRollup
 gh issue view <number> --json number,title,state,body,comments,closedAt
 ```

-Report absolute dates, repo names, issue/PR numbers, cluster ids, and source gaps. Do not close/label from similarity alone; require matching intent plus live verification.
+## Freshness Rules
+
+- Treat `gitcrawl` as stale if `doctor` shows no target thread, an old `last_sync_at`, missing embeddings for neighbor/search commands, or a clearly wrong open/closed state.
+- If stale data blocks the decision, refresh the portable store first:
+
+```bash
+gitcrawl init --portable-store git@github.com:openclaw/gitcrawl-store.git --json
+```
+
+- Run expensive update commands such as `gitcrawl sync --include-comments` only when the user asked to update the local store or stale data is blocking the decision.
+- The sync default is all GitHub thread states; pass `--state open`, `--state closed`, or `--state all` only when a task requires a narrower or explicit scope.
+
+## Boundaries
+
+- Use `gitcrawl` for candidates, clusters, and historical context.
+- Use `gh`, `gh api`, and the current checkout for live state before commenting, labeling, closing, reopening, merging, or filing a PR review.
+- Do not close or label based only on `gitcrawl` similarity. Require matching problem intent plus live verification.
+- If `gitcrawl` is unavailable, say so and fall back to targeted `gh search` rather than blocking normal maintainer work.
--- a/.agents/skills/graincrawl/SKILL.md
+++ b/.agents/skills/graincrawl/SKILL.md
@@ -1,44 +0,0 @@
---
-name: graincrawl
-description: "Granola archive: search, sync freshness, notes, transcripts, panels, SQL counts, and Graincrawl repo work."
-metadata:
-  openclaw:
-    homepage: https://github.com/openclaw/graincrawl
-    requires:
-      bins:
-        - graincrawl
-    install:
-      - kind: go
-        module: github.com/vincentkoc/graincrawl/cmd/graincrawl@latest
-        bins:
-          - graincrawl
---
-
-# Graincrawl
-
-Use local Granola archive data first. Check freshness for recent/current questions:
-
-```bash
-graincrawl doctor --json
-graincrawl status --json
-```
-
-Refresh only when stale or asked:
-
-```bash
-graincrawl sync --source private-api
-graincrawl sync --source desktop-cache
-```
-
-Query with bounded reads:
-
-```bash
-graincrawl search "query"
-graincrawl notes --json
-graincrawl note get <id>
-graincrawl transcripts get <id>
-graincrawl panels get <id>
-graincrawl --json sql "select count(*) as notes from notes;"
-```
-
-Report absolute date spans, note titles, source gaps, and transcript/panel availability. Use read-only SQL for exact counts/rankings. Before encrypted source debugging, run explicit unlock/secrets checks; do not surprise-prompt Keychain.
--- a/.agents/skills/graincrawl/agents/openai.yaml
+++ b/.agents/skills/graincrawl/agents/openai.yaml
@@ -1,4 +0,0 @@
-interface:
-  display_name: "Graincrawl"
-  short_description: "Search local Granola notes and transcripts"
-  default_prompt: "Use $graincrawl to search local Granola notes, transcripts, and panels, check freshness, and report exact date spans and source gaps."
--- a/.agents/skills/notcrawl/SKILL.md
+++ b/.agents/skills/notcrawl/SKILL.md
@@ -1,42 +0,0 @@
---
-name: notcrawl
-description: "Notion archive: search, sync freshness, pages/databases, Markdown exports, SQL counts, and Notcrawl repo work."
-metadata:
-  openclaw:
-    homepage: https://github.com/openclaw/notcrawl
-    requires:
-      bins:
-        - notcrawl
-    install:
-      - kind: go
-        module: github.com/vincentkoc/notcrawl/cmd/notcrawl@latest
-        bins:
-          - notcrawl
---
-
-# Notcrawl
-
-Use local Notion archive data before browsing or live Notion API calls. Check freshness for recent/current questions:
-
-```bash
-notcrawl doctor
-notcrawl status --json
-```
-
-Refresh only when stale or asked:
-
-```bash
-notcrawl sync --source desktop
-notcrawl sync --source api
-```
-
-Query with bounded reads:
-
-```bash
-notcrawl search "query"
-notcrawl databases
-notcrawl report
-notcrawl sql "select count(*) from pages;"
-```
-
-Report workspace/teamspace, page/database titles, absolute date spans, counts, and known gaps. Use read-only SQL only; never mutate the archive. API mode requires `NOTION_TOKEN`; do not assume token availability.
--- a/.agents/skills/notcrawl/agents/openai.yaml
+++ b/.agents/skills/notcrawl/agents/openai.yaml
@@ -1,4 +0,0 @@
-interface:
-  display_name: "Notcrawl"
-  short_description: "Search local Notion archives and freshness"
-  default_prompt: "Use $notcrawl to search local Notion pages and databases, check freshness, inspect exports, and report exact date spans and source gaps."
--- a/.agents/skills/openclaw-changelog-update/SKILL.md
+++ b/.agents/skills/openclaw-changelog-update/SKILL.md
@@ -1,87 +0,0 @@
---
-name: openclaw-changelog-update
-description: Regenerate OpenClaw release changelog sections from git history before beta or stable releases.
---
-
-# OpenClaw Changelog Update
-
-Use this for release changelog rewrites and GitHub release-note source text.
-Use it with `release-openclaw-maintainer`; this skill owns changelog content,
-ordering, and audit discipline.
-
-## Goal
-
-Rewrite the target `CHANGELOG.md` version section from history, not from stale
-draft notes. Produce user-facing release notes sorted by user interest while
-preserving issue/PR refs and thanks.
-
-## Inputs
-
- Target base version: `YYYY.M.D`, without beta suffix.
- Base tag: last reachable shipped release tag, usually the previous stable or
-  the previous beta train requested by the operator.
- Target ref: exact branch/SHA being released.
-
-## Workflow
-
-1. Start on `main` before branching when possible:
-   - `git fetch --tags origin`
-   - `git pull --ff-only`
-   - confirm clean `git status -sb`
-2. Audit history, including direct commits:
-   - `git log --first-parent --date=iso-strict --pretty=format:'%h%x09%ad%x09%s' <base-tag>..<target-ref>`
-   - `git log --first-parent --grep='(#' --date=short --pretty=format:'%h%x09%ad%x09%s' <base-tag>..<target-ref>`
-   - also inspect `--since='24 hours ago'` when main moved during the release.
-3. Read linked PRs/issues or diffs for ambiguous commits. Direct commits matter;
-   infer notes from subject, body, touched files, tests, and nearby commits.
-4. Rewrite one stable-base section only:
-   - use `## YYYY.M.D`
-   - do not create beta-specific headings
-   - do not leave a stale `## Unreleased` section above the target release
-   - if `Unreleased` contains release-bound notes, fold them into the target
-     section instead of deleting them
-5. Section shape:
-   - `### Highlights`: 5-8 bullets, broad user wins first
-   - `### Changes`: new capabilities and behavior changes
-   - `### Fixes`: user-facing fixes first, grouped by impact and surface
-6. Preserve attribution:
-   - keep `#issue`, `(#PR)`, `Fixes #...`, and `Thanks @...`
-   - do not add GHSA references, advisory IDs, or security advisory slugs to
-     changelog entries or GitHub release-note text unless explicitly requested
-   - never thank bots, `@openclaw`, `@clawsweeper`, or `@steipete`
-   - if grouping multiple entries, carry all relevant refs and thanks into the
-     grouped bullet
-7. Sorting preference:
-   - security/data-loss and content-boundary fixes
-   - transcript/replay/reply delivery correctness
-   - channels and mobile integrations
-   - providers/Codex/local model reliability
-   - install/update/release path reliability
-   - performance and observability
-   - docs and contributor-only/internal details last or omitted
-8. Keep bullets single-line unless existing file style forces otherwise. Avoid
-   internal release-process noise unless it changes user install/update safety.
-9. Check release-note side conditions:
-   - inspect `src/plugins/compat/registry.ts`
-   - inspect `src/commands/doctor/shared/deprecation-compat.ts`
-   - if any compatibility `removeAfter` is on/before release date, resolve it
-     or explicitly record the blocker before shipping
-10. Validate and ship:
-   - `git diff --check`
-   - for docs/changelog-only changes, no broad tests are required
-   - commit with `scripts/committer "docs(changelog): refresh YYYY.M.D notes" CHANGELOG.md`
-   - push, pull/rebase if needed, then branch/rebase release from latest `main`
-
-## Quota / API Outage Rule
-
-If GitHub API quota is exhausted, do not idle. Continue work that does not need
-GitHub API:
-
- local changelog rewrite and release-note extraction
- local pretag checks and package/build sanity
- git push/tag checks over git protocol
- npm registry `npm view` checks
- exact workflow-dispatch command preparation
-
-Only GitHub Release creation, workflow dispatch, run polling, artifact download,
-and issue/PR mutation need API quota.
--- a/.agents/skills/openclaw-debugging/SKILL.md
+++ b/.agents/skills/openclaw-debugging/SKILL.md
@@ -1,114 +0,0 @@
---
-name: openclaw-debugging
-description: Debug OpenClaw model, provider, tool-surface, code-mode, streaming, and live/Crabbox behavior by choosing the right logs, probes, and proof path before changing code.
---
-
-# OpenClaw Debugging
-
-Use this skill when OpenClaw behavior differs between local tests, live models,
-providers, code mode, Tool Search, Crabbox, or CI, and the next move should be a
-debug signal rather than a guess.
-
-## Read First
-
- `docs/logging.md` for log files, `openclaw logs`, and targeted debug flags.
- `docs/reference/test.md` for local test commands.
- `docs/reference/code-mode.md` for code-mode exec/wait and tool catalog rules.
- Use `$openclaw-testing` for choosing test lanes.
- Use `$crabbox` for broad, Docker, package, Linux, live-key, or CI-parity proof.
-
-## Default Loop
-
-1. State the suspected boundary: config, tool construction, provider payload,
-   fetch, stream/SSE, transcript replay, worker/runtime, package/dist, or CI.
-2. Add or enable the narrowest signal that proves that boundary.
-3. Reproduce with the same provider/model/config. Do not randomly switch models
-   unless the model itself is the variable being tested.
-4. Compare configured state with actual run activation.
-5. Patch the root cause.
-6. Rerun the exact failing probe, then broaden only if the contract requires it.
-
-## Model Transport Logs
-
-Use targeted env flags instead of global debug when the model request shape or
-stream timing matters:
-
-```bash
-OPENCLAW_DEBUG_MODEL_TRANSPORT=1 openclaw gateway
-OPENCLAW_DEBUG_MODEL_PAYLOAD=tools OPENCLAW_DEBUG_SSE=events openclaw gateway
-OPENCLAW_DEBUG_MODEL_PAYLOAD=full-redacted OPENCLAW_DEBUG_SSE=peek openclaw gateway
-```
-
-Useful flags:
-
- `OPENCLAW_DEBUG_MODEL_TRANSPORT=1`: request start, fetch response, SDK
-  headers, first SSE event, stream done, and transport errors at `info`.
- `OPENCLAW_DEBUG_MODEL_PAYLOAD=summary`: bounded payload summary.
- `OPENCLAW_DEBUG_MODEL_PAYLOAD=tools`: all model-facing tool names.
- `OPENCLAW_DEBUG_MODEL_PAYLOAD=full-redacted`: capped, redacted JSON payload.
-  Use only while debugging; prompts/message text may still appear.
- `OPENCLAW_DEBUG_SSE=events`: first-event and stream-completion timing.
- `OPENCLAW_DEBUG_SSE=peek`: first five redacted SSE events.
- `OPENCLAW_DEBUG_CODE_MODE=1`: code-mode tool-surface diagnostics.
-
-Watch logs with:
-
-```bash
-openclaw logs --follow
-```
-
-## Common Boundaries
-
- **Config vs activation:** config can be enabled while the run disables tools,
-  is raw, has an empty allowlist, or lacks model tool support. Check the actual
-  visible tools before enforcing provider payload invariants.
- **Tool surface:** inspect final model-visible tool names, not only the tool
-  registry or config. Code mode means exactly `exec` and `wait` only after it
-  actually activates.
- **Provider payload:** log fields, model id, service tier, reasoning, input
-  size, metadata keys, prompt-cache key presence, and tool names before SDK
-  call.
- **Fetch vs SSE:** fetch response proves HTTP headers arrived; first SSE event
-  proves provider body progress. A gap here is a stream/body/provider issue, not
-  tool execution.
- **Worker/dist:** run `pnpm build` when touching workers, dynamic imports,
-  package exports, lazy runtime boundaries, or published paths.
- **Live keys:** use the configured secret workflow for missing provider keys
-  before saying live proof is blocked. Env checks are presence-only; never print
-  secrets.
-
-## Code Pointers
-
- Model payload + Responses stream:
-  `src/agents/openai-transport-stream.ts`
- Guarded fetch/timing:
-  `src/agents/provider-transport-fetch.ts`
- OpenAI/Codex provider wrappers:
-  `src/agents/pi-embedded-runner/openai-stream-wrappers.ts`
- Tool construction, Tool Search, code-mode activation:
-  `src/agents/pi-embedded-runner/run/attempt.ts`
- Code-mode runtime and worker:
-  `src/agents/code-mode.ts`
-  `src/agents/code-mode.worker.ts`
- Tool Search catalog:
-  `src/agents/tool-search.ts`
-
-## Proof Choice
-
- Single helper/payload bug: local targeted Vitest.
- Docs/logging-only: `pnpm check:docs` and `git diff --check`.
- Worker/dist/lazy import/package surface: targeted tests plus `pnpm build`.
- Live provider/model behavior: same provider/model with debug flags and a real
-  key if available.
- Docker/package/Linux/CI-parity: `$crabbox`.
- CI failure: exact SHA, relevant job only, logs only after failure/completion.
-
-## Output Habit
-
-Report:
-
- boundary tested
- exact command/env shape, redacted
- observed signal, such as tool names or first SSE event timing
- fix location
- narrow proof and any remaining risk
--- a/.agents/skills/openclaw-debugging/agents/openai.yaml
+++ b/.agents/skills/openclaw-debugging/agents/openai.yaml
@@ -1,4 +0,0 @@
-interface:
-  display_name: "OpenClaw Debugging"
-  short_description: "Debug model, tool, stream, and live behavior"
-  default_prompt: "Use $openclaw-debugging to identify the right OpenClaw debug boundary, turn on targeted logs, and choose the narrowest local or Crabbox proof."
--- a/.agents/skills/openclaw-docker-e2e-authoring/SKILL.md
+++ b/.agents/skills/openclaw-docker-e2e-authoring/SKILL.md
@@ -1,64 +0,0 @@
---
-name: openclaw-docker-e2e-authoring
-description: "Author OpenClaw Docker E2E and live provider Docker lanes."
---
-
-# OpenClaw Docker E2E Authoring
-
-Use this when adding or changing Docker E2E lanes, release-path Docker tests,
-or live-provider Docker proof.
-
-## Lane Choice
-
- Deterministic Docker: fake the dependency/server and assert the exact runtime
-  contract crossing the boundary.
- Live Docker: use real provider credentials/model only when user-visible
-  behavior needs the real service.
- Prefer both when they prove different risks: deterministic for byte/payload
-  routing, live for actual provider behavior.
-
-## Authoring Rules
-
- Test-only helpers live in `test/helpers` or `scripts/e2e/lib/<lane>/`, not
-  `src/**`, unless production imports them.
- Package-installed app runs from `/app`; mount only explicit harness/helper
-  paths read-only.
- Fake servers should log boundary requests as JSONL and clients should assert
-  the real dependency payload, not just process success.
- Add the package script and `scripts/lib/docker-e2e-scenarios.mjs` lane in the
-  same change.
- If a lane installs a plugin from npm, default the spec via env so published
-  and local override paths are both testable.
-
-## Media And Vision
-
- Expected answer must exist only in pixels or provider output being tested.
- Use neutral filenames, neutral prompts, and no metadata leaks.
- Random bitmap/OCR tokens reuse the repo OCR-safe alphabet `24567ACEF` unless
-  the test owns a stronger glyph set.
- Make the expected answer unique per run when proving real image
-  understanding.
-
-## `chat.send` E2E
-
- Require `chat.send` to return `status: "started"` and a string `runId`.
- Wait for completion with `agent.wait`.
- Assert final user-visible text via `chat.history` when event ordering is not
-  the behavior under test.
- Keep originating channel/account metadata only when the bug path needs queued
-  inbound/channel context.
-
-## Verification
-
-Run the smallest proof that covers the touched lane:
-
-```bash
-pnpm exec oxfmt --write <changed files>
-node --check <new .mjs files>
-bash -n <new .sh files>
-node scripts/run-vitest.mjs test/scripts/docker-e2e-plan.test.ts
-OPENCLAW_SKIP_DOCKER_BUILD=1 pnpm test:docker:<lane>
-```
-
-For real-provider lanes, run the matching live Docker script after deterministic
-Docker is green. Finish with `$autoreview` before commit/PR.
--- a/.agents/skills/openclaw-ghsa-maintainer/SKILL.md
+++ b/.agents/skills/openclaw-ghsa-maintainer/SKILL.md
@@ -5,7 +5,7 @@ description: Inspect, patch, validate, publish, or confirm OpenClaw GHSA securit

 # OpenClaw GHSA Maintainer

-Use this skill for repo security advisory workflow only. Keep general release work in `release-openclaw-maintainer`.
+Use this skill for repo security advisory workflow only. Keep general release work in `openclaw-release-maintainer`.

 ## Respect advisory guardrails

--- a/.agents/skills/openclaw-landable-bug-sweep/SKILL.md
+++ b/.agents/skills/openclaw-landable-bug-sweep/SKILL.md
@@ -1,165 +0,0 @@
---
-name: openclaw-landable-bug-sweep
-description: "Find or repair small high-confidence non-SDK-boundary OpenClaw bugfix PRs until five are landable."
---
-
-# OpenClaw Landable Bug Sweep
-
-Autonomous maintainer workflow for producing five landable OpenClaw bugfix PR URLs.
-Use for broad issue/PR sweeps where the bar is high and the output is PRs, not notes.
-Do not use for plugin SDK/API boundary work; those need separate architecture review.
-
-## Target
-
-Return exactly five PR URLs, each with:
-
- bug summary
- why the fix is low-risk
- proof: rebased-head local/Testbox/live commands or run IDs
- autoreview: clean result on the exact head being shown
- CI green on the exact pushed PR head
- issue/duplicate cleanup done or still pending
-
-The five URLs may be existing PRs that were reviewed/fixed, or new PRs created from issues/clusters.
-Do not present a PR URL to the maintainer until it has been refreshed on current `main`, left-tested, autoreviewed clean, pushed, and verified green in live GitHub CI.
-If code, tests, changelog, PR body, or branch base changes after autoreview, rerun autoreview before showing the URL.
-
-## Companion Skills
-
-Use `$gitcrawl` for discovery/clustering, `$openclaw-pr-maintainer` for live GitHub mutation rules, `$github-author-context` when contributor trust matters, `$openclaw-testing` for proof choice, `$autoreview` before publishing/landing, and `$crabbox` for broad/E2E/live proof.
-
-## Candidate Bar
-
-Accept only when all are true:
-
- bug or paper cut, not feature/product/support/docs-only
- root cause is proven in current code
- dependency behavior checked via upstream docs/source/types when relevant
- production/runtime diff is small, ideally much smaller than 500 LOC and always below 500 LOC
- tests may be larger, but focused
- no new dependency
- no new config option
- no backward-incompatible behavior
- no security/product/owner-boundary decision needed
- no plugin SDK, public plugin API, or `src/plugin-sdk/**` boundary change
- no broad refactor smell
- focused proof is feasible
- branch can be rebased/refreshed and pushed, or a replacement PR can be created
-
-Good examples:
-
- provider parameter mismatch proven against dependency/API contract
- CLI command diverges from adjacent command behavior
- narrow runtime state/serialization bug with failing test
- issue already fixed on current `main`, with proof and closeable duplicates
-
-Reject:
-
- feature requests, new knobs, migrations, release work, workflow policy, support
- plugin SDK/API boundary changes, including compatibility shims, new SDK methods, SDK exports, or plugin-facing channel/provider seams
- auth/security boundary changes unless explicitly assigned
- bugs needing live credentials that are unavailable
- PRs with red CI unless you fix, rebase, push, and recheck them green
- PRs you only reviewed locally but did not refresh/push/check live
- PRs whose final head has not passed `$autoreview`
- fixes whose clean shape is a larger architecture move
- speculative reports without reproducible/provable cause
- UI/UX changes requiring product judgment
-
-## Sweep Loop
-
-1. Start clean:
-   - `git status -sb`
-   - `git pull --ff-only`
-   - verify branch is expected, usually `main`
-2. Build candidate clusters:
-   - `gitcrawl` open issues/PRs, neighbors, and search
-   - live `gh issue/pr view`
-   - include PRs linked from issues and duplicates
-3. For each cluster:
-   - read issue/PR body, comments, labels, linked refs, current source, adjacent tests
-   - suppress maintainer-owned queue noise unless it is the best fix path
-   - identify opener/author and preserve credit
-   - decide: `repair-existing-pr`, `create-new-pr`, `close-fixed-on-main`, `close-duplicate`, or `reject`
-4. Prove before patching:
-   - failing test, focused repro, log/source proof, or dependency contract proof
-   - if already fixed on `main`, prove with current source/test/commit and close kindly
-5. Patch:
-   - prefer existing PR when good and writable
-   - if unwritable or wrong shape, create own PR and preserve useful contributor credit
-   - if no PR exists, create one
-   - add regression test when it fits
-   - release-note context for user-facing fixes in PR body or commit message; credit human reporter/contributor when known
-6. Review, refresh, and publish:
-   - rebase or otherwise refresh the PR branch on current `origin/main`
-   - resolve drift, including newly exposed CI failures, rather than counting the PR as ready
-   - do not add `CHANGELOG.md` during normal sweep PRs; release automation generates it from PRs and commits
-   - left-test the rebased head with the smallest meaningful local/Testbox/live command that proves the bug
-   - run `$autoreview` until no accepted/actionable findings remain before creating, updating, or presenting the PR URL
-   - create/update PR with real body and proof fields
-   - push the exact reviewed head
-   - verify live GitHub CI is green for that pushed head; do not count pending, red, dirty, conflicting, or externally blocked PRs in the five
-7. Hygiene:
-   - close duplicates and fixed-on-main issues/PRs with proof as soon as you notice them during the sweep
-   - never mutate more than five associated items in one cluster without explicit confirmation
-   - comments must be kind, concrete, and include proof/PR/commit links
-8. Repeat until five landable PR URLs are ready.
-
-## PR Body Proof
-
-Use the repo PR template. Include these exact labels:
-
-```text
-Behavior addressed:
-Real environment tested:
-Exact steps or command run after this patch:
-Evidence after fix:
-Observed result after fix:
-What was not tested:
-```
-
-## Existing PR Rules
-
- Review code path beyond the diff before trusting it.
- If PR is good: rebase/refresh on current `main`, fix small issues, left-test, autoreview clean, push, and get CI green before showing or counting it.
- If PR is not good but has a useful idea: recreate locally, co-author when warranted, close original with thanks and explanation.
- If PR is duplicate or fixed on `main`: comment proof, close.
- If maintainer cannot push to contributor branch: create own branch/PR, preserve useful commits or credit.
- If CI turns red after local proof, treat that as normal work: inspect the failing job, fix or reject, rerun, and only count the PR once green.
-
-## Output Ledger
-
-Maintain a running ledger:
-
-```text
-accepted:
- PR URL:
-  source refs:
-  bug:
-  root cause:
-  fix:
-  risk:
-  rebase/head:
-  left-test:
-  autoreview:
-  CI:
-  credit/thanks:
-  cleanup:
-
-rejected:
- ref:
-  reason:
-
-closed:
- ref:
-  reason:
-  proof/comment:
-```
-
-Final answer:
-
- exactly five accepted PR URLs
- 2-4 sentence explainer per PR
- proof/CI state per PR
- closed duplicates/fixed-on-main refs
- current branch/status
--- a/.agents/skills/openclaw-landable-bug-sweep/agents/openai.yaml
+++ b/.agents/skills/openclaw-landable-bug-sweep/agents/openai.yaml
@@ -1,4 +0,0 @@
-interface:
-  display_name: "OpenClaw Landable Bug Sweep"
-  short_description: "Find five small non-SDK landable bugfix PRs"
-  default_prompt: "Use $openclaw-landable-bug-sweep to find or repair five small high-confidence non-SDK-boundary OpenClaw bugfix PRs and get them landable."
--- a/.agents/skills/openclaw-parallels-smoke/SKILL.md
+++ b/.agents/skills/openclaw-parallels-smoke/SKILL.md
@@ -56,9 +56,9 @@ Use this skill for Parallels guest workflows and smoke interpretation. Do not lo
 - For unpublished targets, pack the candidate on the host, serve the `.tgz` over the harness HTTP server, and point the guest updater at that served package. Prefer `openclaw update --tag http://<host-ip>:<port>/openclaw-<version>.tgz --yes --json`; when channel persistence also matters, pass `--channel <stable|beta>` and set `OPENCLAW_UPDATE_PACKAGE_SPEC` to the same served URL in the guest update environment. The command under test must still be `openclaw update`, not direct npm.
 - For unpublished local-fix validation, remember the old baseline updater code still controls the first hop. A fix that lives only in the new updater code cannot change that already-running old process; the served candidate must either keep package/plugin metadata compatible with the baseline host or the baseline itself must include the updater fix.
 - For beta/stable verification, resolve the tag immediately before the run (`npm view openclaw@beta version dist.tarball` or `npm view openclaw@latest ...`). Tags can move while a long VM matrix is already running; restart the matrix when the intended prerelease appears after an earlier registry 404/tag-lag check.
- Use the configured secret workflow to inject only the provider keys needed by OpenAI/Anthropic lanes. Do not print secrets or env dumps; pass provider secrets through the guest exec environment.
+- Source Peter's profile in the host shell (`set -a; source "$HOME/.profile"; set +a`) before OpenAI/Anthropic lanes. Do not print profile contents or env dumps; pass provider secrets through the guest exec environment.
 - Same-guest update verification should set the default model explicitly to `openai/gpt-5.4` before the agent turn and use a fresh explicit `--session-id` so old session model state does not leak into the check.
- The aggregate npm-update wrapper must resolve the Linux VM with the same Ubuntu fallback policy as `parallels-linux-smoke.sh` before both fresh and update lanes. Treat any Ubuntu guest with major version `>= 24` as acceptable when the exact default VM is missing, preferring the newest versioned Ubuntu guest with a fresh poweroff snapshot. On Peter's current host today, use `Ubuntu 26.04`.
+- The aggregate npm-update wrapper must resolve the Linux VM with the same Ubuntu fallback policy as `parallels-linux-smoke.sh` before both fresh and update lanes. Treat any Ubuntu guest with major version `>= 24` as acceptable when the exact default VM is missing, preferring the closest version match. On Peter's current host today, missing `Ubuntu 24.04.3 ARM64` should fall back to `Ubuntu 25.10`.
 - On macOS same-guest update checks, restart the gateway after the npm upgrade before `gateway status` / `agent`; launchd can otherwise report a loaded service while the old process has exited and the fresh process is not RPC-ready yet.
 - The npm-update aggregate's macOS update leg writes the guest update script as root, then runs it as the desktop user. If `prlctl exec "$MACOS_VM" --current-user ...` cannot authenticate, retry through plain root `prlctl exec` plus `sudo -u <desktop-user> /usr/bin/env HOME=/Users/<desktop-user> USER=<desktop-user> LOGNAME=<desktop-user> PATH=/opt/homebrew/bin:/opt/homebrew/opt/node/bin:/usr/bin:/bin:/usr/sbin:/sbin ...`. That is a Parallels transport fallback; still verify `openclaw --version`, gateway RPC, and an agent turn after the update.
 - On Windows same-guest update checks, restart the gateway after the npm upgrade before `gateway status` / `agent`; in-place global npm updates can otherwise leave stale hashed `dist/*` module imports alive in the running service.
@@ -93,8 +93,8 @@ Use this skill for Parallels guest workflows and smoke interpretation. Do not lo
 - If that release-to-dev lane fails with `reason=preflight-no-good-commit` and repeated `sh: pnpm: command not found` tails from `preflight build`, treat it as an updater regression first. The fix belongs in the git/dev updater bootstrap path, not in Parallels retry logic.
 - Until the public stable train includes that updater bootstrap fix, the macOS release-to-dev lane may seed a temporary guest-local `pnpm` shim immediately before `openclaw update --channel dev`. Keep that workaround scoped to the smoke harness and remove it once the latest stable no longer needs it.
 - In Tahoe `prlctl exec --current-user` runs, prefer explicit `node .../openclaw.mjs ...` invocations for the release->dev handoff itself and for post-update verification. The shebanged global `openclaw` wrapper can fail with `env: node: No such file or directory`, and self-updating through the wrapper is a weaker lane than invoking the entrypoint under a fixed `node`.
- Default to the snapshot closest to `macOS 26.5 latest`.
- On Peter's Tahoe VM, `fresh-latest-march-2026` can hang in `prlctl snapshot-switch`; if restore times out there, rerun with `--snapshot-hint 'macOS 26.5 latest'` before blaming auth or the harness.
+- Default to the snapshot closest to `macOS 26.3.1 latest`.
+- On Peter's Tahoe VM, `fresh-latest-march-2026` can hang in `prlctl snapshot-switch`; if restore times out there, rerun with `--snapshot-hint 'macOS 26.3.1 latest'` before blaming auth or the harness.
 - `parallels-macos-smoke.sh` now retries `snapshot-switch` once after force-stopping a stuck running/suspended guest. If Tahoe still times out after that recovery path, then treat it as a real Parallels/host issue and rerun manually.
 - The macOS smoke should include a dashboard load phase after gateway health: resolve the tokenized URL with `openclaw dashboard --no-open`, verify the served HTML contains the Control UI title/root shell, then open Safari and require an established localhost TCP connection from Safari to the gateway port.
 - For Tahoe `fresh.gateway-status`, prefer non-TTY `prlctl exec --current-user ... openclaw gateway status ...` plus a few short retries. `prlctl enter` can spam TTY control bytes and hang the phase log even when the CLI itself is healthy.
@@ -140,8 +140,8 @@ Use this skill for Parallels guest workflows and smoke interpretation. Do not lo
 ## Linux flow

 - Preferred entrypoint: `pnpm test:parallels:linux`
- Use the newest versioned Ubuntu guest with a fresh poweroff snapshot. On Peter's host today, that is `Ubuntu 26.04`.
- If an exact requested Ubuntu VM is missing on the host, any Ubuntu guest with major version `>= 24` is acceptable; prefer the newest versioned Ubuntu guest over older fallback snapshots.
+- Use the snapshot closest to fresh `Ubuntu 24.04.3 ARM64`.
+- If that exact VM is missing on the host, any Ubuntu guest with major version `>= 24` is acceptable; prefer the closest versioned Ubuntu guest with a fresh poweroff snapshot. On Peter's host today, that is `Ubuntu 25.10`.
 - Use plain `prlctl exec`; `--current-user` is not the right transport on this snapshot.
 - Fresh snapshots may be missing `curl`, and `apt-get update` can fail on clock skew. Bootstrap with `apt-get -o Acquire::Check-Date=false update` and install `curl ca-certificates`.
 - Fresh `main` tgz smoke still needs the latest-release installer first because the snapshot has no Node or npm before bootstrap.
--- a/.agents/skills/openclaw-pr-maintainer/SKILL.md
+++ b/.agents/skills/openclaw-pr-maintainer/SKILL.md
@@ -24,36 +24,6 @@ gitcrawl search openclaw/openclaw --query "<scope or title keywords>" --mode hyb
 gitcrawl cluster-detail openclaw/openclaw --id <cluster-id> --member-limit 20 --body-chars 280 --json
 ```

-## Claim specific review targets
-
-When a maintainer asks Codex to review, triage, fix, or land a specific OpenClaw issue/PR, check assignment before deep work.
-
- Identify the requesting maintainer's GitHub login. In this environment, default Peter to `steipete`; if another maintainer is clearly the requester, use that maintainer's bare login.
- Read current assignees with live `gh issue view` / `gh pr view`; `gitcrawl` is not enough for assignment state.
- If unassigned, assign the requester before deep review. This is allowed for specific requested targets; do not auto-assign broad discovery candidates or shortlists.
- If assigned to someone else, say so clearly before analysis and include assignment age:
-  - fresh: assigned within 6h; treat as actively owned unless user explicitly asks to continue or reassign
-  - stale: assigned 6h+ ago; treat as ownership hint, not a hard block; continue only with that caveat
- If assigned to requester plus others, mention co-assignees and continue.
- If assignment event time is unavailable, say `assigned, time unknown`; treat as assigned, not stale.
- Never remove or replace assignees unless explicitly asked.
-
-Assignment time proof:
-
-```bash
-gh api "repos/openclaw/openclaw/issues/<number>/timeline" --paginate \
-  -H "Accept: application/vnd.github+json" \
-  --jq '[.[] | select(.event=="assigned") | {assignee:.assignee.login, assigner:.assigner.login, actor:.actor.login, created_at}]'
-```
-
-Use the newest `assigned` event for each current assignee. Issue timeline events expose `created_at`; GitHub GraphQL `AssignedEvent.createdAt` is also valid when REST pagination is awkward.
-
-Claim command for issues or PRs:
-
-```bash
-gh api -X POST "repos/openclaw/openclaw/issues/<number>/assignees" -f 'assignees[]=<login>' >/dev/null
-```
-
 ## Surface opener identity

 - For every reviewed, triaged, closed, or landed issue/PR, show the opener's human name when available, GitHub login, and account age.
@@ -78,7 +48,7 @@ gh api -X POST "repos/openclaw/openclaw/issues/<number>/assignees" -f 'assignees

 ## Suppress top-maintainer items in issue triage

-When asked for issue triage, hot issues, pressing bugs, Discord-correlated issues, or "what is still open", do not surface issues or PRs authored by top maintainers by default. Prefer external/user-reported hot issues and external PRs, not maintainer-owned work queues.
+When Peter asks for issue triage, hot issues, pressing bugs, Discord-correlated issues, or "what is still open", do not surface issues or PRs authored by top maintainers by default. He wants external/user-reported hot issues and external PRs, not maintainer-owned work queues.

 Suppress by default when the opener/author is one of:

@@ -107,7 +77,7 @@ Also suppress lower-priority maintainer-owned noise from the broader keep/top-ma

 Exceptions:

- Show maintainer-authored items when the requester explicitly asks for maintainer PRs/issues, PR landing candidates, release-blocking maintainer work, or a specific PR/issue number.
+- Show maintainer-authored items when Peter explicitly asks for maintainer PRs/issues, PR landing candidates, release-blocking maintainer work, or a specific PR/issue number.
 - Show a maintainer-authored item when it is the canonical fix for an external hot issue, but frame it as the fix path rather than as a user-facing issue candidate.
 - Do not close, label, or deprioritize solely because an item is maintainer-authored; this section only controls what appears in triage shortlists.

@@ -133,18 +103,11 @@ Exceptions:

 When asked for `X` issues or PRs to triage, `X` means qualified candidates, not sampled threads.

-Issue triage is review/prove/patch-local by default:
-
-1. Review the issue body, comments, related threads, current code, and adjacent tests.
-2. Fix only issues that are easy, high-confidence, and narrowly owned by the implicated path.
-3. Add focused regression proof when practical.
-4. Stop with the dirty diff, touched files, and test/gate output for maintainer review.
-5. After maintainer approval to ship, make one commit per accepted fix, with release-note context in the PR body or commit message when user-facing.
-6. Pull/rebase, push, then comment and close only the issues that were fixed or explicitly triaged closed.
-
-Do not batch unrelated issue fixes into one commit. Do not publish, comment, close, or label during the review/prove phase.
-
-Missing `CHANGELOG.md` is not a PR review finding or merge blocker. If landing/fixing a user-visible change, make sure the PR body or commit message captures the release-note context; never ask or block solely on it.
+Triage is read/prove/patch-local by default. Do not commit unless Peter writes
+`commit` in the current instruction for the exact diff being handled. Do not
+treat earlier messages, inferred intent, "next", sweep momentum, or bundled
+publish language as commit permission. If Peter asks for follow-up work without
+saying `commit`, keep the files dirty after local fixes and proof.

 Only list candidates that pass all gates:

@@ -164,53 +127,16 @@ Loop:

 Output only qualifying candidates, with: ref, surface, proof, cause, fix sketch, why small, expected test/gate. If none qualify, say so; do not pad.

-## Structure PR review output
-
- Start every PR review with 1-3 plain sentences explaining what the change does and why it matters. Put this before `Findings`.
- Then list findings first. If none, say `No blocking findings` or `No findings`.
- Show size near the top as `LOC: +<additions>/-<deletions> (<changedFiles> files)`, using live PR stats or local diff stats.
- Always answer: bug/behavior being fixed, PR/issue URL and affected surface, provenance for regressions when traceable, and best-fix verdict.
- For bug/regression fixes, include a compact `Provenance:` line after cause/root-cause when a bounded history pass can identify it. Use `git log -S/-G`, `git blame`, linked PRs/issues, and tests.
- Provenance must separate roles when they differ: blamed code author username, blamed PR author username, blamed PR merger/committer username, automerge trigger when known, current PR author username, PR number, and date. Do not collapse them into one "introduced by" actor.
- If the blamed PR was merged by `clawsweeper[bot]` or another automation, identify the human trigger when practical. Check live PR timeline/comments first; if rate-limited, use gitcrawl/cache or public PR HTML. Look for maintainer command comments such as `@clawsweeper automerge`, `/landpr`, labels/events that armed automerge, and ClawSweeper status comments. Report `automerge triggered by @login`; if not found, say trigger unknown rather than naming the bot as the human decision-maker.
- For any confirmed bug, run `git blame` on the implicated line(s) after identifying the root cause. Report who broke it as the blamed PR merger/committer, and also name the blamed code author. Include the PR number. If no PR is traceable, use the blamed commit as the provenance: commit SHA, date, and author username. Do not guess a merger or frame missing PR metadata as a separate finding.
- Phrase provenance as `introduced by`, `made visible by`, or `carried forward by`, with confidence (`clear`, `likely`, `unknown`). If unclear, say what evidence is missing instead of guessing. For features, docs, and refactors, use `Provenance: N/A` or omit it when no broken behavior is being fixed.
- Keep summaries compact, but include enough proof that the verdict is auditable without rereading the PR.
-
-LOC proof:
-
-```bash
-gh pr view <number> --json additions,deletions,changedFiles \
-  --jq '"LOC: +\(.additions)/-\(.deletions) (\(.changedFiles) files)"'
-```
-
-## Read beyond the diff
-
- Review the surrounding code path, not just changed lines. Open the caller, callee, data contracts, adjacent tests, and owner module.
- For large-codebase PRs, sample enough related files to understand the runtime boundary before deciding. Default to more code reading when the change touches agents, gateway, plugins, auth, sessions, process, config, or provider/runtime seams.
- Compare the PR against current `origin/main` behavior. Check whether recent main already changed the same surface.
- Dependency-backed behavior: MUST read upstream docs/source/types before judging API use, defaults, output shapes, errors, timeouts, memory behavior, or compatibility. Do not assume dependency contracts from memory or PR text.
- Judge solution quality, not only correctness. Ask whether the PR is the clean owner-boundary fix or a wart/workaround that should be replaced by a small refactor, moved seam, contract change, or deletion of duplicate logic.
- Mention the main files read when the verdict depends on code-path evidence.
-
 ## Enforce the bug-fix evidence bar

 - Never merge a bug-fix PR based only on issue text, PR text, or AI rationale.
- Whenever feasible, use Crabbox (`$crabbox`) for end-to-end verification before
-  commenting that a bug is unreproducible, closing an issue, or opening/landing
-  a fix PR. Prefer a real packaged/Docker/live lane that exercises the reported
-  user flow over unit-only proof.
 - Before landing, require:
  1. symptom evidence such as a repro, logs, or a failing test
  2. a verified root cause in code with file/line
-  3. blame-backed provenance for regressions when traceable, including blamed PR merger and automerge trigger when known, or commit SHA/date when no PR is traceable
-  4. a fix that touches the implicated code path
-  5. a regression test when feasible, or explicit manual verification plus a reason no test was added
+  3. a fix that touches the implicated code path
+  4. a regression test when feasible, or explicit manual verification plus a reason no test was added
 - If the claim is unsubstantiated or likely wrong, request evidence or changes instead of merging.
 - If the linked issue appears outdated or incorrect, correct triage first. Do not merge a speculative fix.
- If Crabbox/E2E proof is blocked, say exactly why and use the closest available
-  local, Docker, mocked, or targeted proof. Do not present unit tests as real
-  behavior proof.

 ## Close low-signal manual PRs carefully

@@ -253,11 +179,8 @@ gh search issues --repo openclaw/openclaw --match title,body --limit 50 \

 ## Follow PR review and landing hygiene

- Never mention release-note bookkeeping in review-only output. It is landing
-  or release-generation mechanics, not a correctness finding.
 - If bot review conversations exist on your PR, address them and resolve them yourself once fixed.
 - Leave a review conversation unresolved only when reviewer or maintainer judgment is still needed.
- Before landing any PR with non-trivial code changes, run `$autoreview` until no accepted/actionable findings remain, unless equivalent manual review already covered it, the change is trivial/docs-only, or the user opts out.
 - When landing or merging any PR, follow the global `/landpr` process.
 - Use `scripts/committer "<msg>" <file...>` for scoped commits instead of manual `git add` and `git commit`.
 - Keep commit messages concise and action-oriented.
--- a/.agents/skills/openclaw-pre-release-plugin-testing/SKILL.md
+++ b/.agents/skills/openclaw-pre-release-plugin-testing/SKILL.md
@@ -1,5 +1,5 @@
 ---
-name: release-openclaw-plugin-testing
+name: openclaw-pre-release-plugin-testing
 description: Plan and run pre-release OpenClaw plugin validation across bundled plugins, package artifacts, lifecycle commands, doctor/fix, config round-trip, gateway startup, SDK compatibility, Docker E2E, Package Acceptance, and Testbox proof.
 ---

--- a/.agents/skills/openclaw-pre-release-plugin-testing/agents/openai.yaml
+++ b/.agents/skills/openclaw-pre-release-plugin-testing/agents/openai.yaml
@@ -0,0 +1,4 @@
+interface:
+  display_name: "OpenClaw Plugin Pre-Release Testing"
+  short_description: "Plan plugin release validation"
+  default_prompt: "Use $openclaw-pre-release-plugin-testing to plan or run pre-release OpenClaw plugin validation across package, lifecycle, doctor, gateway, SDK, and live-ish proof."
--- a/.agents/skills/openclaw-qa-testing/SKILL.md
+++ b/.agents/skills/openclaw-qa-testing/SKILL.md
@@ -227,9 +227,7 @@ pnpm openclaw qa manual \
 - Treat the concrete Codex model name as user/config input; do not hardcode it in source, docs examples, or scenarios.
 - Live QA preserves `CODEX_HOME` so Codex CLI auth/config works while keeping `HOME` and `OPENCLAW_HOME` sandboxed.
 - Mock QA should scrub `CODEX_HOME`.
- If Codex returns fallback/auth text every turn, first check `CODEX_HOME`,
-  relevant secret-backed auth, and gateway child logs before changing
-  scenario assertions.
+- If Codex returns fallback/auth text every turn, first check `CODEX_HOME`, `~/.profile`, and gateway child logs before changing scenario assertions.
 - For model comparison, include `codex-cli/<codex-model>` as another candidate in `qa character-eval`; the report should label it as an opaque model name.

 ## Repo facts
--- a/.agents/skills/openclaw-refactor-docs/SKILL.md
+++ b/.agents/skills/openclaw-refactor-docs/SKILL.md
@@ -1,196 +0,0 @@
---
-name: openclaw-refactor-docs
-description: Refactor an existing OpenClaw docs page with source-audited preservation, restructuring, and verification.
---
-
-# OpenClaw Refactor Docs
-
-## Overview
-
-Use this skill when the user gives a target OpenClaw docs page and asks to
-rewrite, refactor, reorganize, split, shorten, or improve it.
-
-This skill builds on `openclaw-docs`: use that skill for style, page types,
-structure, examples, discoverability, and verification. This skill adds the
-rewrite workflow needed to avoid losing accurate behavior during a major docs
-refactor.
-
-## Inputs
-
-Required:
-
- A target docs page path, such as `docs/plugins/codex-harness.md`.
-
-Optional:
-
- Desired page type, such as topic page, guide, reference, or troubleshooting.
- Specific goals, such as shorter main page, move details to reference pages, or
-  align with current CLI behavior.
- Related source files, schemas, commands, tests, specs, or PRs.
-
-If the target page is missing or ambiguous, ask one concise question before
-editing. Otherwise, proceed.
-
-## Working Contract
-
-Refactor the target page to be more useful, concise, and comprehensive within
-its stated scope.
-
-Do not treat a rewrite as permission to discard behavior facts. Preserve,
-verify, move, or explicitly retire existing material. Incorrect docs are worse
-than verbose docs.
-
-Prefer this split:
-
- Topic or guide pages cover the 80/20 path, decisions readers must make, safe
-  setup, smallest reliable verification, common failures, and links onward.
- Reference pages cover exhaustive fields, defaults, enums, limits, precedence
-  rules, API contracts, narrow internals, and rare debugging details.
- Troubleshooting pages start from observable symptoms and map to checks,
-  causes, and fixes.
-
-## Workflow
-
-### 1. Load the doc standard
-
-Read `../openclaw-docs/SKILL.md` first. Apply its page-type, style,
-examples, navigation, and verification guidance throughout the refactor.
-
-Run `pnpm docs:list` when available, then read only the target page and the
-likely entry points, references, or related pages needed for the refactor.
-
-### 2. Classify the page
-
-Before editing, decide the intended page type from `openclaw-docs`.
-
-If the current page mixes page types, choose the main page type and plan where
-the other material belongs:
-
- Move exhaustive contracts to an existing or new reference page.
- Move symptom-driven material to an existing or new troubleshooting page.
- Move narrow setup workflows to a guide when they interrupt the main path.
- Keep concise routing, decision, and safety details in the main page when
-  readers need them to complete the workflow.
-
-### 3. Preserve and audit existing facts
-
-Create a working inventory from the old page before rewriting. Include:
-
- Config fields, flags, commands, slash commands, env vars, defaults, enums,
-  nullable values, and constraints.
- Precedence rules, fallback behavior, caps, limits, rate limits, timeouts,
-  lifecycle states, queueing behavior, and compatibility rules.
- Auth, permission, approval, sandbox, safety, privacy, and destructive-action
-  behavior.
- Setup requirements, supported versions, dependencies, operating systems,
-  credentials, and account requirements.
- Error messages, troubleshooting symptoms, diagnostics, and recovery steps.
- Examples, expected output, command routing tables, and cross-links.
-
-For each fact, choose one outcome:
-
- Keep it in the refactored target page.
- Move it to a specific existing page.
- Move it to a specific new page.
- Delete it because current source proves it is obsolete or out of scope.
-
-Do not infer defaults, permissions, policy, timeout behavior, or safety posture
-from names or intent. Verify them.
-
-### 4. Find source of truth
-
-Use the nearest authoritative source for each behavior-sensitive claim:
-
- Public schema, plugin manifest, generated config docs, or exported types for
-  config fields.
- CLI implementation, slash-command handlers, help text, and command tests for
-  commands and flags.
- Runtime source and tests for lifecycle, queueing, permission, fallback,
-  timeout, and provider behavior.
- Protocol docs, SDK facades, and contract tests for APIs and plugin surfaces.
- Existing docs only as secondary evidence unless the target is purely
-  conceptual.
-
-If a page promises a reference, compare its tables against the schema,
-manifest, CLI help, generated docs, or exported types. Missing public fields,
-defaults, precedence rules, caps, or side effects are correctness bugs.
-
-### 5. Plan moved material
-
-When moving detail out of the target page, record the destination before
-editing:
-
- Existing page: name the page and section.
- New page: choose the page type, slug, title, frontmatter summary,
-  `doc-schema-version: 1`, and `read_when` hints.
- Target page: keep a short summary and link from the point where readers need
-  the deeper detail.
-
-Avoid duplicate truth. If the same contract appears in multiple places, choose
-one canonical page and link to it.
-
-### 6. Rewrite
-
-Rewrite in this order:
-
-1. Make the first screen answer what the reader can do and why this page exists.
-2. Put the recommended path before alternatives.
-3. Keep only decision-making and common operational detail in the main flow.
-4. Move exhaustive tables and rare details to the planned reference pages.
-5. Preserve concise routing tables when they help readers choose commands,
-   config paths, harnesses, plugins, providers, or references.
-6. Add troubleshooting from observable symptoms, not internal guesses.
-7. Link related concepts, guides, references, diagnostics, and adjacent tools.
-
-Add `doc-schema-version: 1` to the YAML frontmatter of every docs page that the
-refactor migrates, creates, or materially rewrites. Apply it only to docs page
-files, not `docs.json`, glossary JSON, or other non-page metadata. If a
-migrated page is generated, update the generator so regeneration preserves the
-marker instead of hand-editing generated output.
-
-Do not leave placeholders such as "TODO", "TBD", or "see docs" unless the user
-explicitly asks for a draft.
-
-### 7. Compare old and new
-
-After editing, compare the old and new page:
-
- Confirm all behavior-sensitive facts were kept, moved, or intentionally
-  deleted with source-backed reason.
- Check that the main page still covers the 80/20 scenario end to end.
- Check that reference pages remain exhaustive for the scope they claim.
- Check that links from the target page reach moved details.
- Check that headings are stable, searchable, and action-oriented.
-
-If the refactor deliberately removes relevant material, say where it went or why
-it was removed in the final report.
-
-### 8. Verify
-
-Run the smallest reliable docs checks for the touched surface:
-
- `pnpm docs:list`
- `git diff --check -- <touched-files>`
- Targeted `pnpm exec oxfmt --check --threads=1 <touched-files>`
- `pnpm docs:check-mdx`
- `pnpm docs:check-links`
- `pnpm docs:check-i18n-glossary` when link text, navigation, labels, or glossary
-  surfaces changed
- Generated-doc checks when schemas, generated config docs, API docs, or
-  generated baselines are touched
-
-Run commands and examples from the page whenever feasible. If you cannot verify
-a behavior-sensitive claim, either remove the claim, mark the uncertainty in the
-work-in-progress report, or ask for the missing source.
-
-## Final Report
-
-Report:
-
- What changed in the target page.
- What details moved and their destination pages.
- What source-of-truth checks backed behavior-sensitive claims.
- What validation ran and what failed for unrelated reasons.
-
-Do not include a long rewrite diary. Lead with remaining risks only if there are
-any.
--- a/.agents/skills/openclaw-release-maintainer/SKILL.md
+++ b/.agents/skills/openclaw-release-maintainer/SKILL.md
@@ -1,11 +1,11 @@
 ---
-name: release-openclaw-maintainer
+name: openclaw-release-maintainer
 description: Prepare or verify OpenClaw stable/beta releases, changelogs, release notes, publish commands, and artifacts.
 ---

 # OpenClaw Release Maintainer

-Use this skill for release and publish-time workflow. Load `$release-private` if it exists before resolving Peter-owned credential locators or private host topology. Keep ordinary development changes and GHSA-specific advisory work outside this skill.
+Use this skill for release and publish-time workflow. Keep ordinary development changes and GHSA-specific advisory work outside this skill.

 ## Respect release guardrails

@@ -23,8 +23,7 @@ Use this skill for release and publish-time workflow. Load `$release-private` if
  green. Then branch from that commit so regular development can continue on
  `main` while release validation runs.
 - Before release branching, commit any dirty files in coherent groups, push,
-  pull/rebase, then generate `CHANGELOG.md` on `main` from merged PRs and all
-  direct commits since the last reachable release tag. Commit/push/pull that
+  pull/rebase, then run `/changelog` on `main` and commit/push/pull that
  changelog rewrite immediately before creating the release branch.
 - During release planning, inspect both `src/plugins/compat/registry.ts` and
  `src/commands/doctor/shared/deprecation-compat.ts` before branching and again
@@ -60,24 +59,14 @@ Use this skill for release and publish-time workflow. Load `$release-private` if
  fixes that landed after the release branch cut and backport only important
  low-risk fixes. Operators may authorize up to 4 autonomous beta attempts;
  after 4 failed beta attempts, stop and report.
- As soon as the release candidate SHA exists, dispatch `OpenClaw Performance`
-  with `target_ref=<release-sha>` in parallel with the other release work. Do
-  not wait for full release validation to start the performance signal.
- Before publish/closeout, compare available product performance metrics with
-  earlier releases: Kova agent-turn/resource metrics, gateway startup
-  ready/listen/RSS/CPU metrics, and CLI startup metrics from release evidence
-  or clawgrit reports. Report regressions explicitly. A major regression is a
-  release blocker unless the operator waives it or the data clearly proves
-  infrastructure noise.
- Generate the changelog before version/tag preparation so the top changelog
-  section is deduped and ordered by user impact. Use
-  `$openclaw-changelog-update` for the rewrite.
+- Use `/changelog` before version/tag preparation so the top changelog section
+  is deduped and ordered by user impact.
 - Do not create beta-specific `CHANGELOG.md` headings. Beta releases use the
  stable base version section, for example `v2026.4.20-beta.1` uses
  `## 2026.4.20` release notes.
 - When any beta or stable release is live, make a best-effort Discord
-  announcement using the configured secret workflow; do not block or roll back
-  the release if the announcement fails.
+  announcement using Peter's bot token from `.profile`; do not block or roll
+  back the release if the announcement fails.
 - When asked to announce on X, use `~/Projects/bird/bird` and follow the
  release tweet style below.

@@ -138,25 +127,11 @@ Use this skill for release and publish-time workflow. Load `$release-private` if

 ## Build changelog-backed release notes

- `CHANGELOG.md` is release-owned. Normal PRs and direct `main` fixes should
-  not edit it.
 - Before release branching or tagging, rewrite the target `CHANGELOG.md`
-  section from history, not existing notes. Use the last reachable stable or
-  beta release tag as the base, then inspect every commit through the target
-  release SHA.
- Include both merged PR commits and direct commits on `main`. Direct commits
-  matter: infer notes from their subject, body, touched files, linked issues,
-  tests, and nearby code when no PR body exists.
- Prefer PR bodies, issue links, review proof, and commit bodies over commit
-  subjects alone. If a commit fixed an issue directly, the commit body should
-  name the user-visible behavior, affected surface, issue ref, and credited
-  reporter/contributor when known.
- Treat missing context as a release-note audit gap: inspect the diff and linked
-  issue, draft the best accurate entry, and note the uncertainty for maintainer
-  review rather than inventing impact.
- Add missed user-facing changes, remove internal-only noise, dedupe overlapping
-  PR/direct-commit entries, and sort each section from most to least interesting
-  for users.
+  section from commit history, not just from existing notes: scan commits since
+  the last reachable release tag, add missed user-facing changes, dedupe
+  overlapping entries, and sort each section from most to least interesting for
+  users.
 - Changelog entries should be user-facing, not internal release-process notes.
 - GitHub release and prerelease bodies must use the full matching
  `CHANGELOG.md` version section, not highlights or an excerpt. When creating
@@ -195,13 +170,6 @@ live`; keep it clearly beta and avoid implying stable promotion.
  CI, validation, or internal release mechanics unless the release is explicitly
  about those. Peter prefers concrete user wins: features, integrations,
  workflow improvements, and practical reliability fixes.
- Do not feature QA parity, test coverage, release gates, or validation lanes in
-  user-facing launch tweets. Keep them for release notes or maintainer proof
-  unless the operator explicitly asks for validation-focused copy.
- Do not feature plugin-author or developer tooling such as SDK helpers,
-  tool-plugin scaffolding, build/validate/init commands, or internal CLI
-  plumbing in general user-facing launch tweets unless the operator explicitly
-  asks for developer-focused copy.
 - Tone: high-signal, slightly cheeky, confident, not corporate. One joke is
  enough. Avoid punching down, insulting users, or promising what was not
  verified.
@@ -320,11 +288,13 @@ node --import tsx scripts/openclaw-npm-postpublish-verify.ts <published-version>
 ## Check all relevant release builds

 - Always validate the OpenClaw npm release path before creating the tag.
- Use the configured secret workflow before live release validation so OpenAI
-  and Anthropic credentials are available without printing secrets.
+- Source Peter's profile before live release validation so OpenAI and Anthropic
+  credentials are available without printing secrets:
+  `set -a; source "$HOME/.profile"; set +a`.
 - Parallels validation and any local live model QA for this train must use both
-  `OPENAI_API_KEY` and `ANTHROPIC_API_KEY`. If either cannot be injected, stop
-  before starting those local long lanes and report the missing key.
+  `OPENAI_API_KEY` and `ANTHROPIC_API_KEY`. If either is missing after sourcing
+  `.profile`, stop before starting those local long lanes and report the
+  missing key.
 - Live credentialed channel QA is the GitHub Actions workflow
  `QA-Lab - All Lanes` (`.github/workflows/qa-live-telegram-convex.yml`), not a
  local substitute. Dispatch it from Actions against the release tag and wait
@@ -437,7 +407,7 @@ node --import tsx scripts/openclaw-npm-postpublish-verify.ts <published-version>
  - Hard rule: never run `op` directly in the main agent shell during release
    work. Any 1Password CLI use must happen inside that tmux session so prompts
    and alerts are contained and observable.
-  - Use `$release-private` for the npm credentials and OTP item.
+  - Use the 1Password item `op://Private/Npmjs` for npm credentials and OTP.
    Do not print passwords, tokens, or OTPs to the transcript; send them through
    tmux buffers, env vars scoped to the tmux command, or `expect` with
    `log_user 0`.
@@ -565,42 +535,34 @@ node --import tsx scripts/openclaw-npm-postpublish-verify.ts <published-version>
 6. Create `release/YYYY.M.D` from that post-changelog `main` commit.
 7. Make every repo version location match the beta tag before creating it.
 8. Commit release preparation changes on the release branch and push the branch.
-9. Immediately dispatch Actions > `OpenClaw Performance` from `main` with
-   `target_ref=<release-sha>`, `profile=release`, `repeat=3`, deep profiling
-   off, live OpenAI off, and regression failure off. Let it run in parallel
-   with preflight and validation work.
-10. Run the fast local beta preflight from the release branch before any npm
-    preflight or publish. Keep expensive Docker, Parallels, and published-package
-    install/update lanes for after the beta is live unless the operator asks to
-    run them before beta publication.
-11. For beta releases, skip mac app build/sign/notarize unless beta scope or a
+9. Run the fast local beta preflight from the release branch before any npm
+   preflight or publish. Keep expensive Docker, Parallels, and published-package
+   install/update lanes for after the beta is live unless the operator asks to
+   run them before beta publication.
+10. For beta releases, skip mac app build/sign/notarize unless beta scope or a
    release blocker specifically requires it. For stable releases, include the
    mac app, signing, notarization, and appcast path.
-12. Confirm the target npm version is not already published.
-13. Create and push the git tag from the release branch.
-14. Create or refresh the matching GitHub release.
-15. Dispatch Actions > `QA-Lab - All Lanes` against the release tag and wait
+11. Confirm the target npm version is not already published.
+12. Create and push the git tag from the release branch.
+13. Create or refresh the matching GitHub release.
+14. Dispatch Actions > `QA-Lab - All Lanes` against the release tag and wait
    for the mock parity, live Matrix, and live Telegram credentialed-channel
    lanes to pass.
-16. Start `.github/workflows/openclaw-npm-release.yml` from the release branch
+15. Start `.github/workflows/openclaw-npm-release.yml` from the release branch
    with `preflight_only=true`
    and choose the intended `npm_dist_tag` (`beta` default; `latest` only for
    an intentional direct stable publish). Wait for it to pass. Save that run id
    because the real publish requires it to reuse the prepared npm tarball.
-17. Before real publish, review the early performance run if it has completed.
-    Compare against earlier release evidence or clawgrit reports where
-    available. Call out minor regressions in the release proof; block on major
-    regressions unless waived or proven noisy.
-18. For stable releases, start `.github/workflows/macos-release.yml` in
+16. For stable releases, start `.github/workflows/macos-release.yml` in
    `openclaw/openclaw` and wait for the public validation-only run to pass.
-19. For stable releases, start
+17. For stable releases, start
    `openclaw/releases-private/.github/workflows/openclaw-macos-validate.yml`
    with the same tag and wait for the private mac validation lane to pass.
-20. For stable releases, start
+18. For stable releases, start
    `openclaw/releases-private/.github/workflows/openclaw-macos-publish.yml`
    with `preflight_only=true` and wait for it to pass. Save that run id because
    the real publish requires it to reuse the notarized mac artifacts.
-21. If any preflight or validation run fails, fix the issue on a new commit,
+19. If any preflight or validation run fails, fix the issue on a new commit,
    delete the tag and matching GitHub release, recreate them from the fixed
    commit, and rerun all relevant preflights from scratch before continuing.
    Never reuse old preflight results after the commit changes. For pushed or
@@ -608,15 +570,15 @@ node --import tsx scripts/openclaw-npm-postpublish-verify.ts <published-version>
    For preflight-only failures where npm did not publish the beta version,
    delete/recreate the same beta tag and prerelease at the fixed commit instead
    of skipping a prerelease number.
-22. Start `.github/workflows/openclaw-npm-release.yml` from the same branch with
+20. Start `.github/workflows/openclaw-npm-release.yml` from the same branch with
    the same tag for the real publish, choose `npm_dist_tag` (`beta` default,
    `latest` only when you intentionally want direct stable publish), keep it
    the same as the preflight run, and pass the successful npm
    `preflight_run_id`.
-23. Wait for `npm-release` approval from `@openclaw/openclaw-release-managers`.
-24. Run postpublish verification:
+21. Wait for `npm-release` approval from `@openclaw/openclaw-release-managers`.
+22. Run postpublish verification:
    `node --import tsx scripts/openclaw-npm-postpublish-verify.ts <published-version>`.
-25. Run the post-published beta verification roster. First scan current `main`
+23. Run the post-published beta verification roster. First scan current `main`
    for critical fixes that landed after the release branch cut; backport only
    important low-risk fixes before starting expensive lanes, or increment to
    the next beta if the fix must change the already-published package. If any
@@ -630,10 +592,11 @@ node --import tsx scripts/openclaw-npm-postpublish-verify.ts <published-version>
    If a pre-npm lane fails before any tag/package leaves the machine, fix and
    rerun the same intended beta attempt. Repeat up to the operator's
    authorized beta-attempt limit, normally 4.
-26. Announce the beta/stable release on Discord best-effort using the configured secret workflow.
-27. If the operator requested beta only, stop after beta verification and the
+24. Announce the beta/stable release on Discord best-effort using Peter's bot
+    token from `.profile`.
+25. If the operator requested beta only, stop after beta verification and the
    announcement.
-28. If the stable release was published to `beta`, use the light stable
+26. If the stable release was published to `beta`, use the light stable
    promotion roster when the matching beta already carried the full confidence
    pass: published npm postpublish verify, Docker install/update smoke,
    macOS-only Parallels install/update smoke, and required QA signal.
@@ -641,24 +604,24 @@ node --import tsx scripts/openclaw-npm-postpublish-verify.ts <published-version>
    `openclaw/releases-private/.github/workflows/openclaw-npm-dist-tags.yml`
    workflow to promote that stable version from `beta` to `latest`, then
    verify `latest` now points at that version.
-29. If the stable release was published directly to `latest` and `beta` should
+27. If the stable release was published directly to `latest` and `beta` should
    follow it, start that same private dist-tag workflow to point `beta` at the
    stable version, then verify both `latest` and `beta` point at that version.
-30. For stable releases, start
+28. For stable releases, start
    `openclaw/releases-private/.github/workflows/openclaw-macos-publish.yml`
    for the real publish with the successful private mac `preflight_run_id` and
    wait for success.
-31. Verify the successful real private mac run uploaded the `.zip`, `.dmg`,
+29. Verify the successful real private mac run uploaded the `.zip`, `.dmg`,
    and `.dSYM.zip` artifacts to the existing GitHub release in
    `openclaw/openclaw`.
-32. For stable releases, download `macos-appcast-<tag>` from the successful
+30. For stable releases, download `macos-appcast-<tag>` from the successful
    private mac run, update `appcast.xml` on `main`, and verify the feed. Merge
    or cherry-pick release branch changes back to `main` after stable succeeds.
-33. For beta releases, publish the mac assets only when intentionally requested;
+31. For beta releases, publish the mac assets only when intentionally requested;
    expect no shared production
    `appcast.xml` artifact and do not update the shared production feed unless a
    separate beta feed exists.
-34. After publish, verify npm and the attached release artifacts.
+32. After publish, verify npm and the attached release artifacts.

 ## GHSA advisory work

--- a/.agents/skills/openclaw-secret-scanning-maintainer/SKILL.md
+++ b/.agents/skills/openclaw-secret-scanning-maintainer/SKILL.md
@@ -34,10 +34,10 @@ Supports single or multiple alerts. For multiple alerts, process in ascending or
 For each alert:

 1. **Identify** — `fetch-alert` + `fetch-content` to get metadata and body
-2. **Decide** — Agent reads the body file, identifies whether plaintext secrets remain, and produces a redacted version only when needed
-3. **Redact** — `redact-body-if-needed` for issue/PR body; skip for comments (delete directly)
+2. **Decide** — Agent reads the body file, identifies all secrets, produces redacted version
+3. **Redact** — `redact-body` for issue/PR body; skip for comments (delete directly)
 4. **Purge** — `delete-comment` + `recreate-comment` for comments; cannot purge body history
-5. **Notify** — `notify` posts the right template per location type, unless the current issue/PR body is already redacted
+5. **Notify** — `notify` posts the right template per location type
 6. **Resolve** — `resolve` closes the alert
 7. **Summary** — `summary` prints formatted results

@@ -81,20 +81,11 @@ The `fetch-content` output includes:
 The agent reads the body file from `fetch-content` output and:

 1. Identifies ALL secrets in the content (there may be more than the alert flagged)
-2. Determines whether any plaintext credential remains in the current body
-3. Replaces each remaining secret with `[REDACTED <secret_type>]` — **no partial values, no prefix/suffix**
-4. Saves the redacted content to a new temp file
+2. Replaces each secret with `[REDACTED <secret_type>]` — **no partial values, no prefix/suffix**
+3. Saves the redacted content to a new temp file

 This is the only step that requires semantic understanding. Everything else is mechanical.

-For `issue_body` and `pull_request_body`: if the current body has already been redacted by the author and no plaintext credential remains, **do not post a public notification comment**. Resolve the alert with a maintainer-only resolution comment such as:
-
-```bash
-node secret-scanning.mjs resolve <ALERT_NUMBER> revoked "Current issue/PR body is already redacted; no public notification posted."
-```
-
-This avoids creating a fresh public pointer to historical sensitive content.
-
 ## Step 3: Redact

 ### For comments (issue_comment / PR comments)
@@ -104,11 +95,9 @@ This avoids creating a fresh public pointer to historical sensitive content.
 ### For issue_body / pull_request_body

 ```bash
-node secret-scanning.mjs redact-body-if-needed <issue|pr> <NUMBER> <current-body-file> <redacted-body-file> <result-file>
+node secret-scanning.mjs redact-body <issue|pr> <NUMBER> <redacted-body-file>
 ```

-Use the `body_file` from `fetch-content` as `<current-body-file>`. The command writes `notify_required` to `<result-file>` and only PATCHes the body when the redacted file differs from the current body.
-
 ## Step 4: Purge Edit History

 ### Comments — Delete and Recreate
@@ -145,12 +134,10 @@ The recreated comment should follow this format:
 <redacted original content>
 ```

-### issue_body / pull_request_body — Cannot Purge Edit History
+### issue_body / pull_request_body — Cannot Purge

 Editing creates an edit history revision with the pre-edit plaintext. This cannot be cleared via API.

-Do not advise authors publicly to delete/recreate issues or close/reopen PRs. That can draw attention to historical content. Keep purge guidance maintainer-only.
-
 **Output to maintainer terminal only (never in public comments):**

 ```
@@ -168,13 +155,12 @@ Cannot clean. Notify author to delete branch or force-push (for unmerged PRs).
 ## Step 5: Notify

 ```bash
-node secret-scanning.mjs notify <TARGET> <AUTHOR> <LOCATION_TYPE> <SECRET_TYPES> [REPLY_TO_NODE_ID|BODY_REDACTION_RESULT_FILE]
+node secret-scanning.mjs notify <TARGET> <AUTHOR> <LOCATION_TYPE> <SECRET_TYPES> [REPLY_TO_NODE_ID]
 ```

 - For non-discussion types, `<TARGET>` is the issue/PR number.
 - For `discussion_comment`, `<TARGET>` is the `discussion_node_id` returned by `fetch-content`.
 - For reply-style `discussion_comment` locations, pass the optional `reply_to_node_id` from `fetch-content` so the notification stays in the same thread.
- For `issue_body` and `pull_request_body`, pass the `<result-file>` from `redact-body-if-needed`. The script skips notification when `notify_required` is `false` and refuses body notifications without this file.

 Secret types are comma-separated: `"Discord Bot Token,Feishu App Secret"`

@@ -184,8 +170,6 @@ The script picks the right template:
 - **body types**: "your issue/PR description … redacted in place"
 - **commit**: "code you committed"

-For `issue_body` and `pull_request_body`, only notify when the current body still contained plaintext and maintainers redacted it. If the user already redacted the current body, skip this step and resolve silently.
-
 ## Step 6: Resolve

 ```bash
@@ -194,7 +178,7 @@ node secret-scanning.mjs resolve <ALERT_NUMBER>
 node secret-scanning.mjs resolve <ALERT_NUMBER> revoked "Custom comment"
 ```

-Resolution is `revoked` by default. As maintainers we cannot control whether users rotate — our responsibility is to remove current plaintext exposure and notify only when public notification is useful. The `revoked` means "this secret should be considered leaked", not "I confirmed it was revoked".
+Resolution is `revoked` by default. As maintainers we cannot control whether users rotate — our responsibility is to redact + notify. The `revoked` means "this secret should be considered leaked", not "I confirmed it was revoked".

 ## Step 7: Summary

--- a/.agents/skills/openclaw-secret-scanning-maintainer/scripts/secret-scanning.mjs
+++ b/.agents/skills/openclaw-secret-scanning-maintainer/scripts/secret-scanning.mjs
@@ -7,7 +7,6 @@ import crypto from "node:crypto";
 import fs from "node:fs";
 import os from "node:os";
 import path from "node:path";
-import { pathToFileURL } from "node:url";

 const REPO = "openclaw/openclaw";
 const REPO_URL = `https://github.com/${REPO}`;
@@ -51,34 +50,6 @@ function ghGraphQL(query, options = {}) {
  return gh(["api", "graphql", "-f", `query=${query}`], options);
 }

-function isBodyLocationType(locationType) {
-  return locationType === "issue_body" || locationType === "pull_request_body";
-}
-
-export function decideBodyRedaction(currentBody, redactedBody) {
-  const bodyChanged = String(currentBody) !== String(redactedBody);
-  return {
-    body_changed: bodyChanged,
-    notify_required: bodyChanged,
-  };
-}
-
-export function loadBodyRedactionResult(locationType, resultFile) {
-  if (!isBodyLocationType(locationType)) {
-    return { notify_required: true };
-  }
-  if (!resultFile) {
-    fail("Body notifications require a redaction result file from redact-body-if-needed");
-  }
-  if (!fs.existsSync(resultFile)) fail(`File not found: ${resultFile}`);
-
-  const result = JSON.parse(fs.readFileSync(resultFile, "utf8"));
-  if (typeof result.notify_required !== "boolean") {
-    fail(`Invalid redaction result file: missing boolean notify_required in ${resultFile}`);
-  }
-  return result;
-}
-
 function failOnGraphQLFailure(result, message) {
  if (result?.gh_failed) {
    const details = (
@@ -499,43 +470,6 @@ function cmdRedactBody(kind, number, bodyFile) {
  console.log(JSON.stringify({ ok: true, kind, number: Number(number) }));
 }

-/**
- * redact-body-if-needed <issue|pr> <number> <current-body-file> <redacted-body-file> <result-file>
- * PATCH only when the agent-produced redacted body differs from the current body.
- */
-function cmdRedactBodyIfNeeded(kind, number, currentBodyFile, redactedBodyFile, resultFile) {
-  if (!kind || !number || !currentBodyFile || !redactedBodyFile || !resultFile) {
-    fail(
-      "Usage: redact-body-if-needed <issue|pr> <number> <current-body-file> <redacted-body-file> <result-file>",
-    );
-  }
-  if (!fs.existsSync(currentBodyFile)) fail(`File not found: ${currentBodyFile}`);
-  if (!fs.existsSync(redactedBodyFile)) fail(`File not found: ${redactedBodyFile}`);
-
-  const currentBody = fs.readFileSync(currentBodyFile, "utf8");
-  const redactedBody = fs.readFileSync(redactedBodyFile, "utf8");
-  const decision = decideBodyRedaction(currentBody, redactedBody);
-  const result = {
-    ok: true,
-    kind,
-    number: Number(number),
-    ...decision,
-  };
-
-  if (decision.body_changed) {
-    const endpoint =
-      kind === "pr" ? `repos/${REPO}/pulls/${number}` : `repos/${REPO}/issues/${number}`;
-    gh(["api", endpoint, "-X", "PATCH", "-F", `body=@${redactedBodyFile}`]);
-    result.redacted = true;
-  } else {
-    result.redacted = false;
-    result.reason = "current_body_already_redacted";
-  }
-
-  fs.writeFileSync(resultFile, `${JSON.stringify(result, null, 2)}\n`, { mode: 0o600 });
-  console.log(JSON.stringify(result));
-}
-
 /**
 * delete-comment <comment-id>
 * Delete a comment (and all its edit history).
@@ -621,17 +555,6 @@ function cmdNotify(target, author, locationType, secretTypes, replyToNodeId) {

  const types = secretTypes.split(",").map((s) => s.trim());
  const typeList = types.map((t, i) => `${i + 1}. **${t}**`).join("\n");
-  const redactionResult = loadBodyRedactionResult(locationType, replyToNodeId);
-  if (isBodyLocationType(locationType) && !redactionResult.notify_required) {
-    console.log(
-      JSON.stringify({
-        ok: true,
-        skipped: true,
-        reason: "current_body_already_redacted",
-      }),
-    );
-    return;
-  }

  let locationDesc;
  let actionDesc;
@@ -658,8 +581,6 @@ function cmdNotify(target, author, locationType, secretTypes, replyToNodeId) {
  }

  const body = [
-    `> **Note:** This is an automated message sent by the OpenClaw maintainer team. **NO_REPLY.**`,
-    "",
    `@${author} :warning: **Security Notice: Secret Leakage Detected**`,
    "",
    `GitHub Secret Scanning detected the following exposed secret types in ${locationDesc}:`,
@@ -835,13 +756,12 @@ function cmdSummary(jsonFile) {

 // ─── Dispatch ───────────────────────────────────────────────────────────────

-const args = [];
+const [command, ...args] = process.argv.slice(2);

-export const commands = {
+const commands = {
  "fetch-alert": () => cmdFetchAlert(args[0]),
  "fetch-content": () => cmdFetchContent(args[0]),
  "redact-body": () => cmdRedactBody(args[0], args[1], args[2]),
-  "redact-body-if-needed": () => cmdRedactBodyIfNeeded(args[0], args[1], args[2], args[3], args[4]),
  "delete-comment": () => cmdDeleteComment(args[0]),
  "delete-discussion-comment": () => cmdDeleteDiscussionComment(args[0]),
  "recreate-comment": () => cmdRecreateComment(args[0], args[1]),
@@ -852,37 +772,26 @@ export const commands = {
  summary: () => cmdSummary(args[0]),
 };

-function main(argv = process.argv.slice(2)) {
-  const [command, ...commandArgs] = argv;
-  args.length = 0;
-  args.push(...commandArgs);
-
-  if (!command || !commands[command]) {
-    console.error(
-      [
-        "Usage: node secret-scanning.mjs <command> [args]",
-        "",
-        "Commands:",
-        "  fetch-alert <number>             Fetch alert metadata + locations",
-        "  fetch-content '<location-json>'   Fetch content for a location",
-        "  redact-body <issue|pr> <n> <file> PATCH body with redacted file",
-        "  redact-body-if-needed <issue|pr> <n> <current-file> <redacted-file> <result-file> PATCH body only if redaction changed it",
-        "  delete-comment <comment-id>       Delete a comment",
-        "  delete-discussion-comment <node-id> Delete a discussion comment (GraphQL)",
-        "  recreate-comment <issue-n> <file> Create replacement comment",
-        "  recreate-discussion-comment <disc-node-id> <file> [reply-to-node-id] Create discussion comment (GraphQL)",
-        "  notify <target> <author> <type> <types> [reply-to-node-id|body-result-file] Post notification",
-        "  resolve <n> [resolution] [comment] Close alert",
-        "  list-open                          List open alerts",
-        "  summary <json-file>               Print formatted summary",
-      ].join("\n"),
-    );
-    process.exit(1);
-  }
-
-  commands[command]();
+if (!command || !commands[command]) {
+  console.error(
+    [
+      "Usage: node secret-scanning.mjs <command> [args]",
+      "",
+      "Commands:",
+      "  fetch-alert <number>             Fetch alert metadata + locations",
+      "  fetch-content '<location-json>'   Fetch content for a location",
+      "  redact-body <issue|pr> <n> <file> PATCH body with redacted file",
+      "  delete-comment <comment-id>       Delete a comment",
+      "  delete-discussion-comment <node-id> Delete a discussion comment (GraphQL)",
+      "  recreate-comment <issue-n> <file> Create replacement comment",
+      "  recreate-discussion-comment <disc-node-id> <file> [reply-to-node-id] Create discussion comment (GraphQL)",
+      "  notify <target> <author> <type> <types> [reply-to-node-id] Post notification",
+      "  resolve <n> [resolution] [comment] Close alert",
+      "  list-open                          List open alerts",
+      "  summary <json-file>               Print formatted summary",
+    ].join("\n"),
+  );
+  process.exit(1);
 }

-if (process.argv[1] && import.meta.url === pathToFileURL(process.argv[1]).href) {
-  main();
-}
+commands[command]();
--- a/.agents/skills/openclaw-small-bugfix-sweep/SKILL.md
+++ b/.agents/skills/openclaw-small-bugfix-sweep/SKILL.md
@@ -7,19 +7,17 @@ description: Fix only small, high-certainty OpenClaw bugs from a pasted issue/PR

 Batch workflow for pasted OpenClaw issue/PR refs.
 Execute, do not summarize.
-Triage reviews, proves, and patches local fixes first; publishing waits for Peter's manual review.
+Triage does not commit, push, create PRs, comment, close, label, land, or merge.

 ## Peter Review Gate

 Peter always wants to review code before commits.
-Default flow:
-1. Review each issue deeply enough to prove current behavior and root cause.
-2. Fix only easy, high-confidence bugs with narrow ownership and focused proof.
-3. Stop with the dirty diff summary, touched files, and test/gate output for Peter's manual review.
-4. After Peter approves shipping, make one commit per accepted fix, with a changelog entry for each user-facing fix.
-5. Pull/rebase, push, then comment and close only the fixed or explicitly triaged-closed issues.
-
-Do not batch unrelated issue fixes into one commit. Do not push, create PRs, comment, close, label, land, merge, or otherwise publish during the review/prove phase.
+After local fixes and proof, stop with the diff summary, touched files, and test/gate output.
+Do not commit unless Peter writes `commit` in the current instruction for the exact diff being handled.
+Do not treat earlier messages, inferred intent, "next", sweep momentum, or bundled publish language as commit permission.
+If Peter asks for follow-up work without saying `commit`, keep the files dirty after local fixes and proof.
+Do not push, comment, close, label, land, merge, or otherwise publish until Peter explicitly asks for that exact action after the code has been reviewed.
+If Peter asks for a bundled action like `commit push close`, first confirm the code has already been reviewed in chat; if not, stop with the dirty diff and ask for review/approval.

 ## Companion Skills

@@ -60,9 +58,8 @@ Skip with terse reason. Do not pad with low-confidence fixes.
 - no drive-by refactors
 - tests near failing surface
 - docs only for changed public behavior
- no commit during the review/prove phase
- after Peter approves shipping, one commit plus changelog per accepted user-facing fix
- no push/create PR/comment/close/label/land/merge until Peter approves shipping after review
+- no commit unless Peter writes `commit` in the current instruction
+- no push/create PR/comment/close/label/land/merge unless explicitly asked for that exact action after review

 ## PR Rules

--- a/.agents/skills/openclaw-test-performance/SKILL.md
+++ b/.agents/skills/openclaw-test-performance/SKILL.md
@@ -92,13 +92,13 @@ barrels, package-boundary tests, or extension suites.
   - runtime capture should be quiet and config-tolerant.
   - command output should include wall time, exit code, and peak RSS when
     available.
-4. For broad or package-heavy plugin proof, use Crabbox-backed Blacksmith
-   Testbox by default on maintainer machines:
-   - `pnpm crabbox:run -- --provider blacksmith-testbox --timing-json -- OPENCLAW_TESTBOX=1 pnpm test:extensions:batch <ids>`
-   - add `--keep`/`--id <id-or-slug>` only when several commands must share one
-     warmed box; stop it with `pnpm crabbox:stop -- <id-or-slug>`.
+4. For broad or package-heavy plugin proof, use Blacksmith Testbox by default on
+   maintainer machines. Warm once and reuse the same box:
+   - `blacksmith testbox warmup ci-check-testbox.yml --ref main --idle-timeout 90`
+   - `blacksmith testbox run --id <ID> "OPENCLAW_TESTBOX=1 pnpm test:extensions:batch <ids>"`
+   - stop the box when done.
 5. If plugin performance is package-artifact sensitive, switch to
-   `release-openclaw-plugin-testing` and Package Acceptance rather than
+   `openclaw-pre-release-plugin-testing` and Package Acceptance rather than
   trusting source-only timing.

 ## Metric Collection
--- a/.agents/skills/openclaw-testing/SKILL.md
+++ b/.agents/skills/openclaw-testing/SKILL.md
@@ -19,16 +19,9 @@ or validating a change without wasting hours.
 Prove the touched surface first. Do not reflexively run the whole suite.

 1. Inspect the diff and classify the touched surface:
-   - normal source checkout, source change: `pnpm changed:lanes --json`, then `pnpm check:changed`
-   - normal source checkout, tests only: `pnpm test:changed`
-   - normal source checkout, one failing file: `pnpm test <path-or-filter> -- --reporter=verbose`
-   - Codex worktree or linked/sparse checkout, one/few explicit files: `node scripts/run-vitest.mjs <path-or-filter>`
-   - Codex worktree or linked/sparse checkout, changed gates or anything broad:
-     use the Crabbox wrapper with the provider that matches the proof surface.
-     For maintainer heavy `pnpm` gates, that is usually delegated Blacksmith
-     Testbox through Crabbox, e.g. `node scripts/crabbox-wrapper.mjs run
--provider blacksmith-testbox ... -- pnpm check:changed`. For direct AWS
-     Crabbox proof, omit `--provider` and let `.crabbox.yaml` choose AWS.
+   - source: `pnpm changed:lanes --json`, then `pnpm check:changed`
+   - tests only: `pnpm test:changed`
+   - one failing file: `pnpm test <path-or-filter> -- --reporter=verbose`
   - workflow-only: `git diff --check`, workflow syntax/lint (`actionlint` when available)
   - docs-only: `pnpm docs:list`, docs formatter/lint only if docs tooling changed or requested
 2. Reproduce narrowly before fixing.
@@ -43,24 +36,14 @@ Prove the touched surface first. Do not reflexively run the whole suite.
 - Prefer GitHub Actions for release/Docker proof when the workflow already has the prepared image and secrets.
 - Use `scripts/committer "<msg>" <paths...>` when committing; stage only your files.
 - If deps are missing, run `pnpm install`, retry once, then report the first actionable error.
- In a Codex worktree or linked/sparse checkout, do not run direct local
-  `pnpm test*`, `pnpm check*`, `pnpm crabbox:run`, or `scripts/committer` until
-  you have verified pnpm will not reconcile or reinstall dependencies. Use
-  `node scripts/run-vitest.mjs` for tiny local proof, `node
-scripts/crabbox-wrapper.mjs` for Testbox, and `git commit --no-verify` only
-  after the relevant remote or node-wrapper proof is already clean.
- For remote proof, use the Crabbox wrapper first, but name the actual backend.
-  Direct AWS Crabbox uses `provider=aws` and `cbx_...` ids. Delegated
-  Blacksmith Testbox through Crabbox uses `provider=blacksmith-testbox`,
-  `syncDelegated=true`, and `tbx_...` ids. Both satisfy "remote proof" when the
-  requested proof surface allows either.
- Do not infer "no Testbox is running" from plain `blacksmith testbox list`.
-  Use `blacksmith testbox list --all` or `blacksmith testbox status <tbx_id>`
-  before reporting cloud state.
- Reuse only an id/slug created in this operator session unless explicitly
-  coordinating with another lane. If Testbox queues, fails capacity, or cannot
-  allocate, report the blocker or switch to direct AWS Crabbox only when that
-  still proves the requested surface.
+- For Blacksmith Testbox proof, reuse only an id warmed and claimed in this
+  operator session. `blacksmith testbox list` is diagnostics only; a listed id
+  can have a local key and still carry stale rsync state from another lane.
+  After warmup, run `pnpm testbox:claim --id <id>`, then prefer
+  `pnpm testbox:run --id <id> -- "<command>"` for OpenClaw gates so stale
+  org-visible ids fail fast before syncing. Claims older than 12 hours are
+  stale unless `OPENCLAW_TESTBOX_CLAIM_TTL_MINUTES` is explicitly set for long
+  work.

 ## Local Test Shortcuts

@@ -68,7 +51,6 @@ scripts/crabbox-wrapper.mjs` for Testbox, and `git commit --no-verify` only
 pnpm changed:lanes --json
 pnpm check:changed       # changed typecheck/lint/guards; no Vitest
 pnpm test:changed        # cheap smart changed Vitest targets
-pnpm verify              # full check, then full Vitest
 OPENCLAW_TEST_CHANGED_BROAD=1 pnpm test:changed
 pnpm test <path-or-filter> -- --reporter=verbose
 OPENCLAW_VITEST_MAX_WORKERS=1 pnpm test <path-or-filter>
@@ -76,22 +58,12 @@ OPENCLAW_VITEST_MAX_WORKERS=1 pnpm test <path-or-filter>

 Use targeted file paths whenever possible. Avoid raw `vitest`; use the repo
 `pnpm test` wrapper so project routing, workers, and setup stay correct.
-When the checkout is a Codex worktree, prefer the direct node harness instead:
-
-```bash
-node scripts/run-vitest.mjs <path-or-filter>
-```
-
-That keeps the test scoped without giving pnpm a chance to run dependency
-status checks or install reconciliation in a linked worktree.

 ## Command Semantics

 - `pnpm check` and `pnpm check:changed` do not run Vitest tests. They are for
  typecheck, lint, and guard proof.
 - `pnpm test` and `pnpm test:changed` run Vitest tests.
- `pnpm verify` runs `pnpm check`, then `pnpm test`, with Crabbox phase markers
-  so remote summaries show which half failed.
 - `pnpm test:changed` is intentionally cheap by default: direct test edits,
  sibling tests, explicit source mappings, and import-graph dependents.
 - `OPENCLAW_TEST_CHANGED_BROAD=1 pnpm test:changed` is the explicit broad
@@ -134,8 +106,6 @@ gh run view <run-id> --job <job-id> --log
 - Check exact SHA. Ignore newer unrelated `main` unless asked.
 - For cancelled same-branch runs, confirm whether a newer run superseded it.
 - Fetch full logs only for failed or relevant jobs.
- Prefer `gh run view <run-id> --json jobs` over PR rollup while debugging; rollup can be stale/noisy.
- For `prompt:snapshots:check` failures, treat Linux Node 24 as CI truth. If macOS passes but CI drifts, reproduce in a Linux Node 24 container or Testbox, commit that generated output, then rerun.

 ## GitHub Release Workflows

@@ -585,13 +555,6 @@ top-level phase timings for preflight, image build, package prep, lane pools,
 and cleanup. Use `pnpm test:docker:timings <summary.json>` to rank slow lanes
 and phases before deciding whether a broader rerun is justified.

-Skill install proof: use `pnpm test:docker:skill-install` or targeted
-`docker_lanes=skill-install` for live ClawHub skill-install validation. The
-lane installs the package tarball in a bare runner, keeps
-`skills.install.allowUploadedArchives=false`, resolves the current live slug
-from `openclaw skills search`, installs it, and verifies `.clawhub` origin/lock
-metadata. Prefer this checked-in script over inline heredoc Testbox recipes.
-
 ## Cheap Docker Reruns

 First derive the smallest rerun command from artifacts:
--- a/.agents/skills/optimizetests/SKILL.md
+++ b/.agents/skills/optimizetests/SKILL.md
@@ -0,0 +1,41 @@
+---
+name: optimizetests
+description: Optimize OpenClaw slow tests, imports, misplaced coverage, and CI wall time without dropping coverage.
+---
+
+# Optimize Tests
+
+Goal: real OpenClaw test/runtime speedups with coverage intact. Do not add shards,
+skip assertions, weaken gates, or tune runner flags as the main fix.
+
+## Runbook
+
+1. Read `docs/help/testing.md`, `docs/ci.md`, and the scoped `AGENTS.md` files
+   for any subtree you will edit.
+2. Establish evidence before edits:
+   - Full ranking: `pnpm test:perf:groups --full-suite --allow-failures --output .artifacts/test-perf/<name>.json`
+   - Targeted file: `timeout 240 /usr/bin/time -l pnpm test <file> --maxWorkers=1 --reporter=verbose`
+   - Import suspicion: add `OPENCLAW_VITEST_IMPORT_DURATIONS=1 OPENCLAW_VITEST_PRINT_IMPORT_BREAKDOWN=1`
+3. Attack highest-return hotspots first:
+   - broad barrels or `importActual()` in hot tests
+   - per-test `vi.resetModules()` plus fresh imports
+   - expensive gateway/server/client setup where reset/reuse proves same behavior
+   - core tests asserting extension-owned behavior
+   - duplicated fixture construction or contract assertions
+4. Prefer production-quality fixes:
+   - narrow runtime seams over broad mocks
+   - pure helpers for static parsing/metadata
+   - injected deps over module resets
+   - extension-owned tests for bundled plugin/provider/channel behavior
+5. After each change, rerun the same benchmark and the proving test lane. Record
+   before/after wall time, Vitest duration, and max RSS when available.
+6. Run `pnpm check:changed`; run broader gates (`pnpm check`, `pnpm test`,
+   `pnpm build`) when touched surfaces require them.
+7. Commit scoped changes with `scripts/committer "<conventional message>" <paths...>`.
+   Push when requested. If CI is red, inspect with `gh run list/view`, fix, push,
+   repeat until current CI is green or a blocker is proven unrelated.
+
+## Output
+
+End with the pushed commit(s), before/after timings, gates run, current CI state,
+and any remaining tail lanes that need separate optimization.
--- a/.agents/skills/optimizetests/agents/openai.yaml
+++ b/.agents/skills/optimizetests/agents/openai.yaml
@@ -0,0 +1,6 @@
+interface:
+  display_name: "Optimize Tests"
+  short_description: "Benchmark and speed up OpenClaw tests"
+  default_prompt: "Use $optimizetests to benchmark slow OpenClaw tests, optimize imports and duplicated setup, move misplaced core coverage to extensions, verify gates, commit scoped changes, push, and keep CI green without adding shards or dropping coverage."
+policy:
+  allow_implicit_invocation: false
--- a/.agents/skills/release-openclaw-ci/SKILL.md
+++ b/.agents/skills/release-openclaw-ci/SKILL.md
@@ -1,118 +0,0 @@
---
-name: release-openclaw-ci
-description: "Run, watch, debug, and summarize OpenClaw full release CI, release checks, live provider gates, install/update proofs, and release-secret preflights."
---
-
-# OpenClaw Release CI
-
-Use this with `$release-openclaw-maintainer` and `$openclaw-testing` when a release candidate needs full validation, install/update proof, live provider checks, or CI recovery.
-
-## Guardrails
-
- No version bump, tag, npm publish, GitHub release, or release promotion without explicit operator approval.
- Validate provider secrets before dispatching expensive full release matrices.
- Do not set GitHub secrets from unvalidated 1Password candidates. If a candidate returns 401/403, leave the existing secret alone and report the exact missing provider.
- Use `$one-password` for secret reads/writes: one persistent tmux session, targeted items only, no secret output.
- Watch one parent run plus compact child summaries. Avoid broad `gh run view` polling loops; REST quota is easy to burn.
- Fetch logs only for failed or currently-blocking jobs. If quota is low, stop polling and wait for reset.
- Treat live-provider flakes separately from code failures: prove key validity, provider HTTP status, retry evidence, and exact failing lane before editing code.
-
-## Preflight
-
-Before full release validation:
-
-```bash
-node .agents/skills/release-openclaw-ci/scripts/verify-provider-secrets.mjs --required openai,anthropic,fireworks
-gh api rate_limit --jq '.resources.core'
-git status --short --branch
-git rev-parse HEAD
-```
-
-1Password service-account values are the first source for release provider
-preflight. Inject those exact targeted keys first, then run the verifier; use
-ambient env only when it was already intentionally injected for this release.
-The script prints only provider status and HTTP class, never tokens.
-
-## Dispatch
-
-Start product performance evidence as early as the release SHA exists, in
-parallel with other release work:
-
-```bash
-gh workflow run openclaw-performance.yml \
-  --repo openclaw/openclaw \
-  --ref main \
-  -f target_ref=<release-sha> \
-  -f profile=release \
-  -f repeat=3 \
-  -f deep_profile=false \
-  -f live_openai_candidate=false \
-  -f fail_on_regression=false
-```
-
- Do not wait for full release validation to start this early perf signal.
- Compare available Kova, gateway startup, and CLI startup metrics with earlier
-  release evidence or clawgrit reports before publish/closeout.
- Call out any regression in the release proof. Treat a major regression as a
-  release blocker until it is fixed, waived by the operator, or proven to be
-  infrastructure noise.
- Full Release Validation also records advisory product-performance evidence;
-  the early standalone run is for overlap and faster regression discovery.
-
-Prefer the trusted workflow on `main`, target the exact release SHA:
-
-```bash
-gh workflow run full-release-validation.yml \
-  --repo openclaw/openclaw \
-  --ref main \
-  -f ref=<release-sha> \
-  -f provider=openai \
-  -f mode=both \
-  -f release_profile=full \
-  -f rerun_group=all
-```
-
-Use `release_profile=stable` unless the operator explicitly asks for the broad advisory provider/media matrix. Use narrow `rerun_group` after focused fixes.
-
-## Watch
-
-Use the summary helper instead of repeated raw polling:
-
-```bash
-node .agents/skills/release-openclaw-ci/scripts/release-ci-summary.mjs <full-release-run-id>
-```
-
-Then watch only when useful:
-
-```bash
-gh run watch <full-release-run-id> --repo openclaw/openclaw --exit-status
-```
-
-Stop watchers before ending the turn or switching strategy.
-
-## Failure Triage
-
-1. Confirm parent SHA and child run IDs.
-2. List failed jobs only:
-   ```bash
-   gh run view <child-run-id> --repo openclaw/openclaw --json jobs \
-     --jq '.jobs[] | select(.conclusion=="failure" or .conclusion=="timed_out" or .conclusion=="cancelled") | [.databaseId,.name,.conclusion,.url] | @tsv'
-   ```
-3. Fetch one failed job log. If rate-limited, note reset time and avoid more REST calls.
-4. For secret-looking failures, validate the provider endpoint from the same secret source before editing code.
-5. For live-cache failures, inspect whether it is missing/invalid key, empty text, provider refusal, timeout, or baseline miss. Do not weaken release gates without clear provider evidence.
-6. Fix narrowly, run local/changed proof, commit, push, rerun the smallest matching group.
-
-## Evidence
-
-Record:
-
- release SHA
- full parent run URL
- child run IDs and conclusions: CI, Release Checks, Plugin Prerelease, NPM Telegram, Product Performance
- performance comparison result versus earlier releases when available
- targeted local proof commands
- provider-secret preflight result
- known gaps or unrelated failures
-
-For lessons and recovery patterns, read `references/release-ci-notes.md`.
--- a/.agents/skills/release-openclaw-ci/agents/openai.yaml
+++ b/.agents/skills/release-openclaw-ci/agents/openai.yaml
@@ -1,4 +0,0 @@
-interface:
-  display_name: "OpenClaw Release CI"
-  short_description: "Verify and debug OpenClaw release validation runs"
-  default_prompt: "Use $release-openclaw-ci to preflight provider secrets, watch full release validation, summarize child runs, and triage only failing release lanes."
--- a/.agents/skills/release-openclaw-ci/references/release-ci-notes.md
+++ b/.agents/skills/release-openclaw-ci/references/release-ci-notes.md
@@ -1,41 +0,0 @@
-# Release CI Notes
-
-## What Went Wrong
-
- Full validation was started before all provider keys were proven valid.
- GitHub secret presence was confused with key validity.
- Repeated `gh run view` and log fetches exhausted REST quota.
- Parent run state was less useful than child run evidence.
- Live-cache failures needed structured classification: invalid key, empty provider output, timeout, or real cache regression.
- Background watchers accumulated and made interruption recovery harder.
-
-## Better Defaults
-
- Run provider-secret preflight first. Require real `/models` or equivalent endpoint checks for release-blocking providers.
- Keep one watcher open. Use child summaries every few minutes, not every few seconds.
- Fetch failed-job logs only after a job reaches a terminal failing state.
- Prefer narrow `rerun_group` recovery after a focused fix.
- Leave bad secrets unset. A 401 candidate from 1Password should not overwrite GitHub.
- Make the final release evidence note durable: parent URL, child run URLs, SHA, command proof, and gaps.
-
-## Secret Handling Pattern
-
- Use `$one-password`; never run broad env dumps.
- Search exact item titles or known ids.
- Validate candidates without printing values.
- Set GitHub secrets only after endpoint validation succeeds.
- After setting, verify metadata with `gh secret list`, not value output.
-
-## Live Cache Pattern
-
- Empty text with token usage is a provider/output issue until proven otherwise.
- Retry lane-level mismatches once with a fresh session id.
- Keep cache baselines strict, but log enough structured usage to distinguish cache miss from response mismatch.
- If a provider key validates locally but fails in Actions, inspect whether the workflow reads the expected secret name.
-
-## Quota-Safe GitHub Pattern
-
- Check `gh api rate_limit --jq '.resources.core'` before log-heavy work.
- Use one child-run listing call, then inspect failed jobs only.
- If remaining quota is low, pause until reset; do not keep polling.
- Prefer GraphQL only for metadata when REST is exhausted; logs still need REST.
--- a/.agents/skills/release-openclaw-ci/scripts/release-ci-summary.mjs
+++ b/.agents/skills/release-openclaw-ci/scripts/release-ci-summary.mjs
@@ -1,79 +0,0 @@
-#!/usr/bin/env node
-import { execFileSync } from "node:child_process";
-import process from "node:process";
-
-const runId = process.argv[2];
-const repo = process.env.OPENCLAW_RELEASE_REPO || "openclaw/openclaw";
-
-if (!runId) {
-  console.error("usage: release-ci-summary.mjs <full-release-run-id>");
-  process.exit(2);
-}
-
-function gh(args) {
-  return execFileSync("gh", args, {
-    encoding: "utf8",
-    stdio: ["ignore", "pipe", "pipe"],
-  });
-}
-
-function jsonGh(args) {
-  return JSON.parse(gh(args));
-}
-
-function rate() {
-  try {
-    return jsonGh(["api", "rate_limit"]).resources.core;
-  } catch {
-    return undefined;
-  }
-}
-
-const core = rate();
-if (core) {
-  const reset = new Date(core.reset * 1000).toISOString();
-  console.log(`rate: remaining=${core.remaining}/${core.limit} reset=${reset}`);
-  if (core.remaining < 20) {
-    console.error("rate too low for CI summary; wait for reset before polling");
-    process.exit(3);
-  }
-}
-
-const parent = jsonGh([
-  "run",
-  "view",
-  runId,
-  "--repo",
-  repo,
-  "--json",
-  "status,conclusion,createdAt,headSha,url,jobs",
-]);
-
-console.log(`parent: ${runId} ${parent.status}/${parent.conclusion || "none"}`);
-console.log(`sha: ${parent.headSha}`);
-console.log(`url: ${parent.url}`);
-
-for (const job of parent.jobs ?? []) {
-  const marker = job.conclusion || job.status;
-  console.log(`parent-job: ${marker} ${job.name}`);
-}
-
-const since = parent.createdAt;
-const runList = gh([
-  "api",
-  `repos/${repo}/actions/runs?per_page=100`,
-  "--jq",
-  `.workflow_runs[] | select(.created_at >= "${since}") | select(.name=="CI" or .name=="OpenClaw Release Checks" or .name=="Plugin Prerelease" or .name=="NPM Telegram Beta E2E" or .name=="Full Release Validation") | [.id,.name,.status,.conclusion,.head_sha,.html_url] | @tsv`,
-]).trim();
-
-if (!runList) {
-  console.log("children: none found yet");
-  process.exit(0);
-}
-
-console.log("children:");
-for (const line of runList.split("\n")) {
-  const [id, name, status, conclusion, sha, url] = line.split("\t");
-  console.log(`child: ${id} ${name} ${status}/${conclusion || "none"} sha=${sha}`);
-  console.log(`child-url: ${url}`);
-}
--- a/.agents/skills/release-openclaw-ci/scripts/verify-provider-secrets.mjs
+++ b/.agents/skills/release-openclaw-ci/scripts/verify-provider-secrets.mjs
@@ -1,113 +0,0 @@
-#!/usr/bin/env node
-import process from "node:process";
-
-const args = new Map();
-for (let index = 2; index < process.argv.length; index += 1) {
-  const arg = process.argv[index];
-  if (!arg.startsWith("--")) continue;
-  const [key, inlineValue] = arg.slice(2).split("=", 2);
-  const value = inlineValue ?? process.argv[index + 1];
-  if (inlineValue === undefined) index += 1;
-  args.set(key, value);
-}
-
-const requiredInput = String(args.get("required") ?? "openai,anthropic").trim();
-const required = new Set(
-  (requiredInput.toLowerCase() === "none" ? "" : requiredInput)
-    .split(",")
-    .map((entry) => entry.trim().toLowerCase())
-    .filter(Boolean),
-);
-
-const timeoutMs = Number(args.get("timeout-ms") ?? 10_000);
-
-function envFirst(names) {
-  for (const name of names) {
-    const value = process.env[name]?.trim();
-    if (value) return { name, value };
-  }
-  return undefined;
-}
-
-async function checkProvider(id, config) {
-  const secret = envFirst(config.env);
-  if (!secret) {
-    return { id, ok: false, status: "missing", env: config.env.join("|") };
-  }
-
-  const controller = new AbortController();
-  const timer = setTimeout(() => controller.abort(), timeoutMs);
-  try {
-    const headers = config.headers(secret.value);
-    const response = await fetch(config.url, {
-      headers,
-      signal: controller.signal,
-    });
-    return {
-      id,
-      ok: response.ok,
-      status: response.ok ? "ok" : `http_${response.status}`,
-      env: secret.name,
-    };
-  } catch (error) {
-    return {
-      id,
-      ok: false,
-      status: error?.name === "AbortError" ? "timeout" : "error",
-      env: secret.name,
-    };
-  } finally {
-    clearTimeout(timer);
-  }
-}
-
-const providers = {
-  openai: {
-    env: ["OPENAI_API_KEY"],
-    url: "https://api.openai.com/v1/models",
-    headers: (token) => ({ authorization: `Bearer ${token}` }),
-  },
-  anthropic: {
-    env: ["ANTHROPIC_API_KEY", "ANTHROPIC_API_TOKEN"],
-    url: "https://api.anthropic.com/v1/models",
-    headers: (token) => ({
-      "anthropic-version": "2023-06-01",
-      "x-api-key": token,
-    }),
-  },
-  fireworks: {
-    env: ["FIREWORKS_API_KEY"],
-    url: "https://api.fireworks.ai/inference/v1/models",
-    headers: (token) => ({ authorization: `Bearer ${token}` }),
-  },
-  openrouter: {
-    env: ["OPENROUTER_API_KEY"],
-    url: "https://openrouter.ai/api/v1/models",
-    headers: (token) => ({ authorization: `Bearer ${token}` }),
-  },
-};
-
-const unknown = [...required].filter((id) => !providers[id]);
-if (unknown.length > 0) {
-  console.error(`unknown providers: ${unknown.join(",")}`);
-  process.exit(2);
-}
-
-const results = [];
-for (const id of Object.keys(providers)) {
-  if (required.has(id) || envFirst(providers[id].env)) {
-    results.push(await checkProvider(id, providers[id]));
-  }
-}
-
-let failed = false;
-for (const result of results) {
-  const requiredLabel = required.has(result.id) ? "required" : "optional";
-  console.log(`${result.id}: ${result.status} env=${result.env} ${requiredLabel}`);
-  if (required.has(result.id) && !result.ok) failed = true;
-}
-
-if (failed) {
-  console.error("release provider secret preflight failed");
-  process.exit(1);
-}
--- a/.agents/skills/release-openclaw-mac/SKILL.md
+++ b/.agents/skills/release-openclaw-mac/SKILL.md
@@ -1,92 +0,0 @@
---
-name: release-openclaw-mac
-description: "Run or recover OpenClaw macOS release signing, notarization, appcast, and asset promotion."
---
-
-# OpenClaw Mac Release
-
-Use with `$release-openclaw-maintainer`, `$release-openclaw-ci`, `$one-password`, and `$release-private` if it exists when stable macOS assets, private mac preflight, notarization, appcast promotion, or mac release recovery is involved.
-
-## Credentials
-
- Resolve Peter-owned ASC item refs, key ids, issuer ids, and service-token provenance from `$release-private`.
- Fields: `private_key_p8`, `key_id`, `issuer_id`.
- Stale/revoked key symptom: `xcrun notarytool submit` fails with `HTTP status code: 401. Unauthenticated`.
- Validate candidate ASC credentials with `xcrun notarytool history` before setting GitHub secrets.
-
-## 1Password
-
- Use `$one-password`: all `op` work inside one persistent tmux session, no secret output.
- Use the service-token guidance from `$release-private` when available.
- If a service token fails, run status-only checks: token present/length and `op whoami`; never print token values.
- If desktop app auth is needed but Touch ID is unavailable, set `OP_BIOMETRIC_UNLOCK_ENABLED=false` for the manual `op account add --signin` path.
-
-## GitHub Secrets
-
-Target private repo environment: `openclaw/releases-private`, env `mac-release`.
-
-Set only after local notary auth validation:
-
- `APP_STORE_CONNECT_API_KEY_P8`
- `APP_STORE_CONNECT_KEY_ID`
- `APP_STORE_CONNECT_ISSUER_ID`
-
-Do not update these from mixed sources. All three ASC fields must come from the same 1Password item.
-
-## Workflow Shape
-
- Public release branch may carry mac-only packaging fixes after the stable tag/npm are already live.
- Use `source_ref=release/YYYY.M.D` for private mac preflight/validation when building that branch variation.
- Keep `tag=vYYYY.M.D` pointing at the original stable release commit.
- Real mac publish must reuse:
-  - a successful private mac preflight run for the same tag/source SHA
-  - a successful private mac validation run for the same tag/source SHA
- If preflight source SHA differs from tag SHA, validation must also use the same `source_ref`; promotion rejects mismatched proof.
-
-## Notarization
-
- OpenClaw uses `scripts/notarize-mac-artifact.sh`.
- `xcrun notarytool submit` should use `--no-s3-acceleration`; accelerated upload can surface misleading 401s even when `notarytool history` succeeds.
- If signing succeeds but notarization fails immediately with 401, check ASC key freshness first.
- If notarization stays in progress for several minutes after key-file write, that is normal Apple wait time; do not edit blindly.
-
-## Dispatch
-
-Private preflight:
-
-```bash
-gh workflow run openclaw-macos-publish.yml --repo openclaw/releases-private --ref main \
-  -f tag=vYYYY.M.D \
-  -f source_ref=release/YYYY.M.D \
-  -f preflight_only=true \
-  -f smoke_test_only=false \
-  -f allow_late_calver_recovery=false \
-  -f public_release_branch=release/YYYY.M.D
-```
-
-Private validation for a branch-variation preflight:
-
-```bash
-gh workflow run openclaw-macos-validate.yml --repo openclaw/releases-private --ref main \
-  -f tag=vYYYY.M.D \
-  -f source_ref=release/YYYY.M.D
-```
-
-Real publish:
-
-```bash
-gh workflow run openclaw-macos-publish.yml --repo openclaw/releases-private --ref main \
-  -f tag=vYYYY.M.D \
-  -f preflight_only=false \
-  -f smoke_test_only=false \
-  -f preflight_run_id=<successful-preflight-run> \
-  -f validate_run_id=<successful-validation-run> \
-  -f allow_late_calver_recovery=false \
-  -f public_release_branch=release/YYYY.M.D
-```
-
-## Verify
-
- `gh release view vYYYY.M.D --repo openclaw/openclaw` shows zip, dmg, dSYM zip, not draft, not prerelease.
- Public `main` `appcast.xml` points at `OpenClaw-YYYY.M.D.zip`.
- Appcast entry has `sparkle:version`, `sparkle:shortVersionString`, length, and `sparkle:edSignature`.
--- a/.agents/skills/release-openclaw-nightly/SKILL.md
+++ b/.agents/skills/release-openclaw-nightly/SKILL.md
@@ -1,288 +0,0 @@
---
-name: release-openclaw-nightly
-description: "OpenClaw Tideclaw alpha/nightly release automation: isolated branches, local fixes, release CI, branch retention, and forward-port to main."
---
-
-# Nightly Release
-
-Use for Tideclaw/OpenClaw alpha/nightly release automation, manual alpha triggers, beta prep, release-branch repair, and post-release forward-port. Load `$release-private` if it exists before using Tideclaw host paths, cron ids, or Discord routing ids.
-
-## Policy
-
- Alpha/nightly runs every 12h or by manual trigger.
- Beta is human-triggered from Discord from a proven alpha/release branch.
- Stable/latest always needs explicit human confirmation.
- Never publish from a dirty checkout or directly from `main`.
- Main can be busy or broken; alpha work must be isolated so transient main failures do not block a usable nightly.
- Publish only after release-branch proof is green.
- After a successful alpha, forward-port release-branch commits back to `main` and prove main CI green.
- Forward-port PRs contain only reusable fixes needed to make nightly/release checks pass. They must not contain alpha version bumps, release notes, changelog release entries, tags, generated artifacts, or state-file updates.
- Keep only alpha/nightly branches from the last 3 days, plus any branch with an active run, open PR, or release tag.
- Never run broad env/token dumps. For GitHub writes on the Tideclaw host, use the Tideclaw `gh` write wrapper below.
-
-## Identity
-
-Tideclaw should commit under its own machine identity on release branches and forward-port branches:
-
-```bash
-git config user.name "Tideclaw"
-git config user.email "tideclaw@openclaw.ai"
-```
-
-This is good for auditability if commits are clearly machine-authored and gated by CI. Avoid direct pushes to protected `main`; forward-port via PR/automerge unless the repo policy explicitly allows the bot to push after green checks. Include human `Co-authored-by` only when a human supplied the patch or explicit commit text.
-
-## Branch Shape
-
- Branch prefix: `tideclaw/alpha/`
- Branch name: `tideclaw/alpha/YYYY-MM-DD-HHMMZ`
- Base: current `origin/main` SHA at trigger time.
- State file: resolve from `$release-private` on the Tideclaw host.
- Release tag: `vYYYY.M.D-alpha.N`
- npm dist-tag: `alpha`
-
-Do not reuse old alpha branches for a new run. If rerunning the same base SHA, create a new timestamped branch and record why.
-
-## Start
-
-1. Work in the Tideclaw host checkout from `$release-private`.
-2. Fetch first:
-
-```bash
-git fetch origin main --tags --prune
-git switch main
-git merge --ff-only origin/main
-BASE_SHA="$(git rev-parse origin/main)"
-BRANCH="tideclaw/alpha/$(date -u +%Y-%m-%d-%H%MZ)"
-git switch -c "$BRANCH" "$BASE_SHA"
-```
-
-3. Read repo release docs/scripts before changing anything:
-   - `AGENTS.md`
-   - release docs under `docs/`
-   - release scripts under `scripts/`
-   - `.github/workflows/*release*`
-4. Compare `$BASE_SHA` with the last successful alpha state and current git/npm/GitHub alpha tags. If already released, report skip and do not publish.
-
-Manual trigger:
-
-```bash
-CRON_ID="<from release-private>"
-OPENCLAW_ALLOW_ROOT=1 openclaw cron run "$CRON_ID" --expect-final --timeout 21600000
-```
-
-## Discord Alpha Trigger
-
-Tideclaw may run alpha immediately from Discord when a maintainer mentions Tideclaw in `#releases` or `#maintainers`.
-
-Accepted shapes:
-
-```text
-@Tideclaw run alpha now
-@Tideclaw alpha release from main now
-@Tideclaw trigger alpha
-```
-
-Rules:
-
-1. Treat this as a manual alpha trigger equivalent to the alpha cron job.
-2. Start from current `origin/main` and create a fresh `tideclaw/alpha/YYYY-MM-DD-HHMMZ` branch.
-3. Follow the normal alpha workflow: reuse prior fixes, run local checks, fix on the alpha branch, run release CI, publish alpha after green gates, then forward-port reusable fixes via fixes-only PR.
-4. If another alpha/beta/stable release run is already active, report the active branch/run and stop.
-5. `#maintainers` trigger requires an explicit Tideclaw mention; do not react to unmentioned release chatter there.
-6. Resolve Discord role/user ids and live host hotfix notes from `$release-private`.
-
-## Discord Beta Trigger
-
-Tideclaw may run beta releases from `#releases` or mentioned `#maintainers` commands only when a maintainer sends an explicit beta trigger. Treat this as human approval for beta, not for stable/latest.
-
-Accepted shapes:
-
-```text
-@Tideclaw beta release from vYYYY.M.D-alpha.N
-@Tideclaw beta release from tideclaw/alpha/YYYY-MM-DD-HHMMZ
-@Tideclaw beta release from latest proven alpha
-```
-
-Rules:
-
-1. Require the words `beta release` and a source alpha tag/branch, or `latest proven alpha`.
-2. If the source is ambiguous, ask one clarifying question in `#releases` and stop.
-3. Verify the source alpha first: GitHub release, npm `alpha` package, release CI, recorded state file, and branch/tag SHA.
-4. Create a fresh beta branch `tideclaw/beta/YYYY-MM-DD-HHMMZ` from the proven alpha source, not directly from a moving `main`.
-5. Reuse/squash only stabilization fixes already proven on alpha. Do not import unrelated alpha release mechanics unless the beta release docs require them.
-6. Compute beta as `vYYYY.M.D-beta.N`, matching npm `--tag beta`.
-7. Run beta release validation/preflight/full release CI and fix failures on the beta branch.
-8. Publish beta only after green beta gates. Use GitHub Actions/OIDC, never direct npm publish from the host.
-9. Final Discord summary must include source alpha, beta tag/version, branch, fix commits, workflow run IDs, npm/GitHub proof, and any skipped/blocked reason.
-10. After beta publishes, forward-port reusable fixes to `main` using the same fixes-only PR rules below.
-
-## Reuse Prior Fixes
-
-Before running checks, mine recent Tideclaw alpha branches for fixes already made during previous release attempts:
-
-1. Read the Tideclaw state file from `$release-private` for the last successful alpha branch and fix commit SHAs.
-2. List recent remote branches:
-
-```bash
-git for-each-ref refs/remotes/origin/tideclaw/alpha --format='%(refname:short) %(committerdate:iso-strict)'
-```
-
-3. Consider only Tideclaw alpha branches from the last 3 days plus the last successful alpha branch.
-4. For each candidate branch, inspect commits that are not in current `origin/main`:
-
-```bash
-git log --no-merges --reverse --format='%H%x09%s' origin/main..origin/tideclaw/alpha/YYYY-MM-DD-HHMMZ
-```
-
-5. Cherry-pick only real stabilization fixes that still apply to the new alpha branch. Prefer commits recorded as `fixCommitShas` in the state file.
-6. Skip version bumps, changelog release entries, tag artifacts, generated release notes, state-file-only commits, and one-off debug instrumentation.
-7. If a cherry-pick conflicts, inspect whether current main already contains an equivalent fix. If not, resolve minimally and keep the commit message clear.
-8. Record reused commit SHAs separately from newly authored fix SHAs in the alpha state and final Discord summary.
-
-Use `git cherry`, `git range-diff`, and targeted test reruns to avoid duplicating fixes already present on `main`.
-
-## Repair Loop
-
-Use the branch as a release-candidate repair surface:
-
-1. Run narrow local checks first: changed tests, release preflight, type/lint/build gates required by release docs.
-2. If local checks fail, fix on the alpha branch with minimal commits.
-3. Commit each coherent fix as Tideclaw.
-4. Re-run the failed local check after each fix.
-5. Do not hide failures by editing baselines, expected-failure lists, ignore files, or release inventory unless the release docs explicitly require it and the diff is justified.
-6. If a failure is flaky, rerun once; if still red, treat it as real.
-7. If the fix is clearly useful for main, keep it small and forward-portable. Avoid broad refactors during alpha stabilization.
-
-Commit examples:
-
-```bash
-git add <files>
-git commit -m "fix: stabilize alpha release preflight"
-git push -u origin "$BRANCH"
-```
-
-## Release CI
-
-After local proof:
-
-1. Compute the next `vYYYY.M.D-alpha.N` from existing git tags, npm versions, and GitHub releases.
-2. Make the alpha branch package version and release metadata match that tag, commit it, and push the branch.
-3. Run release validation from the alpha branch, using GitHub CLI, not browser/fetch tools. On the Tideclaw host, bare `gh` is a read-only Codex sandbox wrapper; use `/usr/local/bin/gh-tideclaw-write` for write-capable commands such as `workflow run`, `run cancel`, and publish dispatch:
-
-```bash
-GH="/usr/local/bin/gh-tideclaw-write"
-SHA="$(git rev-parse HEAD)"
-TAG="v$(node -p "require('./package.json').version")"
-BRANCH="$(git branch --show-current)"
-
-"$GH" workflow run full-release-validation.yml --repo openclaw/openclaw --ref "$BRANCH" \
-  -f ref="$BRANCH" \
-  -f release_profile=beta \
-  -f rerun_group=all
-
-"$GH" workflow run openclaw-npm-release.yml --repo openclaw/openclaw --ref "$BRANCH" \
-  -f tag="$SHA" \
-  -f preflight_only=true \
-  -f npm_dist_tag=alpha
-```
-
-4. Watch the exact workflow run IDs and head SHA with `gh run list`, `gh run view`, and `gh api`. Read-only `gh` is fine for polling; use `$GH` only when a command mutates GitHub. Do not use Codex browser/fetch for GitHub API polling; prior Tideclaw runs failed there after successful preflight.
-5. For alpha, blocking gates are the ones Tideclaw can repair directly or that prove package safety: normal CI, plugin prerelease, npm preflight, package preparation, install smoke, tag/reachability, and publish verification. Treat cross-OS, live channel, QA Lab, package acceptance, long Docker E2E, and Telegram package E2E failures as advisory; report them in Discord and continue if the blocking gates are green.
-   - If `rerun_group=all` is stuck only on advisory lanes after CI, plugin prerelease, npm preflight, package preparation, and install smoke are green, dispatch a focused Full Release Validation on the same head with `-f rerun_group=install-smoke`. Use that successful focused Full Release Validation run as the publish proof, and include the separate CI/plugin/full advisory run IDs in the Discord summary.
-6. If a blocking gate fails, fix on the alpha branch, push, and rerun only the failed or required release CI. If the commit changes, discard old preflight/full-validation run IDs and rerun them for the new head.
-7. After full validation and npm preflight are green on the same branch head, create and push the release tag from that exact commit:
-
-```bash
-git tag -a "$TAG" "$SHA" -m "openclaw ${TAG#v}"
-git push origin "$TAG"
-```
-
-8. Dispatch the publish wrapper from the same alpha branch. Use the successful npm preflight run ID and full release validation run ID from the same head SHA:
-
-```bash
-"$GH" workflow run openclaw-release-publish.yml --repo openclaw/openclaw --ref "$BRANCH" \
-  -f tag="$TAG" \
-  -f preflight_run_id="$NPM_PREFLIGHT_RUN_ID" \
-  -f full_release_validation_run_id="$FULL_RELEASE_VALIDATION_RUN_ID" \
-  -f npm_dist_tag=alpha \
-  -f plugin_publish_scope=all-publishable \
-  -f publish_openclaw_npm=true \
-  -f release_profile=beta \
-  -f wait_for_clawhub=false
-```
-
-9. Watch the publish wrapper plus child runs. If `openclaw-npm-release.yml` is waiting on the `npm-release` environment and Tideclaw cannot approve it, report that as the only blocker; do not call the release done.
-10. Do not publish npm directly from the host; use GitHub Actions/OIDC.
-
-Important: `openclaw-npm-release.yml` with `preflight_only=true` only prepares artifacts. It does not publish. A successful alpha requires the later `openclaw-release-publish.yml` wrapper, a pushed git tag, npm `alpha` dist-tag proof, and a GitHub prerelease.
-
-## Verify Published Alpha
-
-Release is not done until all are true:
-
- GitHub tag exists.
- GitHub Release exists and is marked prerelease.
- Release body links npm version page, registry tarball, integrity, and CI/proof.
- `npm view openclaw@<version>` shows the exact version, dist-tag `alpha`, tarball, integrity, and publish time.
- Installed/package smoke follows repo release docs.
- The Tideclaw state file from `$release-private` records version, tag, base SHA, branch, fix commit SHAs, workflow run IDs, npm integrity, and timestamp.
-
-Final Discord summary in `#releases`:
-
- tag/version
- base SHA
- branch
- fix commits
- workflow run IDs
- npm/GitHub proof
- skipped/blocked reason if not released
-
-Use Discord-safe Markdown links with angle-bracket targets. Never print secrets.
-
-## Forward-Port
-
-After a successful alpha, raise a fixes-only PR back to `main`:
-
-1. Create/update a forward-port branch from current `origin/main`:
-
-```bash
-git fetch origin main --prune
-git switch -c "tideclaw/forward-port/$(date -u +%Y-%m-%d-%H%MZ)" origin/main
-```
-
-2. Cherry-pick only release-branch commits that are real fixes required to make nightly/release checks pass.
-3. Exclude alpha version bumps, changelog release entries, release notes, tag artifacts, generated release assets, state-file-only commits, and any commit whose only purpose was publishing the alpha.
-4. If a commit mixes a real fix with release/version changes, split it: replay only the fix hunks into a new commit on the forward-port branch.
-5. Resolve conflicts in favor of the minimal main-compatible fix.
-6. Run the relevant changed/local gate.
-7. Push and open a PR, or use the repo’s allowed bot merge path.
-8. Wait for required main CI to go green. If CI fails, fix on the forward-port branch and rerun.
-9. Report the PR/merge SHA and any commits intentionally not forward-ported.
-
-If `origin/main` is independently red before the forward-port, document the unrelated failing check and still keep the forward-port PR green against its head when possible.
-
-## Branch Retention
-
-Before and after each run, prune old alpha branches:
-
-1. List `origin/tideclaw/alpha/*`.
-2. Keep branches whose timestamp is within the last 3 days UTC.
-3. Keep branches referenced by a live workflow run, open PR, release tag, or state file.
-4. Delete only Tideclaw-owned alpha branches:
-
-```bash
-git push origin --delete tideclaw/alpha/YYYY-MM-DD-HHMMZ
-```
-
-Never delete human branches, beta branches, stable branches, or unknown prefixes.
-
-## Stop Conditions
-
-Stop and report clearly if:
-
- release docs/scripts disagree on versioning or publish path
- required secrets/auth are unavailable
- GitHub Actions cannot be dispatched or observed
- a required release gate stays red after a real fix attempt
- npm/GitHub state disagrees after publish
- forward-port cannot be made green without a larger product decision
--- a/.agents/skills/release-openclaw-plugin-testing/agents/openai.yaml
+++ b/.agents/skills/release-openclaw-plugin-testing/agents/openai.yaml
@@ -1,4 +0,0 @@
-interface:
-  display_name: "OpenClaw Plugin Pre-Release Testing"
-  short_description: "Plan plugin release validation"
-  default_prompt: "Use $release-openclaw-plugin-testing to plan or run pre-release OpenClaw plugin validation across package, lifecycle, doctor, gateway, SDK, and live-ish proof."
--- a/.agents/skills/slacrawl/SKILL.md
+++ b/.agents/skills/slacrawl/SKILL.md
@@ -1,41 +0,0 @@
---
-name: slacrawl
-description: "Slack archive: search, sync freshness, threads/DMs, SQL counts, and Slacrawl repo work."
-metadata:
-  openclaw:
-    homepage: https://github.com/openclaw/slacrawl
-    requires:
-      bins:
-        - slacrawl
-    install:
-      - kind: go
-        module: github.com/vincentkoc/slacrawl/cmd/slacrawl@latest
-        bins:
-          - slacrawl
---
-
-# Slacrawl
-
-Use local Slack archive data first. Check freshness for recent/current questions:
-
-```bash
-slacrawl doctor
-slacrawl status --json
-```
-
-Refresh only when stale or asked:
-
-```bash
-slacrawl sync --source desktop
-slacrawl sync --source api --latest-only
-```
-
-Query with bounded slices:
-
-```bash
-slacrawl search --limit 20 "query"
-slacrawl messages --since 7d --limit 50
-slacrawl sql "select count(*) from messages;"
-```
-
-Report workspace/channel names, absolute date spans, counts, and token/source limits. Use read-only SQL for exact counts/rankings. API sync and full thread/DM hydration require Slack tokens; do not assume they exist.
--- a/.agents/skills/slacrawl/agents/openai.yaml
+++ b/.agents/skills/slacrawl/agents/openai.yaml
@@ -1,4 +0,0 @@
-interface:
-  display_name: "Slacrawl"
-  short_description: "Search local Slack archives and freshness"
-  default_prompt: "Use $slacrawl to search local Slack archives, check freshness, inspect channel or DM slices, and report exact date spans and token/source limits."
--- a/.agents/skills/technical-documentation/SKILL.md
+++ b/.agents/skills/technical-documentation/SKILL.md
@@ -1,79 +0,0 @@
---
-name: technical-documentation
-description: Build and review high-quality technical docs as well as agent instruction files in your repository.
-license: MIT
-metadata:
-  source: "https://github.com/vincentkoc/dotskills"
---
-
-# Technical Documentation
-
-## Purpose
-
-Produce and review technical documentation that is clear, actionable, and maintainable for both humans and agents, including contributor-governance files and agent instruction files.
-
-## When to use
-
- Creating or overhauling docs in an existing product/codebase (brownfield).
- Building evergreen docs meant to stay accurate and reusable over time.
- Reviewing doc diffs for structure, clarity, and operational correctness.
- Running full-repo documentation audits that must include both governance files and product docs surfaces (`docs/`, `README*`, `.md/.mdx/.mdc`, Fern/Sphinx/Mintlify-style sources).
- Updating or reviewing AGENTS.md and/or CONTRIBUTING.md to keep agent and contributor workflows aligned with current repo practices.
- Improving repository onboarding/docs that include contribution instructions, issue templates, PR flow, and review gates.
- Designing governance documentation strategy for repos with alias instruction files (for example `CLAUDE.md`, `AGENT.md`, `.cursorrules`, `.cursor/rules/*`, `.agent/`, `.agents/`, `.pi/`) where `AGENTS.md` is treated as canonical when present and aliases should be kept as compatibility surfaces.
- Diagnosing agent-file drift where teams had to prompt iteratively to surface missing files, broken commands, or policy conflicts.
- Applying repository-specific documentation overlays, including OpenClaw page-type, docs IA, preservation, and validation rules when present.
-
-## Workflow
-
-1. Classify task: `build` or `review`; context: `brownfield` or `evergreen`.
-2. Inventory full documentation scope early (governance + product docs): AGENTS/CONTRIBUTING/aliases plus docs directories, framework sources, and root/module READMEs.
-3. Detect multilingual scope (README/docs in multiple languages) and define required parity level.
-4. Read `references/agent-and-contributing.md` for agent instruction and `CONTRIBUTING.md` workflow rules (inventory, canonical/alias mapping, dual-mode balance, deliverable standards, and precedence/conflict handling).
-5. Read `references/principles.md` for the governing ruleset (Matt Palmer & OpenAI).
-6. For OpenClaw docs work, read `references/openclaw.md` before the build/review playbook.
-7. For build tasks, follow `references/build.md`.
-8. For review tasks, follow `references/review.md` and proactively detect issues without waiting for repeated prompts.
-9. For complex or high-risk tasks (build or review), it is acceptable to run longer, deeper, and more exhaustive investigations when needed for confidence.
-10. When available, use sub-agents for bounded parallel discovery/review work, then merge outputs into one coherent final deliverable.
-11. Use `references/tooling.md` when platform/tooling choices affect recommendations.
-12. Run a proactive issue sweep for both governance and docs-content surfaces, and fix high-confidence defects in the same pass unless explicitly asked for report-only mode.
-13. In brownfield mode, prioritize compatibility with current docs IA, tooling, and release state.
-14. In evergreen mode, prioritize timeless wording, update strategy, and durable structure.
-15. Return deliverables plus validation notes, parity status, and remaining gaps.
-
-## Sub-agent orchestration guidance
-
-Prefer sub-agents when the repo is large or the requested change set is broad; use them by default for repo-wide, multi-framework, or high-conflict work.
-
- `inventory-agent` -> `agents/inventory-agent.md` (`fast` / Claude `haiku`): file/config discovery, coverage map, and missing-path checks.
- `governance-agent` -> `agents/governance-agent.md` (`thinking` / Claude `sonnet`): AGENTS/CONTRIBUTING/alias precedence, conflicts, and policy drift.
- `docs-framework-agent` -> `agents/docs-framework-agent.md` (`thinking` / Claude `sonnet`): framework config, relative path base, and file-path vs URL-path mapping checks.
- `synthesis-agent` -> `agents/synthesis-agent.md` (`long` / Claude `opus`): merge sub-agent outputs into one prioritized fix plan and unified precedence model.
-
-## Inputs
-
- Doc type (tutorial, how-to, reference, explanation) and audience.
- File scope or diff scope.
- Docs framework/tooling constraints (Fern, Mintlify, Sphinx, etc.).
- Build/review mode and brownfield/evergreen intent.
- Target agent and human compatibility intent.
- Docs framework surfaces in scope (for example Fern, Sphinx, Mintlify, Markdown/MDX/MDC/RST/RSC files).
- Desired investigation depth/time budget (quick pass vs exhaustive review).
- Execution mode (`single-agent` or `sub-agent-assisted` when available).
- Remediation mode (`apply-fixes` by default, or `report-only` when requested).
- Multilingual scope: source-of-truth language, target locales, and parity expectations.
- Repository-specific overlay constraints, if any.
-
-## Outputs
-
- Updated draft or review findings with clear next actions.
- Validation notes (what was checked, what remains).
- Navigation/maintenance recommendations for long-term quality.
- Governance-doc alignment summary when AGENTS/CONTRIBUTING were touched.
- Agent instruction-surface map (primary file, alias files, Codex/Claude/Cursor handling plan).
- Documentation-surface coverage map (what was reviewed under `/docs`, README hierarchy, and framework-specific source trees).
- Autodetected issue list with applied fixes (or explicit report-only findings).
- Delegation notes when sub-agents were used (scope delegated and how findings were merged).
- Multilingual parity note (in-sync, partial with rationale, or intentionally divergent).
- Repository-specific overlay notes when one was used.
--- a/.agents/skills/technical-documentation/agents/docs-framework-agent.md
+++ b/.agents/skills/technical-documentation/agents/docs-framework-agent.md
@@ -1,32 +0,0 @@
---
-name: docs-framework-agent
-description: Thinking-focused docs framework checker for config-relative paths and route/file mapping consistency.
-model: sonnet
-tools:
-  - Read
-  - Glob
-  - Grep
-permissionMode: default
-maxTurns: 10
---
-
-You are the docs-framework sub-agent for technical documentation.
-
-Goals:
-
- validate framework config-driven docs behavior
- prevent path-mapping drift between source files and published routes
-
-Tasks:
-
- detect and read framework config first (Fern/Sphinx/Mintlify/custom)
- resolve paths relative to the declaring file/config
- validate both maps:
-  - config -> file exists
-  - config/nav/routing -> URL path is valid and consistent
-
-Return:
-
- config files reviewed
- path assumptions made
- mismatches (`missing file`, `stale route`, `wrong base path`)
--- a/.agents/skills/technical-documentation/agents/governance-agent.md
+++ b/.agents/skills/technical-documentation/agents/governance-agent.md
@@ -1,30 +0,0 @@
---
-name: governance-agent
-description: Thinking-focused governance reviewer for AGENTS/CONTRIBUTING/alias precedence, conflict detection, and policy drift analysis.
-model: sonnet
-tools:
-  - Read
-  - Glob
-  - Grep
-permissionMode: default
-maxTurns: 10
---
-
-You are the governance sub-agent for technical documentation.
-
-Goals:
-
- validate AGENTS/CONTRIBUTING/alias alignment and precedence
- identify policy drift and conflicting instructions
-
-Tasks:
-
- determine canonical instruction source and alias compatibility mapping
- detect conflicts across nested scope files and tool-specific rule consumers
- validate command examples against stated governance expectations
-
-Return:
-
- precedence model
- conflict list with severity
- recommended low-risk remediations
--- a/.agents/skills/technical-documentation/agents/inventory-agent.md
+++ b/.agents/skills/technical-documentation/agents/inventory-agent.md
@@ -1,31 +0,0 @@
---
-name: inventory-agent
-description: Fast repo-surface discovery for technical documentation audits. Use for coverage mapping and missing-path detection before deeper review.
-model: haiku
-tools:
-  - Read
-  - Glob
-  - Grep
-  - LS
-permissionMode: default
-maxTurns: 6
---
-
-You are the inventory sub-agent for technical documentation.
-
-Goals:
-
- enumerate governance and docs-content surfaces in scope
- detect missing files, broken references, and obvious command/path failures
-
-Tasks:
-
- map `AGENTS.md`/`CONTRIBUTING.md`/aliases and docs surfaces (`docs/**`, README hierarchy, `.md/.mdx/.mdc/.rst/.rsc`)
- list framework config files discovered (Fern/Sphinx/Mintlify or equivalent)
- report hard failures only, with exact file paths
-
-Return:
-
- coverage map
- missing/broken path list
- unresolved blockers
--- a/.agents/skills/technical-documentation/agents/openai.yaml
+++ b/.agents/skills/technical-documentation/agents/openai.yaml
@@ -1,10 +0,0 @@
-interface:
-  display_name: "Technical Documentation"
-  short_description: "Build and review technical documentation for brownfield and evergreen systems."
-  icon_small: "./assets/icon.jpg"
-  icon_large: "./assets/icon.jpg"
-  brand_color: "#111827"
-  default_prompt: "Build or review technical documentation with a clear, maintainable, and production-ready workflow."
-
-policy:
-  allow_implicit_invocation: true
--- a/.agents/skills/technical-documentation/agents/synthesis-agent.md
+++ b/.agents/skills/technical-documentation/agents/synthesis-agent.md
@@ -1,28 +0,0 @@
---
-name: synthesis-agent
-description: Long-context synthesis agent that merges sub-agent outputs into one prioritized and deduplicated documentation action plan.
-model: opus
-tools:
-  - Read
-permissionMode: default
-maxTurns: 12
---
-
-You are the synthesis sub-agent for technical documentation.
-
-Goal:
-
- merge sub-agent outputs into one coherent, non-duplicated action plan
-
-Tasks:
-
- prioritize blockers first, then non-blocking improvements
- normalize to one precedence model for governance decisions
- remove duplicated recommendations and contradictory fixes
- keep final output concise and execution-ready
-
-Return:
-
- prioritized fix plan
- validation summary (done vs pending)
- explicit remaining gaps/blockers
--- a/.agents/skills/technical-documentation/assets/icon.jpg
+++ b/.agents/skills/technical-documentation/assets/icon.jpg
--- a/.agents/skills/technical-documentation/references/agent-and-contributing.md
+++ b/.agents/skills/technical-documentation/references/agent-and-contributing.md
@@ -1,145 +0,0 @@
-# AGENT and CONTRIBUTING Principles
-
-This reference consolidates the core rules for agent-policy and contributor-governance docs.
-
-You must:
-
-1. Discover repo-level and nested instruction files with:
-   `rg --files -g 'AGENTS.md' -g 'CONTRIBUTING.md' -g 'CLAUDE.md' -g 'AGENT.md' -g '.cursor/rules/*' -g '.cursorrules' -g '.agent/**' -g '.agents/**' -g '.pi/**' -g 'AGENTS.*.md'`
-2. Read the root and nearest-scope `AGENTS.md`/`CONTRIBUTING.md` pair before editing.
-3. If alias files exist, normalize to one canonical source (`AGENTS.md` preferred when present; otherwise nearest alias), plus compatibility pointers or explicit symlink notes.
-4. Document conflicting instructions and precedence decisions.
-
-## GitHub + AGENTS baseline
-
-Source: https://docs.github.com/en/communities/setting-up-your-project-for-healthy-contributions/setting-guidelines-for-repository-contributors
-Source: https://agents.md/
-Source: https://github.blog/ai-and-ml/github-copilot/how-to-write-a-great-agents-md-lessons-from-over-2500-repositories/
-Source: https://cobusgreyling.substack.com/p/what-is-agentsmd
-Source: https://www.infoq.com/news/2025/08/agents-md/
-
-Use these as default operating principles:
-
-1. Keep `CONTRIBUTING.md` discoverable and actionable (`.github`, root, or `docs`).
-2. Keep agent instructions concrete: real commands, real paths, clear boundaries.
-3. Use explicit behavior boundaries for agents: `Always`, `Ask first`, `Never`.
-4. Keep contributor and agent rules aligned with actual repository workflows.
-5. Ensure clear guidance is provided to agents on if, when and how to raise issues and pull requests.
-
-## Canonical and alias policy
-
-Source: https://agents.md/
-Source: https://github.blog/ai-and-ml/github-copilot/how-to-write-a-great-agents-md-lessons-from-over-2500-repositories/
-
-1. Treat `AGENTS.md` as canonical when present.
-2. If `AGENTS.md` is absent, treat the nearest alias file as canonical.
-3. Keep compatibility surfaces explicit: `AGENTS.md`, `AGENT.md`, `.cursorrules`, `.cursor/rules/*`, `.agent/`, `.agents/`, `.pi/`.
-4. If aliases are used, document how they map back to canonical policy (or symlink when supported).
-5. When repos use `.agents/` as canonical rule storage, keep `.cursor` as a compatibility symlink to `.agents` for Cursor rule auto-loading.
-6. Keep policy DRY: store one shared policy core and expose it via aliases/symlinks instead of duplicating rule text.
-
-## Context-awareness by agent platform
-
-Source: https://github.com/vercel-labs/agent-skills/blob/main/AGENTS.md
-Source: https://github.com/openai/codex/blob/main/AGENTS.md
-
-1. For Cursor and Claude-style glob consumers, keep rule files narrow and bounded.
-2. Avoid over-referencing large path sets that inflate context for glob-based agents.
-3. For Codex-style workflows, prefer explicit file references and deterministic commands.
-4. Keep long runbooks outside top-level policy files; link to scoped docs.
-5. Ensure all agents have a happy path regardless so ensuring everything works across Codex, Claude and other coding agents.
-
-## Symlink and compatibility operations
-
-1. Preferred layout for multi-agent compatibility:
-   - canonical rule directory: `.agents/`
-   - Cursor compatibility path: `.cursor -> .agents` symlink
-   - canonical policy doc: `AGENTS.md` pointing to `.agents` paths where relevant
-2. Validate symlink state before finalizing changes:
-   - if `.agents/` exists and `.cursor` is missing, create `.cursor` symlink to `.agents`
-   - if `.cursor` is a symlink to another target, fix target or document why it must differ
-   - if `.cursor` is a real directory/file, treat as migration conflict and ask before replacement
-3. Validate rule payload through the canonical directory:
-   - rules: `.agents/rules/*.mdc` with valid frontmatter (`description`, `globs`, `alwaysApply` as needed)
-   - commands: `.agents/commands/*.md` when command routing is used
-   - MCP config: `.agents/mcp.json` when MCP is in scope
-4. Keep Codex behavior explicit:
-   - `AGENTS.md` is primary for Codex repository instructions
-   - `.cursor` compatibility is for Cursor auto-loading and does not replace canonical AGENTS policy
-5. Record applied symlink fixes and unresolved compatibility gaps in validation notes.
-
-## Dual-mode and deliverable standards
-
-Source: https://github.blog/ai-and-ml/github-copilot/how-to-write-a-great-agents-md-lessons-from-over-2500-repositories/
-Source: https://agents.md/
-Source: https://github.com/openai/codex/blob/main/AGENTS.md
-Source: https://github.com/vercel-labs/agent-skills/blob/main/AGENTS.md
-
-1. Author one shared policy core (same commands, boundaries, and precedence) for all agents.
-2. For Cursor/Claude-style agents, expose that core through glob-driven and bounded files (small `AGENTS.md`/rule surface).
-3. For Codex, expose that same core through explicit file references with precise scope.
-4. Where styles diverge, prefer the smallest common structure that satisfies both and avoid duplicating policy text.
-5. Treat AGENTS/CONTRIBUTING as first-class deliverables when in scope.
-6. Preserve required structure, constraints, and examples from existing files.
-7. Align wording and commands with active repository instructions.
-
-## Proactive issue discovery and remediation
-
-Source: https://github.blog/ai-and-ml/github-copilot/how-to-write-a-great-agents-md-lessons-from-over-2500-repositories/
-Source: https://github.com/openai/codex/blob/main/AGENTS.md
-Source: https://github.com/vercel-labs/agent-skills/blob/main/AGENTS.md
-
-1. Run a conflict matrix review across AGENTS/aliases/CONTRIBUTING and related command/rule docs before finalizing.
-2. Treat the following as high-priority defects: missing referenced files, non-existent setup commands, command scope mismatches, and branch/commit policy conflicts.
-3. Do not stop at caveat-only notes when a low-risk fix is clear; apply the fix in the same pass.
-4. If a canonical entry file is missing (for example a directory `README.md` that docs depend on), create a minimal actionable file and update references.
-5. Long-running investigations are acceptable when needed to uncover cross-file drift, especially in agent-instruction ecosystems.
-
-## Discovery
-
-1. Agents prefer simple terminal commands so having a well defined `make *` or `npm run *` is ideal
-2. Agents can discover terminal commands through shell completion so providing shell completion helps
-
-## CONTRIBUTING size and scope control
-
-Source: https://contributing.md/how-to-build-contributing-md/
-Source: https://blog.codacy.com/best-practices-to-manage-an-open-source-project
-Source: https://mozillascience.github.io/working-open-workshop/contributing/
-Source: https://github.com/openclaw/openclaw/blob/main/CONTRIBUTING.md
-
-1. Keep root `CONTRIBUTING.md` focused on setup, issue flow, PR flow, testing, and review gates.
-2. Use issue/PR template links instead of embedding every process detail inline.
-3. When the file grows too large, split by domain and link from root.
-4. Move any large content into docs if avalible (for example Mintlify/Fern/Sphinx workflows) to avoid large contributor guide.
-5. Optimize for agent/machine readability as well as humans.
-
-## Example repos to emulate
-
-Source: https://github.com/openclaw/openclaw/blob/main/AGENTS.md
-Source: https://github.com/openclaw/openclaw/blob/main/CONTRIBUTING.md
-Source: https://github.com/openclaw/openclaw/blob/main/VISION.md
-Source: https://github.com/openai/codex/blob/main/AGENTS.md
-Source: https://github.com/processing/p5.js/blob/main/AGENTS.md
-Source: https://github.com/vercel-labs/agent-skills/blob/main/AGENTS.md
-Source: https://github.com/agentsmd/agents.md/blob/main/AGENTS.md
-Source: https://github.com/rails/rails/blob/main/CONTRIBUTING.md
-Source: https://github.com/kubernetes/kubernetes/blob/master/CONTRIBUTING.md
-Source: https://github.com/atom/atom/blob/master/CONTRIBUTING.md
-Source: https://github.com/github/docs/blob/main/CONTRIBUTING.md
-Source: https://github.com/facebook/react/blob/main/CONTRIBUTING.md
-
-1. OpenClaw: strong real-world alias policy and AGENTS/CONTRIBUTING/VISION cohesion.
-2. OpenAI Codex: strict command discipline and explicit scope control.
-3. p5.js: explicit AI-policy guardrails in agent instructions.
-4. Vercel + agentsmd spec: compact, context-efficient AGENTS patterns.
-5. Rails/Kubernetes/Atom/GitHub Docs/React: contributor guidance patterns at different project scales.
-
-## Practical merge policy
-
-When these rules conflict:
-
-1. Preserve contributor and reader task success first.
-2. Preserve instruction clarity and unambiguous boundaries second.
-3. Preserve long-term maintainability and context-efficiency third.
-4. Add extra agent optimization only if it does not reduce human clarity or there is explict need.
-5. Use your judgement as the expert.
--- a/.agents/skills/technical-documentation/references/build.md
+++ b/.agents/skills/technical-documentation/references/build.md
@@ -1,116 +0,0 @@
-# Build Docs Playbook
-
-Read `principles.md` first, then follow this execution flow.
-
-## 1. Detect and align agent instruction and governance instructions
-
- Use `references/agent-and-contributing.md` as the source of truth for inventory, canonical/alias mapping, and precedence/conflict handling.
- Apply the symlink compatibility policy when in scope (`.agents` canonical directory with `.cursor` compatibility symlink when required by tooling).
- Long-running and extensive build investigations are acceptable when needed to resolve ambiguous or conflicting documentation sources.
- When available, use sub-agents for bounded parallel inventory/cross-check tasks and merge results into one canonical decision set.
- Capture required constraints before writing:
-  - nested-agent rules, command/test requirements, PR workflow, and style checks.
- Use the same command and validation expectations in proposed snippets and examples.
-
-## 2. Inventory product documentation surfaces (not governance only)
-
- For repo-wide builds, include docs content surfaces in addition to AGENTS/CONTRIBUTING.
- Inventory docs files and frameworks in scope (examples): `README*.md`, `docs/**`, `**/*.md`, `**/*.mdx`, `**/*.mdc`, `**/*.rst`, `**/*.rsc`, Fern/Mintlify config, Sphinx `conf.py`.
- Build a coverage map before drafting so governance and product docs are both represented.
- If scope is ambiguous, default to broader docs discovery first, then narrow intentionally.
-
-## 3. Framework config and path mapping rules
-
- Detect framework/config first (for example Fern config, Sphinx `conf.py`, Mintlify config, or equivalent).
- Resolve every referenced path relative to the file/config that declares it, not assumed repo root.
- Treat filesystem paths and published URL routes as separate mappings; do not infer one from the other without config evidence.
- Validate both layers:
-  - config -> file exists on disk
-  - config/nav/routing -> URL path is consistent and reachable
- Record path-mapping assumptions and mismatches in handoff (`missing file`, `stale route`, `wrong base path`).
-
-## 4. Define intent and success
-
- Audience, prerequisites, and job-to-be-done.
- Expected reader outcome immediately after completion.
- Doc type: tutorial, how-to, reference, explanation.
- Success criteria: what must be true after publish.
-
-## 5. Build structure before prose
-
- Follow the funnel: what/why, quickstart, next steps.
- Keep headings informative and scannable.
- Open each section with the takeaway sentence.
- Add decision points with concrete branch guidance.
- For OpenClaw docs work, choose a page type from `references/openclaw.md` before drafting.
- Keep task-critical OpenClaw configuration inline; link exhaustive defaults, enums, schemas, generated references, and rare debugging workflows.
-
-## 6. Build AGENTS.md and CONTRIBUTING.md intentionally
-
- Keep AGENTS.md structure consistent with `agents.md` ecosystem patterns:
-  - include YAML frontmatter when present in repo style (`name`, `description`).
-  - state persona scope and explicit instruction boundaries: `Always`, `Ask first`, `Never`.
-  - include concrete commands and representative code examples.
- For CONTRIBUTING.md, prioritize issue triage flow, PR expectations, setup/test commands, and review gates.
- Add `Code of Conduct`, `Testing`, `Local checks`, and `PR expectations` sections when missing but required by the repo.
- If CONTRIBUTING.md is becoming too large, split by scope into linked docs (for example, framework/tool-specific setup and release workflows) and keep the root file as a concise entry point.
- Keep cross-file consistency: links from CONTRIBUTING.md to AGENTS.md (and vice versa) should be accurate and non-circular.
- If multiple AGENTS.md files exist, document the directory-level scope and avoid conflicting advice.
- If a required canonical entry file is missing (for example referenced `README.md` under a major directory), create the file in the same pass instead of adding a caveat-only note.
- For new entry files, keep them minimal and actionable: purpose, prerequisites, concrete run commands, and pointers to deeper docs.
-
-## 7. Keep agent context tight
-
- Author once, expose twice:
-  - keep one shared policy core and avoid duplicating guidance in separate agent-specific files.
-  - publish that core through bounded glob-friendly files for Cursor/Claude plus explicit path references for Codex.
- For Cursor and Claude-style agents, avoid broad references. Use minimal globbing and narrow rule files that each serve one concern (for example, repo-wide setup, test rules, security checks).
- Keep AGENTS and alias files short-to-medium; move detailed runbooks to linked docs.
- For Codex, prefer explicit file references and concrete paths for exact reuse.
- Avoid adding unrelated historical or process details to avoid token/context drift during future tool reads.
-
-## 8. Brownfield build mode
-
- Match existing terminology, navigation, and component patterns.
- Preserve existing IA unless there is a documented migration plan.
- For rewrites, include a migration note from old to new paths.
- Prefer smallest safe change set that improves utility.
-
-## 9. Evergreen build mode
-
- Prefer stable concepts over release-tied narrative.
- Isolate volatile details under clearly marked version sections.
- Include maintenance signals: owners, refresh triggers, stale criteria.
- Include lifecycle notes: deprecation and replacement paths.
-
-## 10. Writing constraints
-
- Use precise language and short, imperative instructions.
- Keep code examples copy-ready and self-contained.
- Include common failure modes and safe defaults.
- Avoid placeholder guidance that cannot be executed.
-
-## 11. Agent and automation readiness
-
- Keep key facts in text (not image-only).
- Prefer structured lists/tables when choices matter.
- Add links and anchors that allow deterministic navigation.
- Document what can be checked automatically in CI.
-
-## 12. Build validation
-
- Validate commands and snippets where possible.
- Verify links and references in changed sections.
- Run a reference existence sweep for every path/command you introduced.
- Verify docs-framework consistency when in scope (for example Sphinx/Fern config and referenced doc paths).
- For OpenClaw docs work, apply the validation checklist in `references/openclaw.md`.
-
-## 13. Multilingual parity mode (when applicable)
-
- Pick one source-of-truth language for technical accuracy and release timing.
- Define parity target: full parity, staged parity, or intentional divergence per section.
- Keep structure aligned across locales (headings, anchors, section order) when possible.
- Preserve command/code correctness first; localize explanatory text second.
- If parity is not feasible, add a visible note with missing scope and expected sync window.
- Run a locale parity check for changed sections (added/removed steps, warnings, prerequisites).
- Record unresolved checks explicitly in handoff.
--- a/.agents/skills/technical-documentation/references/openclaw.md
+++ b/.agents/skills/technical-documentation/references/openclaw.md
@@ -1,128 +0,0 @@
-# OpenClaw Documentation Overlay
-
-Use this reference only for OpenClaw docs work. It layers OpenClaw-specific page
-types, navigation, preservation, and validation rules on top of the general
-technical-documentation skill.
-
-## Reader Model
-
- Lead with the task the reader is trying to complete.
- Give one recommended path before alternatives.
- Keep main docs focused on the common path; move dense contracts and rare
-  debugging detail to linked reference or troubleshooting pages.
- Explain production risks exactly where the reader can make the mistake.
- Link concepts, guides, references, CLI pages, SDK docs, testing, and
-  troubleshooting so readers can continue without rereading.
-
-## Page Types
-
-Choose the page type before writing or reviewing:
-
- Overview: route readers to the right product area, integration path, or guide.
- Quickstart: get a new user to a working result with the fewest safe steps.
- Topic page: explain a major OpenClaw entity or surface end to end.
- Guide: walk through one workflow from prerequisites to production readiness.
- API/SDK/CLI reference: define every object, method, command, option, response,
-  error, enum, default, and version rule in scope.
- Testing guide: show sandbox setup, fixtures, simulated failures, and live-mode
-  differences.
- Troubleshooting guide: map observable symptoms to checks, causes, and fixes.
- Governance file: keep agent/contributor policy concrete, scoped, and aligned
-  with current OpenClaw repo behavior.
-
-## Topic Pages
-
-Use this shape for major-entity pages:
-
-1. Title naming the entity or surface.
-2. Unheaded opening that says what it is, what it owns, and what it does not own.
-3. Requirements, only when setup needs accounts, versions, permissions, plugins,
-   operating systems, or credentials.
-4. Quickstart with the recommended path and smallest reliable verification.
-5. Configuration with task-critical options inline and exhaustive details linked
-   to reference docs.
-6. Major subtopics organized by reader intent, not under a generic "Subtopics"
-   heading.
-7. Troubleshooting with observable failures and concrete checks.
-8. Related links to guides, references, commands, concepts, and adjacent topics.
-
-## Guides
-
-Use this shape for workflow pages:
-
-1. Title naming the outcome, not the implementation detail.
-2. Opening that states what the reader can accomplish.
-3. Before you begin: accounts, keys, permissions, versions, tools, and
-   assumptions.
-4. Choose a path, only when the reader must decide.
-5. Steps with verb-led headings, commands, expected output, and checks.
-6. Test with the smallest reliable proof that the workflow works.
-7. Production readiness: security, retries, limits, observability, migrations,
-   and cleanup.
-8. Troubleshooting near the workflow that causes the failures.
-9. See also links to concepts, references, SDK docs, and adjacent guides.
-
-## Docs IA And Navigation
-
- Read `docs/docs.json` before navigation changes.
- Keep topic pages and common workflows on the main reader path.
- Put exhaustive contracts, generated references, maintainer-only detail, and
-  support material under `Reference` or another clearly scoped support page.
- Keep generated `plugins/reference/*` children and redirect-only pages out of
-  visible navigation unless explicitly required.
- For moved pages, include a keep/drop/move/destination matrix in the handoff.
- Add "Read when" hints for docs-list routing when creating or changing pages
-  that participate in the docs index.
-
-## Source-Backed Content
-
- CLI docs must match current flags, output, errors, and examples.
- API/SDK docs must include fields, defaults, enum values, constraints, nullable
-  behavior, lifecycle states, errors, and recovery guidance.
- Config docs must align exported types, schema/help output, metadata, baselines,
-  and current docs.
- Dependency-backed behavior must be verified from upstream docs, source, or
-  types before documenting defaults, timing, errors, or API behavior.
- Separate current behavior, shipped behavior, planned behavior, and maintainer
-  intent.
-
-## Examples
-
- Prefer complete copy-pasteable commands and snippets.
- Use realistic variable names and values.
- Mark placeholders with angle-bracket names such as `<API_KEY>`.
- Show expected success output when it helps verification.
- Keep one conceptual unit per code block and use language-specific fences.
- Avoid examples that hide setup, auth, error handling, or cleanup.
- Never expose real secrets, live config, phone numbers, private videos, or
-  credentials.
-
-## Preservation Reviews
-
-For rewrites or splits:
-
- Identify source units before rewriting: headings, paragraphs, tables, examples,
-  CLI/API contracts, warnings, and troubleshooting facts.
- Map each retained unit to a destination page or section.
- Do not treat a broad "covered" row as proof for dense source material; use
-  line- or claim-level evidence when the source unit is dense.
- For dropped content, state whether it is obsolete, duplicated elsewhere,
-  unsupported, or moved to a reference/support page.
- When a docs-audit artifact is used, verify it is mapped audit data with
-  non-empty `mappings[]`, not only inventory or reindexed JSON.
-
-## Validation
-
-Choose the narrowest proof that covers the touched surface:
-
- `pnpm docs:list`
- `pnpm docs:check-mdx`
- `pnpm docs:check-links`
- `pnpm docs:check-i18n-glossary`
- `pnpm format:docs:check` or `pnpm lint:docs`
- `git diff --check`
- generated-doc or inventory checks when generated references, plugin catalogs,
-  labeler, or docs scripts changed
- behavior tests or command probes when docs claim runtime behavior
-
-If proof is blocked, say exactly which command was not run and why.
--- a/.agents/skills/technical-documentation/references/principles.md
+++ b/.agents/skills/technical-documentation/references/principles.md
@@ -1,54 +0,0 @@
-# Documentation Principles
-
-This reference consolidates the core rules used by this skill.
-
-## Matt Palmer: 8 rules for better docs
-
-Source: https://mattpalmer.io/posts/2025/10/8-rules-for-better-docs/
-
-Use these as default operating principles:
-
-1. Write for humans, optimize for agents.
-2. Start with a funnel: what/why, quickstart, next steps.
-3. Use Diataxis to scaffold content.
-4. Write with AI, but structure for agents.
-5. Offload routine docs operations to background agents.
-6. Automate quality with CI.
-7. Automate scaffolding and repetitive workflow tasks.
-8. Make contribution easy and visible.
-
-## OpenAI cookbook: what makes documentation good
-
-Source: https://cookbook.openai.com/articles/what_makes_documentation_good
-
-Key quality constraints:
-
- Prefer specific and accurate terminology over niche jargon.
- Keep examples self-contained and minimize dependencies.
- Prioritize high-value topics over edge-case depth.
- Do not teach unsafe patterns (for example, exposed secrets).
- Open with context that helps readers orient quickly.
- Apply empathy and override rigid rules when it clearly improves outcomes.
-
-## Practical merge policy
-
-When these rules conflict:
-
-1. Preserve reader task success first.
-2. Preserve structural clarity second.
-3. Preserve long-term maintainability third.
-4. Add agent optimization only if it does not reduce human clarity.
-
-For agent-instructions and contributor-governance specifics (AGENTS/aliases/CONTRIBUTING), use `references/agent-and-contributing.md` as the detailed additional source of truth.
-
-When the target repo or request is OpenClaw-specific, layer `references/openclaw.md` on top of these general rules. Otherwise ignore that repo-specific overlay.
-
-## Execution policy for this skill
-
- Long-running and extensive investigations are allowed for both build and review work when needed to resolve ambiguity or cross-file drift.
- Use sub-agents when available for bounded parallel discovery, verification, or cross-source comparison.
- Keep one merged outcome: sub-agent outputs must be normalized into a single consistent recommendation/fix set.
-
-## Multilingual parity rule
-
-When docs exist in multiple languages, target cross-locale parity for task-critical content (steps, warnings, prerequisites, and limits). If full parity is not possible, publish explicit parity status and sync intent.
--- a/.agents/skills/technical-documentation/references/review.md
+++ b/.agents/skills/technical-documentation/references/review.md
@@ -1,121 +0,0 @@
-# Review Docs Playbook
-
-Read `principles.md` first, then apply this checklist.
-
-## 1. Scope and classification
-
- Identify doc type and target audience.
- Confirm brownfield vs evergreen intent.
- Confirm expected outcome for the reader.
- For full-repo reviews, explicitly include both governance surfaces and product-doc surfaces (`docs/`, README trees, `.md/.mdx/.mdc`, `.rst/.rsc`, framework docs configs).
- For OpenClaw docs reviews, apply `references/openclaw.md` for page type, docs IA, preservation, examples, and validation checks.
-
-## 2. Investigation behavior
-
- Proactively find issues and risks without waiting for repeated prompts.
- If there are signals of deeper problems, continue investigation beyond the first pass.
- Long-running and extensive investigations are acceptable when needed for confidence and correctness.
- When available, use sub-agents for bounded parallel discovery (for example file-inventory, command validation, or cross-doc consistency checks), then merge to one final issue set.
- When no issues are found, state that explicitly and call out residual risks or validation gaps.
- Default to `apply-fixes` for high-confidence documentation defects unless the user explicitly requests `report-only`.
- Do not stop at AGENTS/CONTRIBUTING checks when the task is documentation-wide; continue into docs-content and docs-framework surfaces.
-
-## 3. Governance surface review
-
- Use `references/agent-and-contributing.md` as the source of truth for inventory, canonical/alias mapping, and precedence/conflict handling.
-  For AGENTS.md:
-
- confirm persona intent, scope, and command/tool boundaries are explicit.
- check frontmatter style matches repo conventions when present.
- ensure `Always`, `Ask first`, and `Never` boundaries are present when expected.
- require concrete command examples and repo-specific paths to avoid ambiguity.
-
-For CONTRIBUTING.md:
-
- verify issue/PR workflow is complete and actionable.
- ensure local setup, lint/test commands, and review criteria are accurate.
- ensure governance does not conflict with nested AGENTS instructions.
- flag oversized files that should be split into linked section docs (for example tool-specific setup and release docs).
-
-For agent-platform awareness:
-
- confirm references are minimal and scoped for Cursor/Claude glob behavior.
- confirm Codex-facing guidance uses explicit file references.
- confirm both surfaces represent the same shared policy core (commands, boundaries, and precedence), not divergent guidance.
- audit `.agents`/`.cursor` compatibility behavior:
-  - verify canonical rule directory and symlink state match repo policy
-  - verify symlink target integrity and platform/tooling expectations
-  - verify AGENTS policy references remain canonical for Codex even when `.cursor` compatibility exists
- check for context bloat from duplicated policy statements across agent and contributor files.
- check for conflicting rules, skills and agent instructions
- check for conflicting information in agent instructions vs codebase
- check for broken or missing referenced files (for example README/index files named as canonical entry points).
- check for setup/command drift (for example non-existent install commands, root-level commands that should be module-scoped).
-
-## 4. Product documentation surface review
-
- Verify docs IA coverage across root/module `README*` files and `docs/**` trees.
- Review framework-native docs sources in scope (for example Fern, Mintlify, Sphinx, MkDocs) and ensure guidance matches actual source-of-truth files.
- Check `.md/.mdx/.mdc/.rst/.rsc` for stale commands, missing prerequisites, and broken cross-links.
- Confirm referenced doc paths and anchors exist.
- Flag docs that should be split/merged to improve discoverability and maintenance.
- For OpenClaw docs, check `docs/docs.json`, docs-list routing hints, main path versus `Reference` placement, and generated-reference visibility.
- For OpenClaw rewrites or page splits, require source-backed keep/drop/move/destination coverage for important claims, warnings, examples, commands, fields, and troubleshooting facts.
-
-## 5. Framework config and path mapping checks
-
- Detect and read framework config first (for example Fern config, Sphinx `conf.py`, Mintlify config, or equivalent).
- Resolve path references relative to the declaring file/config.
- Treat filesystem paths and published URL routes as separate maps; verify both.
- Flag path-map drift explicitly (`missing file`, `stale route`, `wrong base path`).
-
-## 6. Structural review
-
- Funnel check: what/why, quickstart, next steps.
- Validate heading flow and navigation discoverability.
- Flag critical content trapped in images or buried sections.
- Check Diataxis alignment and split mixed-purpose sections.
- For OpenClaw docs, confirm the content matches an explicit page type from `references/openclaw.md`.
-
-## 7. Writing quality review
-
- Check for concise, scannable paragraphs.
- Remove ambiguous pronouns and undefined terms.
- Verify examples are executable and scoped correctly.
- Verify tone is directive, technical, and non-hand-wavy.
-
-## 8. Brownfield review mode
-
- Verify compatibility with existing docs IA and conventions.
- Verify anchors, redirects, and cross-doc links remain valid.
- Flag regressions in onboarding and task completion paths.
- Ensure changed terminology is intentionally propagated.
-
-## 9. Evergreen review mode
-
- Flag date-stamped or brittle wording without version scope.
- Check ownership and refresh signals are present.
- Ensure recommendations remain valid after routine product evolution.
- Flag missing deprecation/migration guidance.
-
-## 10. Tooling and platform review
-
-Read `tooling.md` if platform fit is uncertain.
-
- Check whether content uses platform primitives effectively.
- Flag structure that fights the chosen docs platform.
- Recommend targeted platform-aware improvements.
-
-## 11. Multilingual parity review (when applicable)
-
- Confirm declared source-of-truth language and expected parity policy.
- Compare changed sections across locales for step/order/warning drift.
- Flag missing updates to prerequisites, version notes, limits, and safety guidance.
- Allow intentional divergence only when rationale is explicit and user-impact is low.
- Require a reader-visible status note when locale parity is partial.
-
-## 12. Output format
-
-1. Blocking issues (file + required fix)
-2. Non-blocking improvements
-3. Validation notes (done vs pending)
--- a/.agents/skills/technical-documentation/references/tooling.md
+++ b/.agents/skills/technical-documentation/references/tooling.md
@@ -1,32 +0,0 @@
-# Documentation Tooling Guide
-
-Source: https://www.mintlify.com/blog/top-7-api-documentation-tools-of-2025
-
-Use this file when deciding build/review expectations for doc platforms.
-
-## Tool-selection checkpoints
-
- Existing stack lock-in: do not force migration for minor gains.
- API workflow depth: generated references, OpenAPI support, testability.
- Collaboration model: docs-as-code, review workflow, versioning.
- Runtime quality: search, navigation, and copy-ready code snippets.
- AI readiness: structured content, stable URLs, machine-friendly layout yet human readable.
- Human readiness: reading complexity, reading UX, navigation depth, minimize jargon.
-
-## Apply in brownfield mode
-
- Prioritize compatibility with the current platform.
- Use available components and style conventions before introducing new patterns.
- Propose migration only when current constraints block critical outcomes.
-
-## Apply in evergreen mode
-
- Favor platforms and templates that make routine updates low-friction.
- Standardize section templates to reduce drift.
- Capture ownership, update cadence, and stale-content detection rules.
-
-## Review implications
-
- Check whether content uses platform primitives correctly (tabs, callouts, endpoint blocks).
- Flag docs that are technically correct but hard to scan in the chosen platform.
- Recommend platform-specific improvements only when they reduce cognitive load.
--- a/.agents/skills/telegram-crabbox-e2e-proof/SKILL.md
+++ b/.agents/skills/telegram-crabbox-e2e-proof/SKILL.md
@@ -1,206 +0,0 @@
---
-name: telegram-crabbox-e2e-proof
-description: Use when reviewing, reproducing, or proving OpenClaw Telegram behavior with a real Telegram user on Crabbox, including PR review workflows that need an agent-controlled Telegram Desktop recording, TDLib user-driver commands, Convex-leased credentials, WebVNC observation, and motion-trimmed artifacts.
---
-
-# Telegram Crabbox E2E Proof
-
-Use this for Telegram PR review or bug reproduction when bot-to-bot proof is
-not enough. The goal is to let the agent keep a real Telegram user session open
-until it is satisfied, then attach visual proof.
-
-Do not use personal accounts. Do not add credentials to the repo, prompt, or
-artifact bundle. The runner leases the shared burner account from Convex.
-
-## Start
-
-Run from the OpenClaw repo and branch under test:
-
-```bash
-proof_cmd="${OPENCLAW_TELEGRAM_USER_PROOF_CMD:-openclaw-telegram-user-crabbox-proof}"
-"$proof_cmd" start \
-  --tdlib-url http://artifacts.openclaw.ai/tdlib-v1.8.0-linux-x64.tgz \
-  --output-dir .artifacts/qa-e2e/telegram-user-crabbox/pr-review
-```
-
-This starts one held session:
-
- leases the exclusive `telegram-user` Convex credential
- restores TDLib and Telegram Desktop with the same user account
- starts a mock OpenClaw Telegram SUT from the current checkout
- selects the configured Telegram chat in the visible Linux desktop
- starts a 24fps desktop recording
- writes `.artifacts/qa-e2e/telegram-user-crabbox/pr-review/session.json`
-
-Keep the session alive while investigating. It is valid for the agent to test
-for minutes, run several commands, use WebVNC, inspect transcripts, and only
-finish once the behavior is understood.
-
-For deterministic visual repros, put the exact mock-model reply in a file and
-pass it to `start`:
-
-```bash
-proof_cmd="${OPENCLAW_TELEGRAM_USER_PROOF_CMD:-openclaw-telegram-user-crabbox-proof}"
-"$proof_cmd" start \
-  --tdlib-url http://artifacts.openclaw.ai/tdlib-v1.8.0-linux-x64.tgz \
-  --mock-response-file .artifacts/qa-e2e/telegram-user-crabbox/reply.txt \
-  --output-dir .artifacts/qa-e2e/telegram-user-crabbox/pr-review
-```
-
-The runner defaults to `--class standard`, `--record-fps 24`,
-`--preview-fps 24`, and `--preview-width 1920`. Keep those defaults unless the
-proof needs something else.
-
-## While Testing
-
-For visual proof, first send or identify a bottom marker message, then open the
-group/topic directly by message id:
-
-```bash
-proof_cmd="${OPENCLAW_TELEGRAM_USER_PROOF_CMD:-openclaw-telegram-user-crabbox-proof}"
-"$proof_cmd" view \
-  --session .artifacts/qa-e2e/telegram-user-crabbox/pr-review/session.json \
-  --message-id <message-id>
-```
-
-This uses Telegram Desktop directly with `tg://privatepost`, not `xdg-open`.
-It also resizes Telegram to `650x1000` at the tested desktop position so
-the crop can isolate the chat pane even if Telegram keeps a split/sidebar
-layout. Do not press Escape after this; Escape can close the selected chat.
-
-Bottom behavior matters:
-
- deep-linking to the newest message keeps Telegram pinned to the bottom, so
-  later messages appear live in the recording
- deep-linking to an older message does not auto-scroll to new arrivals; link
-  again to the newest/final marker instead of clicking the down-arrow
- the cropped GIF intentionally uses the chat pane, not the whole desktop or
-  whole Telegram window
-
-Send as the real Telegram user:
-
-```bash
-proof_cmd="${OPENCLAW_TELEGRAM_USER_PROOF_CMD:-openclaw-telegram-user-crabbox-proof}"
-"$proof_cmd" send \
-  --session .artifacts/qa-e2e/telegram-user-crabbox/pr-review/session.json \
-  --text /status
-```
-
-For slash commands, omit the bot username; the runner targets the SUT bot.
-
-Run arbitrary commands on the Crabbox:
-
-```bash
-proof_cmd="${OPENCLAW_TELEGRAM_USER_PROOF_CMD:-openclaw-telegram-user-crabbox-proof}"
-"$proof_cmd" run \
-  --session .artifacts/qa-e2e/telegram-user-crabbox/pr-review/session.json \
-  -- bash -lc 'source /tmp/openclaw-telegram-user-crabbox/env.sh && python3 /tmp/openclaw-telegram-user-crabbox/user-driver.py transcript --limit 20 --json'
-```
-
-Useful remote user-driver commands:
-
-```bash
-source /tmp/openclaw-telegram-user-crabbox/env.sh
-python3 /tmp/openclaw-telegram-user-crabbox/user-driver.py status --json
-python3 /tmp/openclaw-telegram-user-crabbox/user-driver.py chats --json
-python3 /tmp/openclaw-telegram-user-crabbox/user-driver.py transcript --limit 20 --json
-python3 /tmp/openclaw-telegram-user-crabbox/user-driver.py send --text '/status@{sut}'
-python3 /tmp/openclaw-telegram-user-crabbox/user-driver.py probe --text '@{sut} Reply exactly: USER-E2E-{run}' --expect USER-E2E-
-```
-
-Capture the current desktop without ending the session:
-
-```bash
-proof_cmd="${OPENCLAW_TELEGRAM_USER_PROOF_CMD:-openclaw-telegram-user-crabbox-proof}"
-"$proof_cmd" screenshot \
-  --session .artifacts/qa-e2e/telegram-user-crabbox/pr-review/session.json
-```
-
-Check lease state and get the WebVNC command:
-
-```bash
-proof_cmd="${OPENCLAW_TELEGRAM_USER_PROOF_CMD:-openclaw-telegram-user-crabbox-proof}"
-"$proof_cmd" status \
-  --session .artifacts/qa-e2e/telegram-user-crabbox/pr-review/session.json
-```
-
-## Finish
-
-Always finish or explicitly keep the box:
-
-```bash
-proof_cmd="${OPENCLAW_TELEGRAM_USER_PROOF_CMD:-openclaw-telegram-user-crabbox-proof}"
-"$proof_cmd" finish \
-  --session .artifacts/qa-e2e/telegram-user-crabbox/pr-review/session.json \
-  --preview-crop telegram-window
-```
-
-`finish` stops recording, creates motion-trimmed MP4/GIF artifacts, captures a
-final screenshot and logs, releases the Convex credential, stops the local SUT,
-and stops the Crabbox lease. `--preview-crop telegram-window` also creates a
-fixed-geometry GIF from the tested Telegram proof window for clean side-by-side
-PR tables; the full desktop video/GIF remains in the artifact directory. Pass
-`--keep-box` only when a human needs to continue VNC debugging after the
-credential is released.
-
-After any failure or interruption, verify cleanup:
-
-```bash
-crabbox list --provider aws
-```
-
-If a session file exists and the credential may still be leased, run `finish`
-with that session file before retrying.
-
-## Attach Proof
-
-Attach only the useful visual artifact to the PR unless logs are needed. The
-runner is GIF-only by default:
-
-```bash
-proof_cmd="${OPENCLAW_TELEGRAM_USER_PROOF_CMD:-openclaw-telegram-user-crabbox-proof}"
-"$proof_cmd" publish \
-  --session .artifacts/qa-e2e/telegram-user-crabbox/pr-review/session.json \
-  --pr <pr-number> \
-  --summary 'Telegram real-user Crabbox session motion GIF'
-```
-
-This copies only the useful GIF into a temporary publish bundle and comments
-that GIF. If `finish --preview-crop telegram-window` produced a cropped GIF,
-publish uses that; otherwise it uses `telegram-user-crabbox-session-motion.gif`.
-Use `--full-artifacts` only when the PR needs logs or JSON output. Never publish
-credential payloads, local env files, TDLib databases, Telegram Desktop
-profiles, or raw session archives.
-
-For before/after proof, run one session on `main` and one on the PR head, then
-publish only the intended GIFs from a clean bundle:
-
-```bash
-mkdir -p .artifacts/qa-e2e/telegram-user-crabbox/pr-123/comparison
-cp <main-output>/telegram-user-crabbox-session-motion-telegram-window.gif \
-  .artifacts/qa-e2e/telegram-user-crabbox/pr-123/comparison/main-before.gif
-cp <pr-output>/telegram-user-crabbox-session-motion-telegram-window.gif \
-  .artifacts/qa-e2e/telegram-user-crabbox/pr-123/comparison/pr-after.gif
-crabbox artifacts publish \
-  --repo openclaw/openclaw \
-  --pr 123 \
-  --dir .artifacts/qa-e2e/telegram-user-crabbox/pr-123/comparison \
-  --summary 'Telegram before/after proof' \
-  --no-comment
-```
-
-Then post a concise markdown table with those two URLs. Do not publish working
-directories that contain screenshots, raw videos, logs, session JSON, or crop
-experiments unless those artifacts are explicitly needed.
-
-## Quick Smoke
-
-For a fast one-shot check, use:
-
-```bash
-proof_cmd="${OPENCLAW_TELEGRAM_USER_PROOF_CMD:-openclaw-telegram-user-crabbox-proof}"
-"$proof_cmd" --text /status
-```
-
-This is a start/send/finish shortcut. Prefer the held session for PR review,
-issue reproduction, or any task where the agent may need several attempts.
--- a/.crabbox.yaml
+++ b/.crabbox.yaml
@@ -6,10 +6,6 @@ capacity:
  strategy: most-available
  fallback: on-demand-after-120s
  hints: true
-  availabilityZones:
-    - eu-west-1a
-    - eu-west-1b
-    - eu-west-1c
  regions:
    - eu-west-1
    - eu-west-2
@@ -18,9 +14,6 @@ capacity:
    - us-west-2
 actions:
  workflow: .github/workflows/crabbox-hydrate.yml
-  # Default AWS hydration uses local Actions replay. Use
-  # `crabbox actions hydrate --github-runner --job hydrate-github` when the
-  # hydrate job needs GitHub secrets.
  job: hydrate
  ref: main
  runnerLabels:
--- a/.env.example
+++ b/.env.example
@@ -28,9 +28,6 @@ OPENCLAW_GATEWAY_TOKEN=
 # OPENCLAW_STATE_DIR=~/.openclaw
 # OPENCLAW_CONFIG_PATH=~/.openclaw/openclaw.json
 # OPENCLAW_HOME=~
-# Docker setup stores auth profile encryption key material outside the mounted
-# OpenClaw state dir and mounts this host directory into the container.
-# OPENCLAW_AUTH_PROFILE_SECRET_DIR=/absolute/path/to/.openclaw-auth-profile-secrets

 # Allowlist of extra directories that `$include` directives in openclaw.json may
 # resolve files from. Path-list separated (':' on POSIX, ';' on Windows). Each
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -11,14 +11,6 @@
 /.github/workflows/codeql.yml @openclaw/openclaw-secops
 /.github/workflows/codeql-android-critical-security.yml @openclaw/openclaw-secops
 /.github/workflows/codeql-critical-quality.yml @openclaw/openclaw-secops
-/.github/workflows/dependency-change-awareness.yml @openclaw/openclaw-secops
-/test/scripts/dependency-change-awareness-workflow.test.ts @openclaw/openclaw-secops
-/package-lock.json @openclaw/openclaw-secops
-/npm-shrinkwrap.json @openclaw/openclaw-secops
-/extensions/*/package-lock.json @openclaw/openclaw-secops
-/extensions/*/npm-shrinkwrap.json @openclaw/openclaw-secops
-/pnpm-lock.yaml @openclaw/openclaw-secops
-/scripts/generate-npm-shrinkwrap.mjs @openclaw/openclaw-secops
 /src/security/ @openclaw/openclaw-secops
 /src/secrets/ @openclaw/openclaw-secops
 /src/config/*secret*.ts @openclaw/openclaw-secops
--- a/.github/actions/docker-e2e-plan/action.yml
+++ b/.github/actions/docker-e2e-plan/action.yml
@@ -123,14 +123,14 @@ runs:
      shell: bash
      run: |
        set -euo pipefail
-        bash scripts/ci-docker-pull-retry.sh "${OPENCLAW_DOCKER_E2E_BARE_IMAGE}"
+        docker pull "${OPENCLAW_DOCKER_E2E_BARE_IMAGE}"

    - name: Pull shared functional Docker E2E image
      if: inputs.hydrate-artifacts == 'true' && steps.plan.outputs.needs_functional_image == '1'
      shell: bash
      run: |
        set -euo pipefail
-        bash scripts/ci-docker-pull-retry.sh "${OPENCLAW_DOCKER_E2E_FUNCTIONAL_IMAGE}"
+        docker pull "${OPENCLAW_DOCKER_E2E_FUNCTIONAL_IMAGE}"

    - name: Validate Docker E2E credentials
      if: inputs.hydrate-artifacts == 'true'
@@ -140,33 +140,13 @@ runs:
      run: |
        set -euo pipefail
        credentials=",$CREDENTIALS,"
-        require_any() {
-          local label="$1"
-          shift
-          local key
-          for key in "$@"; do
-            if [[ -n "${!key:-}" ]]; then
-              return 0
-            fi
-          done
-          echo "Missing credential for ${label}: expected one of $*" >&2
-          exit 1
-        }
        if [[ "$credentials" == *",openai,"* ]]; then
-          require_any OpenAI OPENAI_API_KEY
+          [[ -n "${OPENAI_API_KEY:-}" ]] || {
+            echo "OPENAI_API_KEY is required for selected Docker E2E lanes." >&2
+            exit 1
+          }
        fi
-        if [[ "$credentials" == *",codex,"* ]]; then
-          require_any Codex OPENCLAW_CODEX_AUTH_JSON
-        fi
-        if [[ "$credentials" == *",anthropic,"* ]]; then
-          require_any Anthropic ANTHROPIC_API_TOKEN ANTHROPIC_API_KEY OPENCLAW_CLAUDE_CREDENTIALS_JSON OPENCLAW_CLAUDE_JSON
-        fi
-        if [[ "$credentials" == *",factory,"* ]]; then
-          require_any Factory FACTORY_API_KEY
-        fi
-        if [[ "$credentials" == *",gemini,"* ]]; then
-          require_any Gemini GEMINI_API_KEY GOOGLE_API_KEY OPENCLAW_GEMINI_SETTINGS_JSON
-        fi
-        if [[ "$credentials" == *",opencode,"* ]]; then
-          require_any OpenCode OPENCODE_API_KEY OPENCODE_ZEN_API_KEY
+        if [[ "$credentials" == *",anthropic,"* && -z "${ANTHROPIC_API_TOKEN:-}" && -z "${ANTHROPIC_API_KEY:-}" ]]; then
+          echo "ANTHROPIC_API_TOKEN or ANTHROPIC_API_KEY is required for selected Docker E2E lanes." >&2
+          exit 1
        fi
--- a/.github/actions/setup-node-env/action.yml
+++ b/.github/actions/setup-node-env/action.yml
@@ -7,6 +7,14 @@ inputs:
    description: Node.js version to install.
    required: false
    default: "24.x"
+  cache-key-suffix:
+    description: Suffix appended to the pnpm store cache key.
+    required: false
+    default: "node24"
+  pnpm-version:
+    description: pnpm version for corepack.
+    required: false
+    default: "10.33.0"
  install-bun:
    description: Whether to install Bun alongside Node.
    required: false
@@ -19,43 +27,27 @@ inputs:
    description: Whether to use --frozen-lockfile for install.
    required: false
    default: "true"
-  use-actions-cache:
-    description: Whether to restore and save the pnpm store with actions/cache.
-    required: false
-    default: "true"
 runs:
  using: composite
  steps:
-    - name: Normalize container toolcache
-      shell: bash
-      run: |
-        set -euo pipefail
-        if [[ -d /__t && ! -e /opt/hostedtoolcache ]]; then
-          mkdir -p /opt
-          ln -s /__t /opt/hostedtoolcache
-        fi
-
    - name: Setup Node.js
-      shell: bash
-      env:
-        REQUESTED_NODE_VERSION: ${{ inputs.node-version }}
-      run: |
-        set -euo pipefail
-        source "$GITHUB_ACTION_PATH/../setup-pnpm-store-cache/ensure-node.sh"
-        openclaw_ensure_node "$REQUESTED_NODE_VERSION"
-
-    - name: Setup pnpm
-      uses: ./.github/actions/setup-pnpm-store-cache
+      uses: actions/setup-node@v6
      with:
        node-version: ${{ inputs.node-version }}
-        use-actions-cache: ${{ inputs.use-actions-cache }}
+        check-latest: false
+
+    - name: Setup pnpm + cache store
+      id: pnpm-cache
+      uses: ./.github/actions/setup-pnpm-store-cache
+      with:
+        pnpm-version: ${{ inputs.pnpm-version }}
+        cache-key-suffix: ${{ inputs.cache-key-suffix }}

    - name: Setup Bun
      if: inputs.install-bun == 'true'
-      shell: bash
-      run: |
-        set -euo pipefail
-        npm install -g bun@1.3.14
+      uses: oven-sh/setup-bun@v2.2.0
+      with:
+        bun-version: "1.3.13"

    - name: Runtime versions
      shell: bash
@@ -66,15 +58,14 @@ runs:
        if command -v bun &>/dev/null; then bun -v; fi

    - name: Capture node path
+      if: inputs.install-deps == 'true'
      shell: bash
      run: |
        node_bin="$(dirname "$(node -p 'process.execPath')")"
        if command -v cygpath >/dev/null 2>&1; then
          node_bin="$(cygpath -u "$node_bin")"
        fi
-        # zizmor: ignore[github-env] node_bin comes from trusted actions/setup-node output in this composite action.
        echo "NODE_BIN=$node_bin" >> "$GITHUB_ENV"
-        echo "$node_bin" >> "$GITHUB_PATH"

    - name: Install dependencies
      if: inputs.install-deps == 'true'
@@ -108,25 +99,12 @@ runs:
        if [ -n "$LOCKFILE_FLAG" ]; then
          install_args+=("$LOCKFILE_FLAG")
        fi
-        append_pnpm_option_arg() {
-          local env_name="$1"
-          local option_name="$2"
-          local value="${!env_name-}"
-          if [ -n "$value" ]; then
-            install_args+=("--${option_name}=${value}")
-          fi
-        }
-        append_pnpm_option_arg PNPM_CONFIG_CHILD_CONCURRENCY child-concurrency
-        append_pnpm_option_arg PNPM_CONFIG_MODULES_DIR modules-dir
-        append_pnpm_option_arg PNPM_CONFIG_NETWORK_CONCURRENCY network-concurrency
-        append_pnpm_option_arg PNPM_CONFIG_VIRTUAL_STORE_DIR virtual-store-dir
-        if [ -n "${PNPM_CONFIG_MODULES_DIR:-}" ]; then
-          mkdir -p "$PNPM_CONFIG_MODULES_DIR"
-          ln -sfn . "$PNPM_CONFIG_MODULES_DIR/node_modules"
-        fi
        pnpm "${install_args[@]}" || pnpm "${install_args[@]}"
-        if [ -n "${PNPM_CONFIG_MODULES_DIR:-}" ]; then
-          rm -rf node_modules
-          ln -sfn "$PNPM_CONFIG_MODULES_DIR" node_modules
-          ln -sfn . "$PNPM_CONFIG_MODULES_DIR/node_modules"
-        fi
+
+    - name: Save pnpm store cache
+      if: inputs.install-deps == 'true' && steps.pnpm-cache.outputs.cache-enabled == 'true' && steps.pnpm-cache.outputs.cache-hit != 'true'
+      uses: actions/cache/save@v5
+      continue-on-error: true
+      with:
+        path: ${{ steps.pnpm-cache.outputs.store-path }}
+        key: ${{ steps.pnpm-cache.outputs.primary-key }}
--- a/.github/actions/setup-pnpm-store-cache/action.yml
+++ b/.github/actions/setup-pnpm-store-cache/action.yml
@@ -1,98 +1,90 @@
-name: Setup pnpm
-description: Prepare pnpm from the repository packageManager and restore its store cache.
+name: Setup pnpm + store cache
+description: Prepare pnpm via corepack and restore pnpm store cache.
 inputs:
-  package-manager-file:
-    description: package.json file that owns the packageManager pnpm pin.
+  pnpm-version:
+    description: pnpm version to activate via corepack.
    required: false
-    default: "package.json"
-  lockfile-path:
-    description: pnpm lockfile used to key the store cache.
+    default: "10.33.0"
+  cache-key-suffix:
+    description: Suffix appended to the cache key.
    required: false
-    default: "pnpm-lock.yaml"
-  node-version:
-    description: Expected Node.js version already installed by actions/setup-node.
+    default: "node24"
+  use-restore-keys:
+    description: Whether to use restore-keys fallback for actions/cache.
    required: false
-    default: ""
+    default: "true"
  use-actions-cache:
-    description: Whether actions/cache should cache the pnpm store.
+    description: Whether to restore pnpm store with actions/cache.
    required: false
    default: "true"
 outputs:
-  pnpm-version:
-    description: Resolved pnpm version activated by the setup action.
-    value: ${{ steps.pnpm-version.outputs.pnpm-version }}
-  project-dir:
-    description: Directory containing the packageManager file used for pnpm resolution.
-    value: ${{ steps.setup-pnpm.outputs.project-dir }}
+  cache-enabled:
+    description: Whether actions/cache restore was enabled.
+    value: ${{ steps.pnpm-cache-config.outputs.enabled }}
+  cache-hit:
+    description: Whether the pnpm store cache had an exact key hit.
+    value: ${{ steps.pnpm-cache-restore.outputs.cache-hit }}
+  cache-matched-key:
+    description: Cache key matched by restore, if any.
+    value: ${{ steps.pnpm-cache-restore.outputs.cache-matched-key }}
+  primary-key:
+    description: Primary pnpm store cache key.
+    value: ${{ steps.pnpm-cache-config.outputs.primary-key }}
+  store-path:
+    description: Resolved pnpm store path.
+    value: ${{ steps.pnpm-store.outputs.path }}
 runs:
  using: composite
  steps:
-    - name: Validate pnpm setup inputs
-      id: setup-pnpm
+    - name: Setup pnpm (corepack retry)
      shell: bash
      env:
-        PACKAGE_MANAGER_FILE: ${{ inputs.package-manager-file }}
-        REQUESTED_NODE_VERSION: ${{ inputs.node-version }}
+        PNPM_VERSION: ${{ inputs.pnpm-version }}
      run: |
        set -euo pipefail
-        project_dir="$(dirname "$PACKAGE_MANAGER_FILE")"
-        if [[ ! -f "$PACKAGE_MANAGER_FILE" ]]; then
-          echo "::error::package manager file not found: $PACKAGE_MANAGER_FILE"
-          exit 1
+        if [[ ! "$PNPM_VERSION" =~ ^[0-9]+(\.[0-9]+){1,2}([.-][0-9A-Za-z.-]+)?$ ]]; then
+          echo "::error::Invalid pnpm-version input: '$PNPM_VERSION'"
+          exit 2
        fi
-        echo "project-dir=$project_dir" >> "$GITHUB_OUTPUT"
-
-        requested_node="${REQUESTED_NODE_VERSION:-${NODE_VERSION:-}}"
-        source "$GITHUB_ACTION_PATH/ensure-node.sh"
-        openclaw_ensure_node "$requested_node"
-
-    - name: Setup pnpm from packageManager
-      shell: bash
-      env:
-        COREPACK_ENABLE_DOWNLOAD_PROMPT: "0"
-        PACKAGE_MANAGER_FILE: ${{ inputs.package-manager-file }}
-      run: |
-        set -euo pipefail
-        package_manager="$(node -e "const fs = require('node:fs'); const path = require('node:path'); const pkg = JSON.parse(fs.readFileSync(path.resolve(process.argv[1]), 'utf8')); process.stdout.write(pkg.packageManager || '')" "$PACKAGE_MANAGER_FILE")"
-        case "$package_manager" in
-          pnpm@*) ;;
-          *)
-            echo "::error::Expected packageManager to pin pnpm, got '${package_manager:-<empty>}'"
-            exit 1
-            ;;
-        esac
        corepack enable
        for attempt in 1 2 3; do
-          if corepack prepare "$package_manager" --activate; then
+          if corepack prepare "pnpm@$PNPM_VERSION" --activate; then
+            pnpm -v
            exit 0
          fi
-          sleep $((attempt * 5))
+          echo "corepack prepare failed (attempt $attempt/3). Retrying..."
+          sleep $((attempt * 10))
        done
-        corepack prepare "$package_manager" --activate
+        exit 1

    - name: Resolve pnpm store path
      id: pnpm-store
-      if: ${{ inputs.use-actions-cache == 'true' && runner.os != 'Windows' }}
      shell: bash
-      run: |
-        set -euo pipefail
-        store_path="$(pnpm store path --silent)"
-        node -e "require('node:fs').mkdirSync(process.argv[1], { recursive: true })" "$store_path"
-        echo "path=$store_path" >> "$GITHUB_OUTPUT"
+      run: echo "path=$(pnpm store path --silent)" >> "$GITHUB_OUTPUT"

-    - name: Restore pnpm store cache
-      if: ${{ inputs.use-actions-cache == 'true' && runner.os != 'Windows' }}
-      uses: actions/cache@v5
-      with:
-        path: ${{ steps.pnpm-store.outputs.path }}
-        key: pnpm-store-${{ runner.os }}-${{ inputs.node-version }}-${{ hashFiles(inputs.lockfile-path) }}
-        restore-keys: |
-          pnpm-store-${{ runner.os }}-${{ inputs.node-version }}-
-          pnpm-store-${{ runner.os }}-
-
-    - name: Record pnpm version
-      id: pnpm-version
+    - name: Resolve pnpm store cache keys
+      id: pnpm-cache-config
      shell: bash
      env:
-        PROJECT_DIR: ${{ steps.setup-pnpm.outputs.project-dir }}
-      run: echo "pnpm-version=$(cd "$PROJECT_DIR" && pnpm -v)" >> "$GITHUB_OUTPUT"
+        CACHE_KEY_SUFFIX: ${{ inputs.cache-key-suffix }}
+        LOCKFILE_HASH: ${{ hashFiles('pnpm-lock.yaml') }}
+        USE_ACTIONS_CACHE: ${{ inputs.use-actions-cache }}
+        USE_RESTORE_KEYS: ${{ inputs.use-restore-keys }}
+      run: |
+        set -euo pipefail
+        echo "enabled=$USE_ACTIONS_CACHE" >> "$GITHUB_OUTPUT"
+        echo "primary-key=${RUNNER_OS}-pnpm-store-${CACHE_KEY_SUFFIX}-${LOCKFILE_HASH}" >> "$GITHUB_OUTPUT"
+        if [ "$USE_RESTORE_KEYS" = "true" ]; then
+          echo "restore-keys=${RUNNER_OS}-pnpm-store-${CACHE_KEY_SUFFIX}-" >> "$GITHUB_OUTPUT"
+        else
+          echo "restore-keys=" >> "$GITHUB_OUTPUT"
+        fi
+
+    - name: Restore pnpm store cache
+      id: pnpm-cache-restore
+      if: inputs.use-actions-cache == 'true'
+      uses: actions/cache/restore@v5
+      with:
+        path: ${{ steps.pnpm-store.outputs.path }}
+        key: ${{ steps.pnpm-cache-config.outputs.primary-key }}
+        restore-keys: ${{ steps.pnpm-cache-config.outputs.restore-keys }}
--- a/.github/actions/setup-pnpm-store-cache/ensure-node.sh
+++ b/.github/actions/setup-pnpm-store-cache/ensure-node.sh
@@ -1,204 +0,0 @@
-#!/usr/bin/env bash
-
-openclaw_node_version_matches() {
-  local actual="$1"
-  local requested="$2"
-  if [[ -z "$requested" ]]; then
-    return 0
-  fi
-  case "$requested" in
-    *x)
-      [[ "${actual%%.*}" == "${requested%%.*}" ]] || return 1
-      if [[ "${requested%%.*}" == "22" ]]; then
-        openclaw_node_version_at_least "$actual" "22.19.0"
-      fi
-      ;;
-    *.*.*)
-      [[ "$actual" == "$requested" ]]
-      ;;
-    *.*)
-      [[ "$actual" == "$requested".* ]]
-      ;;
-    *)
-      [[ "${actual%%.*}" == "$requested" ]]
-      ;;
-  esac
-}
-
-openclaw_node_version_at_least() {
-  local actual="$1"
-  local minimum="$2"
-  local actual_major actual_minor actual_patch minimum_major minimum_minor minimum_patch
-  IFS=. read -r actual_major actual_minor actual_patch <<< "$actual"
-  IFS=. read -r minimum_major minimum_minor minimum_patch <<< "$minimum"
-  actual_minor="${actual_minor:-0}"
-  actual_patch="${actual_patch:-0}"
-  minimum_minor="${minimum_minor:-0}"
-  minimum_patch="${minimum_patch:-0}"
-
-  if (( actual_major != minimum_major )); then
-    (( actual_major > minimum_major ))
-    return
-  fi
-  if (( actual_minor != minimum_minor )); then
-    (( actual_minor > minimum_minor ))
-    return
-  fi
-  (( actual_patch >= minimum_patch ))
-}
-
-openclaw_active_node_version() {
-  node -p 'process.versions.node' 2>/dev/null || true
-}
-
-openclaw_prepend_node_bin() {
-  local node_bin_dir="$1"
-  local shell_node_bin_dir="$node_bin_dir"
-  if command -v cygpath >/dev/null 2>&1; then
-    shell_node_bin_dir="$(cygpath -u "$node_bin_dir" 2>/dev/null || printf '%s' "$node_bin_dir")"
-  fi
-  export PATH="$shell_node_bin_dir:$PATH"
-  if [[ -n "${GITHUB_PATH:-}" ]]; then
-    local github_node_bin_dir="$shell_node_bin_dir"
-    if command -v cygpath >/dev/null 2>&1; then
-      github_node_bin_dir="$(cygpath -w "$shell_node_bin_dir" 2>/dev/null || printf '%s' "$shell_node_bin_dir")"
-    fi
-    echo "$github_node_bin_dir" >> "$GITHUB_PATH"
-  fi
-  hash -r
-}
-
-openclaw_find_toolcache_node() {
-  local requested_node="$1"
-  local roots=()
-  local root
-  for root in \
-    "${RUNNER_TOOL_CACHE:-}" \
-    "${AGENT_TOOLSDIRECTORY:-}" \
-    "${ACTIONS_RUNNER_TOOL_CACHE:-}" \
-    "${OPENCLAW_CONTAINER_TOOL_CACHE:-/__t}" \
-    "/opt/hostedtoolcache" \
-    "/home/runner/_work/_tool" \
-    "/Users/runner/hostedtoolcache" \
-    "/c/hostedtoolcache/windows"
-  do
-    if [[ ! -d "$root" && "$root" == *\\* ]] && command -v cygpath >/dev/null 2>&1; then
-      root="$(cygpath -u "$root" 2>/dev/null || printf '%s' "$root")"
-    fi
-    if [[ -d "$root/node" ]]; then
-      roots+=("$root/node")
-    elif [[ "$(basename "$root")" == "node" && -d "$root" ]]; then
-      roots+=("$root")
-    fi
-  done
-
-  local node_root candidate candidate_version
-  for node_root in "${roots[@]}"; do
-    while IFS= read -r candidate; do
-      candidate_version="$("$candidate" -p 'process.versions.node' 2>/dev/null || true)"
-      if openclaw_node_version_matches "$candidate_version" "$requested_node"; then
-        printf '%s\n' "$candidate"
-        return 0
-      fi
-    done < <(find "$node_root" \( -name node -o -name node.exe \) -type f 2>/dev/null | sort -r)
-  done
-  return 1
-}
-
-openclaw_resolve_node_download_version() {
-  local requested_node="$1"
-  if [[ "$requested_node" =~ ^v?[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
-    [[ "$requested_node" == v* ]] && printf '%s\n' "$requested_node" || printf 'v%s\n' "$requested_node"
-    return 0
-  fi
-
-  local prefix="${requested_node#v}"
-  prefix="${prefix%%[xX]*}"
-  prefix="v${prefix}"
-  [[ "$prefix" == *. ]] || prefix="${prefix}."
-  curl -fsSL https://nodejs.org/dist/index.json |
-    OPENCLAW_NODE_PREFIX="$prefix" python3 -c 'import json, os, sys
-prefix = os.environ["OPENCLAW_NODE_PREFIX"]
-for item in json.load(sys.stdin):
-    version = item.get("version", "")
-    if version.startswith(prefix):
-        print(version)
-        break
-'
-}
-
-openclaw_node_download_platform() {
-  local os_name arch_name
-  os_name="$(uname -s)"
-  arch_name="$(uname -m)"
-  case "$os_name:$arch_name" in
-    Linux:x86_64) printf 'linux-x64\n' ;;
-    Linux:aarch64 | Linux:arm64) printf 'linux-arm64\n' ;;
-    Darwin:x86_64) printf 'darwin-x64\n' ;;
-    Darwin:arm64) printf 'darwin-arm64\n' ;;
-    MINGW*:x86_64 | MSYS*:x86_64 | CYGWIN*:x86_64 | MINGW*:AMD64 | MSYS*:AMD64 | CYGWIN*:AMD64)
-      printf 'win-x64\n'
-      ;;
-    *)
-      return 1
-      ;;
-  esac
-}
-
-openclaw_download_node() {
-  local requested_node="$1"
-  local version platform archive_url install_root
-  version="$(openclaw_resolve_node_download_version "$requested_node")"
-  platform="$(openclaw_node_download_platform)" || return 1
-  install_root="${RUNNER_TEMP:-/tmp}/openclaw-node-${version}-${platform}"
-  mkdir -p "$install_root"
-  if [[ "$platform" == win-* ]]; then
-    local archive_path
-    archive_url="https://nodejs.org/dist/${version}/node-${version}-${platform}.zip"
-    archive_path="${RUNNER_TEMP:-/tmp}/node-${version}-${platform}.zip"
-    echo "Downloading Node ${version} from ${archive_url}"
-    curl -fsSL "$archive_url" -o "$archive_path"
-    if command -v powershell.exe >/dev/null 2>&1 && command -v cygpath >/dev/null 2>&1; then
-      powershell.exe -NoLogo -NoProfile -Command \
-        "Expand-Archive -LiteralPath '$(cygpath -w "$archive_path")' -DestinationPath '$(cygpath -w "$install_root")' -Force"
-    else
-      unzip -q "$archive_path" -d "$install_root"
-    fi
-    openclaw_prepend_node_bin "$install_root/node-${version}-${platform}"
-    return 0
-  fi
-
-  archive_url="https://nodejs.org/dist/${version}/node-${version}-${platform}.tar.xz"
-  echo "Downloading Node ${version} from ${archive_url}"
-  curl -fsSL "$archive_url" | tar -xJ -C "$install_root" --strip-components=1
-  openclaw_prepend_node_bin "$install_root/bin"
-}
-
-openclaw_ensure_node() {
-  local requested_node="${1:-}"
-  requested_node="${requested_node#v}"
-  if [[ -z "$requested_node" ]]; then
-    return 0
-  fi
-
-  local active_node_version node_bin
-  active_node_version="$(openclaw_active_node_version)"
-  if openclaw_node_version_matches "$active_node_version" "$requested_node"; then
-    echo "Using active Node ${active_node_version} at $(command -v node)"
-    return 0
-  fi
-
-  node_bin="$(openclaw_find_toolcache_node "$requested_node" || true)"
-  if [[ -n "$node_bin" ]]; then
-    echo "Using Node $("$node_bin" -p 'process.versions.node') from $node_bin"
-    openclaw_prepend_node_bin "$(dirname "$node_bin")"
-  else
-    openclaw_download_node "$requested_node" || true
-  fi
-
-  active_node_version="$(openclaw_active_node_version)"
-  if ! openclaw_node_version_matches "$active_node_version" "$requested_node"; then
-    echo "::error::Expected Node '${requested_node}', but active node is '${active_node_version:-missing}' at $(command -v node || true)"
-    return 1
-  fi
-}
--- a/.github/codex/prompts/docs-agent.md
+++ b/.github/codex/prompts/docs-agent.md
@@ -12,7 +12,7 @@ Hard limits:
 - Do not change production code, tests, package metadata, generated baselines, lockfiles, or CI config.
 - Keep changes minimal and factual.
 - Use "plugin/plugins" in user-facing docs/UI/changelog; `extensions/` is only the internal workspace layout.
- Do not add `CHANGELOG.md` entries during normal docs work. Capture user-facing release-note context in the PR body or commit message instead.
+- Do not add a changelog entry unless the docs update describes a user-facing behavior/API change from the triggering commit.

 Allowed paths:

--- a/.github/codex/prompts/mantis-telegram-desktop-proof.md
+++ b/.github/codex/prompts/mantis-telegram-desktop-proof.md
@@ -1,166 +0,0 @@
-# Mantis Telegram Desktop Proof Agent
-
-You are Mantis running native Telegram Desktop visual proof for an OpenClaw PR.
-
-Goal: inspect the pull request, decide whether it has an honest
-Telegram-visible before/after behavior, then either run native Telegram Desktop
-proof or leave a no-visual-proof manifest for the workflow to publish.
-
-Hard limits:
-
- Do not post GitHub comments or reviews. The workflow publishes the manifest.
- Do not commit, push, label, merge, or edit PR metadata.
- Do not print secrets, credential payloads, Telegram profile data, TDLib data,
-  or raw session archives.
- Do not use fixed `/status` proof unless it genuinely proves the PR.
- Do not finish with tiny, cropped-wrong, off-bottom, or sidebar-heavy GIFs.
- Do not invent a generic proof. The proof must match the PR behavior.
- Do not force GIFs for internal-only, workflow-only, test-only, docs-only, or
-  otherwise non-visual PRs. A no-visual-proof manifest is a successful workflow
-  outcome when GIFs would be misleading, but it is not proof that the PR passed.
- Do not skip Telegram-visible PRs just because the proof needs a specific
-  message, mock response, media attachment, command, button, reaction, stop
-  timing, approval prompt, or progress/final delivery sequence. First write a
-  concrete proof plan and try the standard harness path.
- Keep public-facing manifest summaries short and user-domain. Do not mention
-  harness internals, mock-provider limits, secret/trust boundaries, local paths,
-  transcript seeding, or workflow implementation details in the summary.
-
-Inputs are provided as environment variables:
-
- `MANTIS_PR_NUMBER`
- `BASELINE_REF`
- `BASELINE_SHA`
- `CANDIDATE_REF`
- `CANDIDATE_SHA`
- `MANTIS_CANDIDATE_TRUST`
- `MANTIS_OUTPUT_DIR`
- `MANTIS_INSTRUCTIONS`
- `CRABBOX_PROVIDER`
- `OPENCLAW_TELEGRAM_USER_PROOF_CMD`
- optional `CRABBOX_LEASE_ID`
-
-Required workflow:
-
-1. Read `.agents/skills/telegram-crabbox-e2e-proof/SKILL.md`.
-2. Inspect the PR with `gh pr view "$MANTIS_PR_NUMBER"` and
-   `gh pr diff "$MANTIS_PR_NUMBER"`.
-3. Decide whether the PR has a visibly reproducible Telegram Desktop
-   before/after. Treat these as visible until proven otherwise: message text
-   formatting/content, progress drafts, native drafts, final delivery, media or
-   document delivery, inline buttons, approval prompts, stop/abort behavior,
-   reactions/status indicators, guest/inline responses, TTS/voice/audio
-   delivery, and routing changes whose result is visible in the chat. For those
-   PRs, define the exact Telegram stimulus and expected main/PR visual delta
-   before deciding to skip.
-
-   If the PR does not have a Telegram-visible before/after, write
-   `${MANTIS_OUTPUT_DIR}/mantis-evidence.json` with `comparison.pass: true`, no
-   artifacts, and a summary that starts with
-   `Mantis did not generate before/after GIFs because`. Include a short
-   public reason, such as `the PR changes internal session bookkeeping rather
-than Telegram-visible behavior`. Use this manifest shape and do not create
-   worktrees or start Crabbox for this case:
-
-   ```json
-   {
-     "schemaVersion": 1,
-     "id": "telegram-desktop-proof",
-     "title": "Mantis Telegram Desktop Proof",
-     "summary": "Mantis did not generate before/after GIFs because <reason>.",
-     "scenario": "telegram-desktop-proof",
-     "comparison": {
-       "baseline": {
-         "ref": "<BASELINE_REF>",
-         "sha": "<BASELINE_SHA>",
-         "expected": "no visible Telegram Desktop delta",
-         "status": "skipped"
-       },
-       "candidate": {
-         "ref": "<CANDIDATE_REF>",
-         "sha": "<CANDIDATE_SHA>",
-         "expected": "no visible Telegram Desktop delta",
-         "status": "skipped",
-         "fixed": true
-       },
-       "pass": true
-     },
-     "artifacts": []
-   }
-   ```
-
-   If the PR appears visual but proof is blocked by Telegram Desktop session
-   state, authorization, credentials, Crabbox, missing Telegram client support,
-   unavailable media/provider setup, or another capture-infrastructure issue,
-   do not describe it as a no-visual PR. Write a manifest with
-   `comparison.pass: false`, skipped lanes, no artifacts, and a summary that
-   starts with `Mantis could not capture Telegram Desktop proof because`. The
-   publisher will keep that out of PR comments so the failure stays in the
-   workflow logs and artifacts.
-
-4. Decide what Telegram message, mock model response, command, callback, button,
-   media, or sequence best proves the PR. Use `MANTIS_INSTRUCTIONS` as extra
-   maintainer guidance, not as a replacement for reading the PR.
-5. Create detached worktrees under
-   `.artifacts/qa-e2e/mantis/telegram-desktop-proof-worktrees/baseline` and
-   `.artifacts/qa-e2e/mantis/telegram-desktop-proof-worktrees/candidate`, then
-   install and build each worktree with the repo's normal `pnpm` commands.
-   If `MANTIS_CANDIDATE_TRUST` is `fork-pr-head`, treat the
-   candidate worktree as untrusted fork code: do not pass GitHub, OpenAI,
-   Crabbox, Convex, or other workflow secrets into candidate install, build, or
-   runtime commands. The candidate SUT may receive only the proof runner's
-   short-lived Telegram bot token, generated local config/state paths, and mock
-   model key needed for this isolated proof.
-6. In each worktree, run the real-user Telegram Crabbox proof flow from the
-   skill with `$OPENCLAW_TELEGRAM_USER_PROOF_CMD`; do not run
-   `pnpm qa:telegram-user:crabbox` directly. The proof command comes from the
-   trusted workflow checkout while the current directory controls which
-   baseline or candidate OpenClaw build is tested. Use
-   `$OPENCLAW_TELEGRAM_USER_DRIVER_SCRIPT`, the workflow-provided `crabbox`
-   binary, and the workflow-provided local `ffmpeg`/`ffprobe`; do not generate,
-   install, or patch replacement proof tooling during the run. Use the same
-   proof idea for baseline and candidate. Let `start` return or fail on its
-   own; do not kill it while Crabbox is still waiting for bootstrap. Use a long
-   command timeout for `start`, `send`, `view`, and `finish`. You may iterate
-   and rerun if the visual result is not convincing.
-7. Open Telegram Desktop directly to the newest relevant message with the
-   runner `view` command before finishing each recording. Keep the chat scrolled
-   to the bottom so new proof messages appear in-frame.
-8. Finish each session with `--preview-crop telegram-window`.
-9. Build `${MANTIS_OUTPUT_DIR}/mantis-evidence.json` with:
-
-   ```bash
-   node scripts/mantis/build-telegram-desktop-proof-evidence.mjs \
-     --output-dir "$MANTIS_OUTPUT_DIR" \
-     --baseline-repo-root <baseline-worktree> \
-     --baseline-output-dir <baseline-session-output-dir> \
-     --baseline-ref "$BASELINE_REF" \
-     --baseline-sha "$BASELINE_SHA" \
-     --candidate-repo-root <candidate-worktree> \
-     --candidate-output-dir <candidate-session-output-dir> \
-     --candidate-ref "$CANDIDATE_REF" \
-     --candidate-sha "$CANDIDATE_SHA" \
-     --scenario-label telegram-desktop-proof
-   ```
-
-Visual acceptance:
-
- The GIFs show native Telegram Desktop, not transcript HTML.
- Telegram is in single-chat proof view with no left chat list or right info
-  pane.
- The proof behavior is visible without reading logs.
- Main and PR GIFs are comparable side by side.
- The final relevant message or button is visible near the bottom.
- If one run fails because the PR genuinely changes behavior, still finish the
-  session and produce the manifest if useful visual artifacts exist.
-
-Expected final state:
-
- `${MANTIS_OUTPUT_DIR}/mantis-evidence.json` exists.
- Visual proof manifests contain paired `motionPreview` artifacts labeled
-  `Main` and `This PR`.
- No-visual-proof manifests contain no artifacts and have `comparison.pass:
-true`.
- Capture-infrastructure failure manifests contain no artifacts and have
-  `comparison.pass: false`.
- The worktree can be dirty only under `.artifacts/`.
--- a/.github/labeler.yml
+++ b/.github/labeler.yml
@@ -36,12 +36,6 @@
      - any-glob-to-any-file:
          - "extensions/google-meet/**"
          - "docs/plugins/google-meet.md"
-"plugin: meeting-notes":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/meeting-notes/**"
-          - "docs/plugins/meeting-notes.md"
-          - "src/meeting-notes/**"
 "plugin: migrate-hermes":
  - changed-files:
      - any-glob-to-any-file:
@@ -107,9 +101,7 @@
  - changed-files:
      - any-glob-to-any-file:
          - "extensions/qa-lab/**"
-          - "qa/scenarios/**"
          - "docs/concepts/qa-e2e-automation.md"
-          - "docs/concepts/personal-agent-benchmark-pack.md"
          - "docs/channels/qa-channel.md"
 "channel: signal":
  - changed-files:
@@ -252,10 +244,6 @@
          - "docs/gateway/security.md"
          - "security/**"

-"extensions: admin-http-rpc":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/admin-http-rpc/**"
 "extensions: copilot-proxy":
  - changed-files:
      - any-glob-to-any-file:
@@ -288,15 +276,6 @@
  - changed-files:
      - any-glob-to-any-file:
          - "extensions/memory-wiki/**"
-"extensions: oc-path":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/oc-path/**"
-"extensions: policy":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/policy/**"
-          - "docs/cli/policy.md"
 "extensions: open-prose":
  - changed-files:
      - any-glob-to-any-file:
@@ -471,91 +450,3 @@
  - changed-files:
      - any-glob-to-any-file:
          - "extensions/gradium/**"
-"extensions: amazon-bedrock":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/amazon-bedrock/**"
-"extensions: anthropic-vertex":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/anthropic-vertex/**"
-"extensions: brave":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/brave/**"
-"extensions: chutes":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/chutes/**"
-"extensions: diffs":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/diffs/**"
-"extensions: elevenlabs":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/elevenlabs/**"
-"extensions: firecrawl":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/firecrawl/**"
-"extensions: github-copilot":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/github-copilot/**"
-"extensions: google":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/google/**"
-"extensions: microsoft":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/microsoft/**"
-"extensions: mistral":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/mistral/**"
-"extensions: ollama":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/ollama/**"
-"extensions: opencode":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/opencode/**"
-"extensions: opencode-go":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/opencode-go/**"
-"extensions: openrouter":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/openrouter/**"
-"extensions: openshell":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/openshell/**"
-"extensions: perplexity":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/perplexity/**"
-"extensions: sglang":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/sglang/**"
-"extensions: thread-ownership":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/thread-ownership/**"
-"extensions: vllm":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/vllm/**"
-"extensions: xai":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/xai/**"
-"extensions: zai":
-  - changed-files:
-      - any-glob-to-any-file:
-          - "extensions/zai/**"
--- a/.github/package-trusted-sources.json
+++ b/.github/package-trusted-sources.json
@@ -1,4 +0,0 @@
-{
-  "schemaVersion": 1,
-  "sources": {}
-}
--- a/.github/pull_request_template.md
+++ b/.github/pull_request_template.md
@@ -1,132 +1,159 @@
 ## Summary

-What problem does this PR solve?
-
-
-Why does this matter now?
-
-
-What is the intended outcome?
-
-
-What is intentionally out of scope?
-
-
-What does success look like?
-
-
-What should reviewers focus on?
-
-<details>
-<summary>Summary guidance</summary>
-
-This PR description is the contributor's durable explanation of the change. Write it for human maintainers first; ClawSweeper and Barnacle use the same text to understand intent, proof, risk, and current review state.
-
-Describe the intent and outcome in 2-5 bullets. Avoid restating the diff; reviewers and bots can read the changed files.
+Describe the problem and fix in 2–5 bullets:

 If this PR fixes a plugin beta-release blocker, title it `fix(<plugin-id>): beta blocker - <summary>` and link the matching `Beta blocker: <plugin-name> - <summary>` issue labeled `beta-blocker`. Contributors cannot label PRs, so the title is the PR-side signal for maintainers and automation.

-</details>
+- Problem:
+- Why it matters:
+- What changed:
+- What did NOT change (scope boundary):

-## Linked context
+## Change Type (select all)

-Which issue does this close?
+- [ ] Bug fix
+- [ ] Feature
+- [ ] Refactor required for the fix
+- [ ] Docs
+- [ ] Security hardening
+- [ ] Chore/infra

-Closes #
+## Scope (select all touched areas)

-Which issues, PRs, or discussions are related?
+- [ ] Gateway / orchestration
+- [ ] Skills / tool execution
+- [ ] Auth / tokens
+- [ ] Memory / storage
+- [ ] Integrations
+- [ ] API / contracts
+- [ ] UI / DX
+- [ ] CI/CD / infra

-Related #
+## Linked Issue/PR

-Was this requested by a maintainer or owner?
-
-<details>
-<summary>Linked context guidance</summary>
-
-Link the issue, PR, discussion, maintainer request, or owner request that explains why this PR should exist. Maintainer context helps reviewers and automation distinguish intended work from drive-by churn.
-
-</details>
+- Closes #
+- Related #
+- [ ] This PR fixes a bug or regression

 ## Real behavior proof (required for external PRs)

+External contributors must show after-fix evidence from a real OpenClaw setup. Unit tests, mocks, lint, typechecks, snapshots, and CI are supplemental only. Screenshots are encouraged even for CLI, console, text, or log changes; terminal screenshots and copied live output count. Be mindful of private information like IP addresses, API keys, phone numbers, non-public endpoints, or other private details when providing evidence.
+
 - Behavior or issue addressed:
 - Real environment tested:
 - Exact steps or command run after this patch:
 - Evidence after fix (screenshot, recording, terminal capture, console output, redacted runtime log, linked artifact, or copied live output):
 - Observed result after fix:
 - What was not tested:
- Proof limitations or environment constraints:
 - Before evidence (optional but encouraged):

-<details>
-<summary>Real behavior proof guidance</summary>
+## Root Cause (if applicable)

-External contributors must show after-fix evidence from a real OpenClaw setup. Unit tests, mocks, lint, typechecks, snapshots, and CI are supplemental only.
+For bug fixes or regressions, explain why this happened, not just what changed. Otherwise write `N/A`. If the cause is unclear, write `Unknown`.

-Screenshots are encouraged even for CLI, console, text, or log changes. Terminal screenshots, copied live output, redacted runtime logs, recordings, and linked artifacts count.
+- Root cause:
+- Missing detection / guardrail:
+- Contributing context (if known):

-If your environment cannot produce the ideal proof, explain that under `Proof limitations or environment constraints` so reviewers and ClawSweeper can direct the next step properly.
+## Regression Test Plan (if applicable)

-Be mindful of private information like IP addresses, API keys, phone numbers, non-public endpoints, or other private details when providing evidence.
+For bug fixes or regressions, name the smallest reliable test coverage that should catch this. Otherwise write `N/A`.

-</details>
+- Coverage level that should have caught this:
+  - [ ] Unit test
+  - [ ] Seam / integration test
+  - [ ] End-to-end test
+  - [ ] Existing coverage already sufficient
+- Target test or file:
+- Scenario the test should lock in:
+- Why this is the smallest reliable guardrail:
+- Existing test that already covers this (if any):
+- If no new test is added, why not:

-## Tests and validation
+## User-visible / Behavior Changes

-Which commands did you run?
+List user-visible changes (including defaults/config).  
+If none, write `None`.

+## Diagram (if applicable)

-What regression coverage was added or updated?
+For UI changes or non-trivial logic flows, include a small ASCII diagram reviewers can scan quickly. Otherwise write `N/A`.

+```text
+Before:
+[user action] -> [old state]

-What failed before this fix, if known?
+After:
+[user action] -> [new state] -> [result]
+```

+## Security Impact (required)

-If no test was added, why not?
+- New permissions/capabilities? (`Yes/No`)
+- Secrets/tokens handling changed? (`Yes/No`)
+- New/changed network calls? (`Yes/No`)
+- Command/tool execution surface changed? (`Yes/No`)
+- Data access scope changed? (`Yes/No`)
+- If any `Yes`, explain risk + mitigation:

-<details>
-<summary>Testing guidance</summary>
+## Repro + Verification

-List focused commands, not every incidental check. CI is useful support, but external PRs still need real behavior proof above when behavior changes.
+### Environment

-</details>
+- OS:
+- Runtime/container:
+- Model/provider:
+- Integration/channel (if any):
+- Relevant config (redacted):

-## Risk checklist
+### Steps

-Did user-visible behavior change? (`Yes/No`)
+1.
+2.
+3.

+### Expected

-Did config, environment, or migration behavior change? (`Yes/No`)
+-

+### Actual

-Did security, auth, secrets, network, or tool execution behavior change? (`Yes/No`)
+-

+## Evidence

-What is the highest-risk area?
+Attach at least one:

+- [ ] Failing test/log before + passing after
+- [ ] Trace/log snippets
+- [ ] Screenshot/recording
+- [ ] Perf numbers (if relevant)

-How is that risk mitigated?
+## Human Verification (required)

-<details>
-<summary>Risk guidance</summary>
+What you personally verified (not just CI), and how:

-Use this for author judgment that is not obvious from the diff. ClawSweeper can see touched files, but it cannot know which behavior you think is risky, why the risk is acceptable, or what mitigation reviewers should verify.
+- Verified scenarios:
+- Edge cases checked:
+- What you did **not** verify:

-</details>
+## Review Conversations

-## Current review state
+- [ ] I replied to or resolved every bot review conversation I addressed in this PR.
+- [ ] I left unresolved only the conversations that still need reviewer or maintainer judgment.

-What is the next action?
+If a bot review conversation is addressed by this PR, resolve that conversation yourself. Do not leave bot review conversation cleanup for maintainers.

+## Compatibility / Migration

-What is still waiting on author, maintainer, CI, or external proof?
+- Backward compatible? (`Yes/No`)
+- Config/env changes? (`Yes/No`)
+- Migration needed? (`Yes/No`)
+- If yes, exact upgrade steps:

+## Risks and Mitigations

-Which bot or reviewer comments were addressed?
+List only real risks for this PR. Add/remove entries as needed. If none, write `None`.

-<details>
-<summary>Review state guidance</summary>
-
-Keep this as the durable state for review progress. If useful information appears in comments, fold the current next action or blocker back here so maintainers and ClawSweeper do not need to reconstruct state from comment history.
-
-</details>
+- Risk:
+  - Mitigation:
--- a/.github/workflows/ci-build-artifacts-testbox.yml
+++ b/.github/workflows/ci-build-artifacts-testbox.yml
@@ -41,10 +41,6 @@ jobs:
          set -euo pipefail

          workdir="$GITHUB_WORKSPACE"
-          if [[ -z "$CHECKOUT_TOKEN" ]]; then
-            echo "checkout token is missing" >&2
-            exit 1
-          fi
          auth_header="$(printf 'x-access-token:%s' "$CHECKOUT_TOKEN" | base64 | tr -d '\n')"

          reset_checkout_dir() {
@@ -61,9 +57,9 @@ jobs:
            git -C "$workdir" remote add origin "https://github.com/${CHECKOUT_REPO}"
            git -C "$workdir" config gc.auto 0

-            timeout --signal=TERM --kill-after=10s 30s git -C "$workdir" \
+            timeout --signal=TERM 30s git -C "$workdir" \
              -c protocol.version=2 \
-              -c "http.extraheader=AUTHORIZATION: basic ${auth_header}" \
+              -c "http.https://github.com/.extraheader=AUTHORIZATION: basic ${auth_header}" \
              fetch --no-tags --prune --no-recurse-submodules --depth=1 origin \
              "+${CHECKOUT_SHA}:refs/remotes/origin/ci-target" || return 1

@@ -151,8 +147,6 @@ jobs:

      - name: Build dist on cache miss
        if: steps.dist-cache.outputs.cache-hit != 'true'
-        env:
-          NODE_OPTIONS: --max-old-space-size=8192
        run: pnpm build:ci-artifacts

      - name: Build Control UI on cache miss
@@ -191,15 +185,12 @@ jobs:
          git fetch --no-tags --depth=50 origin "+refs/heads/main:refs/remotes/origin/main"

          node_bin="$(dirname "$(node -p 'process.execPath')")"
+          pnpm_bin="$(command -v pnpm)"
          sudo ln -sf "$node_bin/node" /usr/local/bin/node
          sudo ln -sf "$node_bin/npm" /usr/local/bin/npm
          sudo ln -sf "$node_bin/npx" /usr/local/bin/npx
          sudo ln -sf "$node_bin/corepack" /usr/local/bin/corepack
-          sudo tee /usr/local/bin/pnpm >/dev/null <<'PNPM'
-          #!/usr/bin/env bash
-          exec /usr/local/bin/corepack pnpm "$@"
-          PNPM
-          sudo chmod 0755 /usr/local/bin/pnpm
+          sudo ln -sf "$pnpm_bin" /usr/local/bin/pnpm

      - name: Hydrate Testbox provider env helper
        shell: bash
@@ -229,6 +220,6 @@ jobs:

      - name: Run Testbox
        uses: useblacksmith/run-testbox@5ca05834db1d3813554d1dd109e5f2087a8d7cbc
-        if: success()
+        if: always()
        env:
          FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true"
--- a/.github/workflows/ci-check-testbox.yml
+++ b/.github/workflows/ci-check-testbox.yml
@@ -39,10 +39,6 @@ jobs:
          set -euo pipefail

          workdir="$GITHUB_WORKSPACE"
-          if [[ -z "$CHECKOUT_TOKEN" ]]; then
-            echo "checkout token is missing" >&2
-            exit 1
-          fi
          auth_header="$(printf 'x-access-token:%s' "$CHECKOUT_TOKEN" | base64 | tr -d '\n')"

          reset_checkout_dir() {
@@ -59,9 +55,9 @@ jobs:
            git -C "$workdir" remote add origin "https://github.com/${CHECKOUT_REPO}"
            git -C "$workdir" config gc.auto 0

-            timeout --signal=TERM --kill-after=10s 30s git -C "$workdir" \
+            timeout --signal=TERM 30s git -C "$workdir" \
              -c protocol.version=2 \
-              -c "http.extraheader=AUTHORIZATION: basic ${auth_header}" \
+              -c "http.https://github.com/.extraheader=AUTHORIZATION: basic ${auth_header}" \
              fetch --no-tags --prune --no-recurse-submodules --depth=1 origin \
              "+${CHECKOUT_SHA}:refs/remotes/origin/ci-target" || return 1

@@ -92,15 +88,12 @@ jobs:
          git fetch --no-tags --depth=50 origin "+refs/heads/main:refs/remotes/origin/main"

          node_bin="$(dirname "$(node -p 'process.execPath')")"
+          pnpm_bin="$(command -v pnpm)"
          sudo ln -sf "$node_bin/node" /usr/local/bin/node
          sudo ln -sf "$node_bin/npm" /usr/local/bin/npm
          sudo ln -sf "$node_bin/npx" /usr/local/bin/npx
          sudo ln -sf "$node_bin/corepack" /usr/local/bin/corepack
-          sudo tee /usr/local/bin/pnpm >/dev/null <<'PNPM'
-          #!/usr/bin/env bash
-          exec /usr/local/bin/corepack pnpm "$@"
-          PNPM
-          sudo chmod 0755 /usr/local/bin/pnpm
+          sudo ln -sf "$pnpm_bin" /usr/local/bin/pnpm

      - name: Hydrate Testbox provider env helper
        shell: bash
@@ -110,7 +103,6 @@ jobs:
          ANTHROPIC_API_TOKEN: ${{ secrets.ANTHROPIC_API_TOKEN }}
          CEREBRAS_API_KEY: ${{ secrets.CEREBRAS_API_KEY }}
          DEEPINFRA_API_KEY: ${{ secrets.DEEPINFRA_API_KEY }}
-          FACTORY_API_KEY: ${{ secrets.FACTORY_API_KEY }}
          FIREWORKS_API_KEY: ${{ secrets.FIREWORKS_API_KEY }}
          GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }}
          GOOGLE_API_KEY: ${{ secrets.GOOGLE_API_KEY }}
@@ -131,6 +123,6 @@ jobs:

      - name: Run Testbox
        uses: useblacksmith/run-testbox@5ca05834db1d3813554d1dd109e5f2087a8d7cbc
-        if: success()
+        if: always()
        env:
          FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true"
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
--- a/.github/workflows/clawsweeper-dispatch.yml
+++ b/.github/workflows/clawsweeper-dispatch.yml
@@ -183,7 +183,6 @@ jobs:
          ITEM_NUMBER: ${{ github.event.issue.number }}
          COMMENT_ID: ${{ github.event.comment.id }}
          COMMENT_BODY: ${{ github.event.comment.body }}
-          AUTHOR_ASSOCIATION: ${{ github.event.comment.author_association }}
          SOURCE_ACTION: ${{ github.event.action }}
        run: |
          set -euo pipefail
@@ -214,39 +213,13 @@ jobs:
          else
            echo "::notice::Skipping ClawSweeper comment acknowledgement because no target token is configured."
          fi
-          status_comment_id=""
-          if [ -n "$TARGET_TOKEN" ]; then
-            case "$AUTHOR_ASSOCIATION" in
-              OWNER|MEMBER|COLLABORATOR)
-                status_body="$(printf '%s\n' \
-                  "<!-- clawsweeper-command-ack:$COMMENT_ID -->" \
-                  "🦞👀" \
-                  "ClawSweeper picked this up." \
-                  "" \
-                  "Command router queued. I will update this comment with the next step.")"
-                status_payload="$(jq -nc --arg body "$status_body" '{body:$body}')"
-                status_err="$(mktemp)"
-                if status_response="$(GH_TOKEN="$TARGET_TOKEN" gh api \
-                  "repos/$TARGET_REPO/issues/$ITEM_NUMBER/comments" \
-                  --method POST \
-                  --input - <<< "$status_payload" 2>"$status_err")"; then
-                  status_comment_id="$(jq -r '.id // empty' <<< "$status_response")"
-                else
-                  cat "$status_err" >&2
-                  echo "::warning::Could not create ClawSweeper queued status comment; dispatching command router without one."
-                fi
-                rm -f "$status_err"
-                ;;
-            esac
-          fi
          payload="$(jq -nc \
            --arg target_repo "$TARGET_REPO" \
            --argjson item_number "$ITEM_NUMBER" \
            --argjson comment_id "$COMMENT_ID" \
-            --arg status_comment_id "$status_comment_id" \
            --arg source_event "issue_comment" \
            --arg source_action "$SOURCE_ACTION" \
-            '{event_type:"clawsweeper_comment",client_payload:({target_repo:$target_repo,item_number:$item_number,comment_id:$comment_id,source_event:$source_event,source_action:$source_action,max_comments:"1"} + (if $status_comment_id != "" then {status_comment_id:($status_comment_id|tonumber)} else {} end))}')"
+            '{event_type:"clawsweeper_comment",client_payload:{target_repo:$target_repo,item_number:$item_number,comment_id:$comment_id,source_event:$source_event,source_action:$source_action}}')"
          if GH_TOKEN="$DISPATCH_TOKEN" gh api repos/openclaw/clawsweeper/dispatches \
            --method POST \
            --input - <<< "$payload"; then
--- a/.github/workflows/control-ui-locale-refresh.yml
+++ b/.github/workflows/control-ui-locale-refresh.yml
@@ -137,10 +137,8 @@ jobs:
        env:
          OPENAI_API_KEY: ${{ secrets.OPENCLAW_DOCS_I18N_OPENAI_API_KEY || secrets.OPENAI_API_KEY }}
          ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
-          OPENCLAW_CONTROL_UI_I18N_PROVIDER: ${{ secrets.ANTHROPIC_API_KEY != '' && 'anthropic' || 'openai' }}
-          OPENCLAW_CONTROL_UI_I18N_MODEL: ${{ secrets.ANTHROPIC_API_KEY != '' && 'claude-opus-4-7' || vars.OPENCLAW_CI_OPENAI_MODEL_BARE }}
+          OPENCLAW_CONTROL_UI_I18N_MODEL: ${{ vars.OPENCLAW_CI_OPENAI_MODEL_BARE }}
          OPENCLAW_CONTROL_UI_I18N_THINKING: low
-          OPENCLAW_CONTROL_UI_I18N_AUTH_OPTIONAL: "1"
          LOCALE: ${{ matrix.locale }}
        run: node --import tsx scripts/control-ui-i18n.ts sync --locale "${LOCALE}" --write

--- a/.github/workflows/crabbox-hydrate.yml
+++ b/.github/workflows/crabbox-hydrate.yml
@@ -31,17 +31,10 @@ permissions:

 env:
  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true"
-  PNPM_CONFIG_CHILD_CONCURRENCY: "1"
-  PNPM_CONFIG_MODULES_DIR: "/tmp/openclaw-pnpm-node-modules"
-  PNPM_CONFIG_NETWORK_CONCURRENCY: "1"
-  PNPM_CONFIG_STORE_DIR: "/tmp/openclaw-pnpm-store"
-  PNPM_CONFIG_VERIFY_DEPS_BEFORE_RUN: "false"
-  PNPM_CONFIG_VIRTUAL_STORE_DIR: "/tmp/openclaw-pnpm-virtual-store"

 jobs:
  hydrate:
    name: hydrate
-    if: ${{ inputs.crabbox_job != 'hydrate-github' }}
    runs-on: [self-hosted, "${{ inputs.crabbox_runner_label }}"]
    timeout-minutes: 120
    steps:
@@ -49,128 +42,37 @@ jobs:
        with:
          ref: ${{ inputs.ref || github.ref }}

-      - name: Setup Node.js
-        uses: actions/setup-node@v6
+      - name: Setup Node environment
+        uses: ./.github/actions/setup-node-env
        with:
-          node-version: "24"
-
-      - name: Setup pnpm and dependencies
-        shell: bash
-        env:
-          CI: "true"
-        run: |
-          set -euo pipefail
-
-          export XDG_CACHE_HOME="${XDG_CACHE_HOME:-$RUNNER_TEMP/cache}"
-          export COREPACK_HOME="${COREPACK_HOME:-$XDG_CACHE_HOME/corepack}"
-          export PNPM_HOME="${PNPM_HOME:-$RUNNER_TEMP/pnpm-home}"
-          mkdir -p "$XDG_CACHE_HOME" "$COREPACK_HOME" "$PNPM_HOME"
-          export PATH="$PNPM_HOME:$PATH"
-          {
-            echo "XDG_CACHE_HOME=$XDG_CACHE_HOME"
-            echo "COREPACK_HOME=$COREPACK_HOME"
-            echo "PNPM_HOME=$PNPM_HOME"
-          } >> "$GITHUB_ENV"
-
-          package_manager="$(node -e "const fs = require('node:fs'); const pkg = JSON.parse(fs.readFileSync('package.json', 'utf8')); process.stdout.write(pkg.packageManager || '')")"
-          case "$package_manager" in
-            pnpm@*) ;;
-            *)
-              echo "::error::Expected packageManager to pin pnpm, got '${package_manager:-<empty>}'"
-              exit 1
-              ;;
-          esac
-          corepack enable --install-directory "$PNPM_HOME"
-          for attempt in 1 2 3; do
-            if corepack prepare "$package_manager" --activate; then
-              break
-            fi
-            if [ "$attempt" = 3 ]; then
-              corepack prepare "$package_manager" --activate
-            fi
-            sleep $((attempt * 5))
-          done
-          node_bin="$(dirname "$(node -p 'process.execPath')")"
-          echo "NODE_BIN=$node_bin" >> "$GITHUB_ENV"
-          echo "$node_bin" >> "$GITHUB_PATH"
-          export PATH="$node_bin:$PATH"
-
-          node -v
-          npm -v
-          pnpm -v
-
-          install_args=(
-            install
-            --prefer-offline
-            --ignore-scripts=false
-            --config.engine-strict=false
-            --config.enable-pre-post-scripts=true
-            --config.side-effects-cache=true
-            --frozen-lockfile
-          )
-          append_pnpm_option_arg() {
-            local env_name="$1"
-            local option_name="$2"
-            local value="${!env_name-}"
-            if [ -n "$value" ]; then
-              install_args+=("--${option_name}=${value}")
-            fi
-          }
-          append_pnpm_option_arg PNPM_CONFIG_CHILD_CONCURRENCY child-concurrency
-          append_pnpm_option_arg PNPM_CONFIG_MODULES_DIR modules-dir
-          append_pnpm_option_arg PNPM_CONFIG_NETWORK_CONCURRENCY network-concurrency
-          append_pnpm_option_arg PNPM_CONFIG_VIRTUAL_STORE_DIR virtual-store-dir
-          if [ -n "${PNPM_CONFIG_MODULES_DIR:-}" ]; then
-            mkdir -p "$PNPM_CONFIG_MODULES_DIR"
-            ln -sfn . "$PNPM_CONFIG_MODULES_DIR/node_modules"
-          fi
-          pnpm "${install_args[@]}" || pnpm "${install_args[@]}"
-          if [ -n "${PNPM_CONFIG_MODULES_DIR:-}" ]; then
-            rm -rf node_modules
-            ln -sfn "$PNPM_CONFIG_MODULES_DIR" node_modules
-            ln -sfn . "$PNPM_CONFIG_MODULES_DIR/node_modules"
-          fi
+          install-bun: "false"

      - name: Prepare Crabbox shell
        shell: bash
        run: |
          set -euo pipefail

-          if git rev-parse --is-inside-work-tree >/dev/null 2>&1; then
-            git fetch --no-tags --depth=50 origin "+refs/heads/main:refs/remotes/origin/main"
-          fi
+          git fetch --no-tags --depth=50 origin "+refs/heads/main:refs/remotes/origin/main"

          node_bin="$(dirname "$(node -p 'process.execPath')")"
+          pnpm_bin="$(command -v pnpm)"
          sudo ln -sf "$node_bin/node" /usr/local/bin/node
          sudo ln -sf "$node_bin/npm" /usr/local/bin/npm
          sudo ln -sf "$node_bin/npx" /usr/local/bin/npx
          sudo ln -sf "$node_bin/corepack" /usr/local/bin/corepack
-          sudo tee /usr/local/bin/pnpm >/dev/null <<'PNPM'
-          #!/usr/bin/env bash
-          exec /usr/local/bin/corepack pnpm "$@"
-          PNPM
-          sudo chmod 0755 /usr/local/bin/pnpm
+          sudo ln -sf "$pnpm_bin" /usr/local/bin/pnpm

-      - name: Ensure Docker is running
+      - name: Ensure Docker is available
        shell: bash
        run: |
          set -euo pipefail

          if ! command -v docker >/dev/null 2>&1; then
-            echo "docker not found; installing fallback engine"
-            curl --fail --show-error --location \
-              --connect-timeout "${OPENCLAW_CRABBOX_HYDRATE_DOWNLOAD_CONNECT_TIMEOUT_SECONDS:-15}" \
-              --max-time "${OPENCLAW_CRABBOX_HYDRATE_DOWNLOAD_TIMEOUT_SECONDS:-300}" \
-              --retry "${OPENCLAW_CRABBOX_HYDRATE_DOWNLOAD_RETRIES:-3}" \
-              --retry-delay "${OPENCLAW_CRABBOX_HYDRATE_DOWNLOAD_RETRY_DELAY_SECONDS:-5}" \
-              --retry-all-errors \
-              https://get.docker.com | sudo sh
+            curl -fsSL https://get.docker.com | sudo sh
          fi

          if command -v systemctl >/dev/null 2>&1; then
-            sudo systemctl start docker || true
-          elif command -v service >/dev/null 2>&1; then
-            sudo service docker start || true
+            sudo systemctl start docker
          fi

          if [ -S /var/run/docker.sock ]; then
@@ -180,42 +82,30 @@ jobs:
            sudo chmod 666 /var/run/docker.sock
          fi

-          if ! docker buildx version >/dev/null 2>&1; then
-            arch="$(uname -m)"
-            case "$arch" in
-              aarch64|arm64) buildx_arch=arm64 ;;
-              x86_64|amd64) buildx_arch=amd64 ;;
-              *) echo "unsupported buildx arch: $arch" >&2; exit 2 ;;
-            esac
-            buildx_version="${DOCKER_BUILDX_VERSION:-v0.15.1}"
-            mkdir -p "$HOME/.docker/cli-plugins"
-            curl --fail --show-error --location \
-              --connect-timeout "${OPENCLAW_CRABBOX_HYDRATE_DOWNLOAD_CONNECT_TIMEOUT_SECONDS:-15}" \
-              --max-time "${OPENCLAW_CRABBOX_HYDRATE_DOWNLOAD_TIMEOUT_SECONDS:-300}" \
-              --retry "${OPENCLAW_CRABBOX_HYDRATE_DOWNLOAD_RETRIES:-3}" \
-              --retry-delay "${OPENCLAW_CRABBOX_HYDRATE_DOWNLOAD_RETRY_DELAY_SECONDS:-5}" \
-              --retry-all-errors \
-              "https://github.com/docker/buildx/releases/download/${buildx_version}/buildx-${buildx_version}.linux-${buildx_arch}" \
-              -o "$HOME/.docker/cli-plugins/docker-buildx"
-            chmod 0755 "$HOME/.docker/cli-plugins/docker-buildx"
-          fi
-
-          docker version
-          docker buildx version
-          docker compose version || true
-
-      - name: Ensure SSH is available
-        shell: bash
-        run: |
-          set -euo pipefail
-          if command -v systemctl >/dev/null 2>&1; then
-            sudo systemctl start ssh || sudo systemctl start sshd || true
-          elif command -v service >/dev/null 2>&1; then
-            sudo service ssh start || sudo service sshd start || true
-          fi
-
      - name: Hydrate provider env helper
        shell: bash
+        env:
+          ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
+          ANTHROPIC_API_KEY_OLD: ${{ secrets.ANTHROPIC_API_KEY_OLD }}
+          ANTHROPIC_API_TOKEN: ${{ secrets.ANTHROPIC_API_TOKEN }}
+          CEREBRAS_API_KEY: ${{ secrets.CEREBRAS_API_KEY }}
+          DEEPINFRA_API_KEY: ${{ secrets.DEEPINFRA_API_KEY }}
+          FIREWORKS_API_KEY: ${{ secrets.FIREWORKS_API_KEY }}
+          GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }}
+          GOOGLE_API_KEY: ${{ secrets.GOOGLE_API_KEY }}
+          GROQ_API_KEY: ${{ secrets.GROQ_API_KEY }}
+          KIMI_API_KEY: ${{ secrets.KIMI_API_KEY }}
+          MINIMAX_API_KEY: ${{ secrets.MINIMAX_API_KEY }}
+          MISTRAL_API_KEY: ${{ secrets.MISTRAL_API_KEY }}
+          MOONSHOT_API_KEY: ${{ secrets.MOONSHOT_API_KEY }}
+          OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
+          OPENAI_BASE_URL: ${{ secrets.OPENAI_BASE_URL }}
+          OPENROUTER_API_KEY: ${{ secrets.OPENROUTER_API_KEY }}
+          QWEN_API_KEY: ${{ secrets.QWEN_API_KEY }}
+          TOGETHER_API_KEY: ${{ secrets.TOGETHER_API_KEY }}
+          XAI_API_KEY: ${{ secrets.XAI_API_KEY }}
+          ZAI_API_KEY: ${{ secrets.ZAI_API_KEY }}
+          Z_AI_API_KEY: ${{ secrets.Z_AI_API_KEY }}
        run: bash scripts/ci-hydrate-testbox-env.sh

      - name: Mark Crabbox ready
@@ -245,207 +135,7 @@ jobs:
            fi
          }
          {
-            for key in CI GITHUB_ACTIONS GITHUB_WORKSPACE GITHUB_REPOSITORY GITHUB_RUN_ID GITHUB_RUN_NUMBER GITHUB_RUN_ATTEMPT GITHUB_REF GITHUB_REF_NAME GITHUB_SHA GITHUB_EVENT_NAME GITHUB_ACTOR RUNNER_OS RUNNER_ARCH RUNNER_TEMP RUNNER_TOOL_CACHE XDG_CACHE_HOME COREPACK_HOME PNPM_HOME PNPM_CONFIG_CHILD_CONCURRENCY PNPM_CONFIG_MODULES_DIR PNPM_CONFIG_NETWORK_CONCURRENCY PNPM_CONFIG_STORE_DIR PNPM_CONFIG_VERIFY_DEPS_BEFORE_RUN PNPM_CONFIG_VIRTUAL_STORE_DIR; do
-              write_export "$key"
-            done
-          } > "${env_file}.tmp"
-          mv "${env_file}.tmp" "$env_file"
-          {
-            echo "# Docker containers visible from the hydrated runner"
-            docker ps --format '{{.Names}}\t{{.Image}}\t{{.Ports}}' 2>/dev/null || true
-          } > "${services_file}.tmp"
-          mv "${services_file}.tmp" "$services_file"
-          tmp="${state}.tmp"
-          {
-            echo "WORKSPACE=${GITHUB_WORKSPACE}"
-            echo "RUN_ID=${GITHUB_RUN_ID}"
-            echo "JOB=${job}"
-            echo "ENV_FILE=${env_file}"
-            echo "SERVICES_FILE=${services_file}"
-            echo "READY_AT=$(date -u +%Y-%m-%dT%H:%M:%SZ)"
-          } > "$tmp"
-          mv "$tmp" "$state"
-
-      - name: Keep Crabbox job alive
-        shell: bash
-        env:
-          CRABBOX_ID: ${{ inputs.crabbox_id }}
-          CRABBOX_KEEP_ALIVE_MINUTES: ${{ inputs.crabbox_keep_alive_minutes }}
-        run: |
-          set -euo pipefail
-          case "$CRABBOX_ID" in
-            ''|*[!A-Za-z0-9._-]*)
-              echo "Invalid crabbox_id" >&2
-              exit 2
-              ;;
-          esac
-          minutes="${CRABBOX_KEEP_ALIVE_MINUTES}"
-          case "$minutes" in
-            ''|*[!0-9]*) minutes=90 ;;
-          esac
-          stop="$HOME/.crabbox/actions/${CRABBOX_ID}.stop"
-          deadline=$(( $(date +%s) + minutes * 60 ))
-          while [ "$(date +%s)" -lt "$deadline" ]; do
-            if [ -f "$stop" ]; then
-              exit 0
-            fi
-            sleep 15
-          done
-
-  hydrate-github:
-    name: hydrate-github
-    if: ${{ inputs.crabbox_job == 'hydrate-github' }}
-    runs-on: [self-hosted, "${{ inputs.crabbox_runner_label }}"]
-    timeout-minutes: 120
-    steps:
-      - uses: actions/checkout@v6
-        with:
-          ref: ${{ inputs.ref || github.ref }}
-
-      - name: Setup Node environment
-        uses: ./.github/actions/setup-node-env
-        with:
-          install-bun: "false"
-          use-actions-cache: "false"
-
-      - name: Prepare Crabbox shell
-        shell: bash
-        run: |
-          set -euo pipefail
-
-          if git rev-parse --is-inside-work-tree >/dev/null 2>&1; then
-            git fetch --no-tags --depth=50 origin "+refs/heads/main:refs/remotes/origin/main"
-          fi
-
-          node_bin="$(dirname "$(node -p 'process.execPath')")"
-          sudo ln -sf "$node_bin/node" /usr/local/bin/node
-          sudo ln -sf "$node_bin/npm" /usr/local/bin/npm
-          sudo ln -sf "$node_bin/npx" /usr/local/bin/npx
-          sudo ln -sf "$node_bin/corepack" /usr/local/bin/corepack
-          sudo tee /usr/local/bin/pnpm >/dev/null <<'PNPM'
-          #!/usr/bin/env bash
-          exec /usr/local/bin/corepack pnpm "$@"
-          PNPM
-          sudo chmod 0755 /usr/local/bin/pnpm
-
-      - name: Ensure Docker is running
-        shell: bash
-        run: |
-          set -euo pipefail
-
-          if ! command -v docker >/dev/null 2>&1; then
-            echo "docker not found; installing fallback engine"
-            curl --fail --show-error --location \
-              --connect-timeout "${OPENCLAW_CRABBOX_HYDRATE_DOWNLOAD_CONNECT_TIMEOUT_SECONDS:-15}" \
-              --max-time "${OPENCLAW_CRABBOX_HYDRATE_DOWNLOAD_TIMEOUT_SECONDS:-300}" \
-              --retry "${OPENCLAW_CRABBOX_HYDRATE_DOWNLOAD_RETRIES:-3}" \
-              --retry-delay "${OPENCLAW_CRABBOX_HYDRATE_DOWNLOAD_RETRY_DELAY_SECONDS:-5}" \
-              --retry-all-errors \
-              https://get.docker.com | sudo sh
-          fi
-
-          if command -v systemctl >/dev/null 2>&1; then
-            sudo systemctl start docker || true
-          elif command -v service >/dev/null 2>&1; then
-            sudo service docker start || true
-          fi
-
-          if [ -S /var/run/docker.sock ]; then
-            sudo usermod -aG docker "$USER" || true
-            # The runner process keeps its original groups; grant this
-            # ephemeral runner session access without requiring a relogin.
-            sudo chmod 666 /var/run/docker.sock
-          fi
-
-          if ! docker buildx version >/dev/null 2>&1; then
-            arch="$(uname -m)"
-            case "$arch" in
-              aarch64|arm64) buildx_arch=arm64 ;;
-              x86_64|amd64) buildx_arch=amd64 ;;
-              *) echo "unsupported buildx arch: $arch" >&2; exit 2 ;;
-            esac
-            buildx_version="${DOCKER_BUILDX_VERSION:-v0.15.1}"
-            mkdir -p "$HOME/.docker/cli-plugins"
-            curl --fail --show-error --location \
-              --connect-timeout "${OPENCLAW_CRABBOX_HYDRATE_DOWNLOAD_CONNECT_TIMEOUT_SECONDS:-15}" \
-              --max-time "${OPENCLAW_CRABBOX_HYDRATE_DOWNLOAD_TIMEOUT_SECONDS:-300}" \
-              --retry "${OPENCLAW_CRABBOX_HYDRATE_DOWNLOAD_RETRIES:-3}" \
-              --retry-delay "${OPENCLAW_CRABBOX_HYDRATE_DOWNLOAD_RETRY_DELAY_SECONDS:-5}" \
-              --retry-all-errors \
-              "https://github.com/docker/buildx/releases/download/${buildx_version}/buildx-${buildx_version}.linux-${buildx_arch}" \
-              -o "$HOME/.docker/cli-plugins/docker-buildx"
-            chmod 0755 "$HOME/.docker/cli-plugins/docker-buildx"
-          fi
-
-          docker version
-          docker buildx version
-          docker compose version || true
-
-      - name: Ensure SSH is available
-        shell: bash
-        run: |
-          set -euo pipefail
-          if command -v systemctl >/dev/null 2>&1; then
-            sudo systemctl start ssh || sudo systemctl start sshd || true
-          elif command -v service >/dev/null 2>&1; then
-            sudo service ssh start || sudo service sshd start || true
-          fi
-
-      - name: Hydrate provider env helper
-        shell: bash
-        env:
-          ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
-          ANTHROPIC_API_KEY_OLD: ${{ secrets.ANTHROPIC_API_KEY_OLD }}
-          ANTHROPIC_API_TOKEN: ${{ secrets.ANTHROPIC_API_TOKEN }}
-          CEREBRAS_API_KEY: ${{ secrets.CEREBRAS_API_KEY }}
-          DEEPINFRA_API_KEY: ${{ secrets.DEEPINFRA_API_KEY }}
-          FACTORY_API_KEY: ${{ secrets.FACTORY_API_KEY }}
-          FIREWORKS_API_KEY: ${{ secrets.FIREWORKS_API_KEY }}
-          GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }}
-          GOOGLE_API_KEY: ${{ secrets.GOOGLE_API_KEY }}
-          GROQ_API_KEY: ${{ secrets.GROQ_API_KEY }}
-          KIMI_API_KEY: ${{ secrets.KIMI_API_KEY }}
-          MINIMAX_API_KEY: ${{ secrets.MINIMAX_API_KEY }}
-          MISTRAL_API_KEY: ${{ secrets.MISTRAL_API_KEY }}
-          MOONSHOT_API_KEY: ${{ secrets.MOONSHOT_API_KEY }}
-          OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
-          OPENAI_BASE_URL: ${{ secrets.OPENAI_BASE_URL }}
-          OPENROUTER_API_KEY: ${{ secrets.OPENROUTER_API_KEY }}
-          QWEN_API_KEY: ${{ secrets.QWEN_API_KEY }}
-          TOGETHER_API_KEY: ${{ secrets.TOGETHER_API_KEY }}
-          XAI_API_KEY: ${{ secrets.XAI_API_KEY }}
-          ZAI_API_KEY: ${{ secrets.ZAI_API_KEY }}
-          Z_AI_API_KEY: ${{ secrets.Z_AI_API_KEY }}
-        run: bash scripts/ci-hydrate-testbox-env.sh
-
-      - name: Mark Crabbox ready
-        shell: bash
-        env:
-          CRABBOX_ID: ${{ inputs.crabbox_id }}
-          CRABBOX_JOB: ${{ inputs.crabbox_job }}
-        run: |
-          set -euo pipefail
-          job="${CRABBOX_JOB}"
-          if [ -z "$job" ]; then job=hydrate-github; fi
-          case "$CRABBOX_ID" in
-            ''|*[!A-Za-z0-9._-]*)
-              echo "Invalid crabbox_id" >&2
-              exit 2
-              ;;
-          esac
-          mkdir -p "$HOME/.crabbox/actions"
-          state="$HOME/.crabbox/actions/${CRABBOX_ID}.env"
-          env_file="$HOME/.crabbox/actions/${CRABBOX_ID}.env.sh"
-          services_file="$HOME/.crabbox/actions/${CRABBOX_ID}.services"
-          write_export() {
-            key="$1"
-            value="${!key-}"
-            if [ -n "$value" ]; then
-              printf 'export %s=%q\n' "$key" "$value"
-            fi
-          }
-          {
-            for key in CI GITHUB_ACTIONS GITHUB_WORKSPACE GITHUB_REPOSITORY GITHUB_RUN_ID GITHUB_RUN_NUMBER GITHUB_RUN_ATTEMPT GITHUB_REF GITHUB_REF_NAME GITHUB_SHA GITHUB_EVENT_NAME GITHUB_ACTOR RUNNER_OS RUNNER_ARCH RUNNER_TEMP RUNNER_TOOL_CACHE PNPM_CONFIG_CHILD_CONCURRENCY PNPM_CONFIG_MODULES_DIR PNPM_CONFIG_NETWORK_CONCURRENCY PNPM_CONFIG_STORE_DIR PNPM_CONFIG_VERIFY_DEPS_BEFORE_RUN PNPM_CONFIG_VIRTUAL_STORE_DIR; do
+            for key in CI GITHUB_ACTIONS GITHUB_WORKSPACE GITHUB_REPOSITORY GITHUB_RUN_ID GITHUB_RUN_NUMBER GITHUB_RUN_ATTEMPT GITHUB_REF GITHUB_REF_NAME GITHUB_SHA GITHUB_EVENT_NAME GITHUB_ACTOR RUNNER_OS RUNNER_ARCH RUNNER_TEMP RUNNER_TOOL_CACHE; do
              write_export "$key"
            done
          } > "${env_file}.tmp"
--- a/.github/workflows/dependency-change-awareness.yml
+++ b/.github/workflows/dependency-change-awareness.yml
@@ -1,176 +0,0 @@
-name: Dependency Change Awareness
-
-on:
-  pull_request_target: # zizmor: ignore[dangerous-triggers] metadata-only workflow; no checkout or untrusted code execution
-    types: [opened, reopened, synchronize, ready_for_review]
-
-permissions:
-  pull-requests: write
-  issues: write
-
-concurrency:
-  group: dependency-change-awareness-${{ github.event.pull_request.number }}
-  cancel-in-progress: true
-
-jobs:
-  dependency-change-awareness:
-    if: ${{ !github.event.pull_request.draft }}
-    runs-on: ubuntu-24.04
-    timeout-minutes: 5
-    steps:
-      - name: Label and comment on dependency changes
-        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9
-        with:
-          script: |
-            const marker = "<!-- openclaw:dependency-change-awareness -->";
-            const labelName = "dependencies-changed";
-            const maxListedFiles = 25;
-            const pullRequest = context.payload.pull_request;
-
-            if (!pullRequest) {
-              core.info("No pull_request payload found; skipping.");
-              return;
-            }
-
-            const isDependencyFile = (filename) =>
-              filename === "package.json" ||
-              filename === "package-lock.json" ||
-              filename === "npm-shrinkwrap.json" ||
-              filename === "pnpm-lock.yaml" ||
-              filename === "pnpm-workspace.yaml" ||
-              filename === "ui/package.json" ||
-              filename.startsWith("patches/") ||
-              /^packages\/[^/]+\/package\.json$/u.test(filename) ||
-              /^extensions\/[^/]+\/package-lock\.json$/u.test(filename) ||
-              /^extensions\/[^/]+\/npm-shrinkwrap\.json$/u.test(filename) ||
-              /^extensions\/[^/]+\/package\.json$/u.test(filename);
-
-            const sanitizeDisplayValue = (value) =>
-              String(value)
-                .replace(/[\u0000-\u001f\u007f]/gu, "?")
-                .slice(0, 240);
-            const markdownCode = (value) =>
-              `\`${sanitizeDisplayValue(value).replaceAll("`", "\\`")}\``;
-            const ignoreUnavailableWritePermission = (action) => (error) => {
-              if (error?.status === 403) {
-                core.warning(
-                  `Skipping dependency change ${action}; token does not have issue write permission.`,
-                );
-                return;
-              }
-              if (error?.status === 404 || error?.status === 422) {
-                core.warning(`Dependency change ${action} is unavailable.`);
-                return;
-              }
-              throw error;
-            };
-
-            const files = await github.paginate(github.rest.pulls.listFiles, {
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              pull_number: pullRequest.number,
-              per_page: 100,
-            });
-            const dependencyFiles = files
-              .map((file) => file.filename)
-              .filter((filename) => typeof filename === "string" && isDependencyFile(filename))
-              .sort((left, right) => left.localeCompare(right));
-
-            const comments = await github.paginate(github.rest.issues.listComments, {
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              issue_number: pullRequest.number,
-              per_page: 100,
-            });
-            const existingComment = comments.find(
-              (comment) =>
-                comment.user?.login === "github-actions[bot]" && comment.body?.includes(marker),
-            );
-
-            const labels = await github.paginate(github.rest.issues.listLabelsOnIssue, {
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              issue_number: pullRequest.number,
-              per_page: 100,
-            });
-            const hasLabel = labels.some((label) => label.name === labelName);
-
-            if (dependencyFiles.length === 0) {
-              if (hasLabel) {
-                await github.rest.issues.removeLabel({
-                  owner: context.repo.owner,
-                  repo: context.repo.repo,
-                  issue_number: pullRequest.number,
-                  name: labelName,
-                }).catch(ignoreUnavailableWritePermission("label removal"));
-              }
-              if (existingComment) {
-                await github.rest.issues.deleteComment({
-                  owner: context.repo.owner,
-                  repo: context.repo.repo,
-                  comment_id: existingComment.id,
-                }).catch(ignoreUnavailableWritePermission("comment deletion"));
-              }
-              await core.summary
-                .addHeading("Dependency Change Awareness")
-                .addRaw("No dependency-related file changes detected.")
-                .write();
-              core.info("No dependency-related file changes detected.");
-              return;
-            }
-
-            if (!hasLabel) {
-              await github.rest.issues.addLabels({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                issue_number: pullRequest.number,
-                labels: [labelName],
-              }).catch(ignoreUnavailableWritePermission(`label "${labelName}" update`));
-            }
-
-            const listedFiles = dependencyFiles.slice(0, maxListedFiles);
-            const omittedCount = dependencyFiles.length - listedFiles.length;
-            const fileLines = listedFiles.map((filename) => `- ${markdownCode(filename)}`);
-            if (omittedCount > 0) {
-              fileLines.push(`- ${omittedCount} additional dependency-related files not shown`);
-            }
-
-            const body = [
-              marker,
-              "",
-              "### Dependency Changes Detected",
-              "",
-              "This PR changes dependency-related files. Maintainers should confirm these changes are intentional.",
-              "",
-              "Changed files:",
-              ...fileLines,
-              "",
-              "Maintainer follow-up:",
-              "- Review whether the dependency changes are intentional.",
-              "- Inspect resolved package deltas when lockfile, shrinkwrap, or workspace dependency policy changes are present.",
-              "- Treat `package-lock.json` and `npm-shrinkwrap.json` diffs as security-review surfaces.",
-              "- Run `pnpm deps:changes:report -- --base-ref origin/main --markdown /tmp/dependency-changes.md --json /tmp/dependency-changes.json` locally for detailed release-style evidence.",
-            ].join("\n");
-
-            if (existingComment) {
-              await github.rest.issues.updateComment({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                comment_id: existingComment.id,
-                body,
-              }).catch(ignoreUnavailableWritePermission("comment update"));
-            } else {
-              await github.rest.issues.createComment({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                issue_number: pullRequest.number,
-                body,
-              }).catch(ignoreUnavailableWritePermission("comment creation"));
-            }
-
-            await core.summary
-              .addHeading("Dependency Change Awareness")
-              .addRaw(`Detected ${dependencyFiles.length} dependency-related file change(s).`)
-              .addList(dependencyFiles.map((filename) => markdownCode(filename)))
-              .write();
-            core.notice(`Detected ${dependencyFiles.length} dependency-related file change(s).`);
--- a/.github/workflows/docker-release.yml
+++ b/.github/workflows/docker-release.yml
@@ -155,7 +155,7 @@ jobs:
          cache-from: type=gha,scope=docker-release-amd64
          cache-to: type=gha,mode=max,scope=docker-release-amd64
          build-args: |
-            OPENCLAW_EXTENSIONS=diagnostics-otel,codex
+            OPENCLAW_EXTENSIONS=diagnostics-otel
          tags: ${{ steps.tags.outputs.value }}
          labels: ${{ steps.labels.outputs.value }}
          sbom: true
@@ -253,7 +253,7 @@ jobs:
          cache-from: type=gha,scope=docker-release-arm64
          cache-to: type=gha,mode=max,scope=docker-release-arm64
          build-args: |
-            OPENCLAW_EXTENSIONS=diagnostics-otel,codex
+            OPENCLAW_EXTENSIONS=diagnostics-otel
          tags: ${{ steps.tags.outputs.value }}
          labels: ${{ steps.labels.outputs.value }}
          sbom: true
--- a/.github/workflows/docs-sync-publish.yml
+++ b/.github/workflows/docs-sync-publish.yml
@@ -16,37 +16,20 @@ permissions:
 jobs:
  sync-publish-repo:
    runs-on: ubuntu-latest
-    env:
-      OPENCLAW_DOCS_SYNC_TOKEN: ${{ secrets.OPENCLAW_DOCS_SYNC_TOKEN }}
    steps:
-      - name: Skip publish sync without token
-        if: env.OPENCLAW_DOCS_SYNC_TOKEN == ''
-        run: echo "OPENCLAW_DOCS_SYNC_TOKEN is not configured; skipping docs publish repo sync."
-
      - name: Checkout source repo
-        if: env.OPENCLAW_DOCS_SYNC_TOKEN != ''
        uses: actions/checkout@v6
        with:
          fetch-depth: 0

-      - name: Checkout ClawHub docs source
-        if: env.OPENCLAW_DOCS_SYNC_TOKEN != ''
-        uses: actions/checkout@v6
-        with:
-          repository: openclaw/clawhub
-          path: clawhub-source
-          fetch-depth: 1
-          persist-credentials: false
-          token: ${{ env.OPENCLAW_DOCS_SYNC_TOKEN || github.token }}
-
      - name: Setup Node
-        if: env.OPENCLAW_DOCS_SYNC_TOKEN != ''
        uses: actions/setup-node@v6
        with:
-          node-version: "24.x"
+          node-version: "22.18.0"

      - name: Clone publish repo
-        if: env.OPENCLAW_DOCS_SYNC_TOKEN != ''
+        env:
+          OPENCLAW_DOCS_SYNC_TOKEN: ${{ secrets.OPENCLAW_DOCS_SYNC_TOKEN }}
        run: |
          set -euo pipefail
          for attempt in 1 2 3 4 5; do
@@ -64,28 +47,19 @@ jobs:
          exit 1

      - name: Sync docs into publish repo
-        if: env.OPENCLAW_DOCS_SYNC_TOKEN != ''
        run: |
-          clawhub_sha="$(git -C "$GITHUB_WORKSPACE/clawhub-source" rev-parse HEAD)"
          node scripts/docs-sync-publish.mjs \
            --target "$GITHUB_WORKSPACE/publish" \
            --source-repo "$GITHUB_REPOSITORY" \
-            --source-sha "$GITHUB_SHA" \
-            --clawhub-repo "$GITHUB_WORKSPACE/clawhub-source" \
-            --clawhub-source-repo "openclaw/clawhub" \
-            --clawhub-source-sha "$clawhub_sha"
+            --source-sha "$GITHUB_SHA"

      - name: Install docs MDX checker dependency
-        if: env.OPENCLAW_DOCS_SYNC_TOKEN != ''
-        working-directory: publish
        run: npm install --no-save --package-lock=false @mdx-js/mdx@3.1.1

      - name: Check publish docs MDX
-        if: env.OPENCLAW_DOCS_SYNC_TOKEN != ''
        run: node "$GITHUB_WORKSPACE/publish/.openclaw-sync/check-docs-mdx.mjs" "$GITHUB_WORKSPACE/publish/docs"

      - name: Commit publish repo sync
-        if: env.OPENCLAW_DOCS_SYNC_TOKEN != ''
        working-directory: publish
        run: |
          set -euo pipefail
--- a/.github/workflows/docs.yml
+++ b/.github/workflows/docs.yml
@@ -6,7 +6,6 @@ on:
    paths:
      - "**/*.md"
      - "docs/**"
-      - "!CHANGELOG.md"

 permissions:
  contents: read
@@ -36,15 +35,5 @@ jobs:
        with:
          install-bun: "false"

-      - name: Checkout ClawHub docs source
-        uses: actions/checkout@v6
-        with:
-          repository: openclaw/clawhub
-          path: clawhub-source
-          fetch-depth: 1
-          persist-credentials: false
-
      - name: Check docs
-        env:
-          OPENCLAW_DOCS_SYNC_CLAWHUB_REPO: ${{ github.workspace }}/clawhub-source
        run: pnpm check:docs
--- a/.github/workflows/full-release-validation.yml
+++ b/.github/workflows/full-release-validation.yml
--- a/.github/workflows/install-smoke.yml
+++ b/.github/workflows/install-smoke.yml
@@ -100,7 +100,7 @@ jobs:
  install-smoke-fast:
    needs: [preflight]
    if: needs.preflight.outputs.run_fast_install_smoke == 'true' && needs.preflight.outputs.run_full_install_smoke != 'true'
-    runs-on: ubuntu-24.04
+    runs-on: blacksmith-16vcpu-ubuntu-2404
    env:
      DOCKER_BUILD_SUMMARY: "false"
      DOCKER_BUILD_RECORD_UPLOAD: "false"
@@ -109,7 +109,6 @@ jobs:
        uses: actions/checkout@v6
        with:
          ref: ${{ inputs.ref || github.ref }}
-          persist-credentials: false

      - name: Set up Blacksmith Docker Builder
        uses: useblacksmith/setup-docker-builder@722e97d12b1d06a961800dd6c05d79d951ad3c80 # v1
@@ -121,7 +120,7 @@ jobs:
      # builder stalls; an explicit buildx invocation fails closed instead.
      - name: Build root Dockerfile smoke image
        run: |
-          timeout --kill-after=30s 45m docker buildx build \
+          timeout 45m docker buildx build \
            --progress=plain \
            --load \
            --build-arg OPENCLAW_EXTENSIONS=matrix \
@@ -132,15 +131,14 @@ jobs:

      - name: Run root Dockerfile CLI smoke
        run: |
-          timeout --kill-after=30s 20m docker run --rm --entrypoint sh openclaw-dockerfile-smoke:local -lc '
+          docker run --rm --entrypoint sh openclaw-dockerfile-smoke:local -lc '
            which openclaw &&
            openclaw --version &&
            node -e "
              const fs = require(\"node:fs\");
              const path = require(\"node:path\");
-              const YAML = require(\"yaml\");
-              const workspace = YAML.parse(fs.readFileSync(\"/app/pnpm-workspace.yaml\", \"utf8\")) ?? {};
-              for (const [dep, rel] of Object.entries(workspace.patchedDependencies ?? {})) {
+              const pkg = require(\"/app/package.json\");
+              for (const [dep, rel] of Object.entries(pkg.pnpm?.patchedDependencies ?? {})) {
                const absolute = path.join(\"/app\", rel);
                if (!fs.existsSync(absolute)) {
                  throw new Error(`missing patch for ${dep}: ${rel}`);
@@ -163,7 +161,7 @@ jobs:

      - name: Smoke test Dockerfile with matrix extension build arg
        run: |
-          timeout --kill-after=30s 20m docker run --rm --entrypoint sh openclaw-ext-smoke:local -lc '
+          docker run --rm --entrypoint sh openclaw-ext-smoke:local -lc '
            which openclaw &&
            openclaw --version &&
            node -e "
@@ -209,7 +207,7 @@ jobs:
  root_dockerfile_image:
    needs: [preflight]
    if: needs.preflight.outputs.run_full_install_smoke == 'true'
-    runs-on: ubuntu-24.04
+    runs-on: blacksmith-16vcpu-ubuntu-2404
    outputs:
      image_ref: ${{ steps.image.outputs.image_ref }}
    env:
@@ -220,7 +218,6 @@ jobs:
        uses: actions/checkout@v6
        with:
          ref: ${{ inputs.ref || github.ref }}
-          persist-credentials: false

      - name: Log in to GHCR
        uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4
@@ -235,7 +232,7 @@ jobs:
          IMAGE_REF: ${{ needs.preflight.outputs.dockerfile_image }}
        run: |
          set -euo pipefail
-          if timeout --kill-after=30s 180s docker pull "$IMAGE_REF"; then
+          if timeout 180s docker pull "$IMAGE_REF"; then
            echo "exists=true" >> "$GITHUB_OUTPUT"
            echo "Using existing root Dockerfile smoke image: \`$IMAGE_REF\`" >> "$GITHUB_STEP_SUMMARY"
          else
@@ -256,7 +253,7 @@ jobs:
        env:
          IMAGE_REF: ${{ needs.preflight.outputs.dockerfile_image }}
        run: |
-          timeout --kill-after=30s 45m docker buildx build \
+          timeout 45m docker buildx build \
            --progress=plain \
            --push \
            --build-arg OPENCLAW_EXTENSIONS=matrix \
@@ -286,13 +283,12 @@ jobs:
  qr_package_install_smoke:
    needs: [preflight]
    if: needs.preflight.outputs.run_full_install_smoke == 'true'
-    runs-on: ubuntu-24.04
+    runs-on: blacksmith-16vcpu-ubuntu-2404
    steps:
      - name: Checkout CLI
        uses: actions/checkout@v6
        with:
          ref: ${{ inputs.ref || github.ref }}
-          persist-credentials: false

      - name: Run QR package install smoke
        env:
@@ -302,13 +298,12 @@ jobs:
  root_dockerfile_smokes:
    needs: [preflight, root_dockerfile_image]
    if: needs.preflight.outputs.run_full_install_smoke == 'true'
-    runs-on: ubuntu-24.04
+    runs-on: blacksmith-16vcpu-ubuntu-2404
    steps:
      - name: Checkout CLI
        uses: actions/checkout@v6
        with:
          ref: ${{ inputs.ref || github.ref }}
-          persist-credentials: false

      - name: Log in to GHCR
        uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4
@@ -320,28 +315,13 @@ jobs:
      - name: Pull root Dockerfile smoke image
        env:
          IMAGE_REF: ${{ needs.root_dockerfile_image.outputs.image_ref }}
-        run: timeout --kill-after=30s 600s docker pull "$IMAGE_REF"
+        run: timeout 600s docker pull "$IMAGE_REF"

      - name: Run root Dockerfile CLI smoke
        env:
          IMAGE_REF: ${{ needs.root_dockerfile_image.outputs.image_ref }}
        run: |
-          timeout --kill-after=30s 20m docker run --rm --entrypoint sh "$IMAGE_REF" -lc '
-            which openclaw &&
-            openclaw --version &&
-            node -e "
-              const fs = require(\"node:fs\");
-              const path = require(\"node:path\");
-              const YAML = require(\"yaml\");
-              const workspace = YAML.parse(fs.readFileSync(\"/app/pnpm-workspace.yaml\", \"utf8\")) ?? {};
-              for (const [dep, rel] of Object.entries(workspace.patchedDependencies ?? {})) {
-                const absolute = path.join(\"/app\", rel);
-                if (!fs.existsSync(absolute)) {
-                  throw new Error(`missing patch for ${dep}: ${rel}`);
-                }
-              }
-            "
-          '
+          docker run --rm --entrypoint sh "$IMAGE_REF" -lc 'which openclaw && openclaw --version'

      - name: Run agents delete shared workspace Docker CLI smoke
        env:
@@ -359,7 +339,7 @@ jobs:
        env:
          IMAGE_REF: ${{ needs.root_dockerfile_image.outputs.image_ref }}
        run: |
-          timeout --kill-after=30s 20m docker run --rm --entrypoint sh "$IMAGE_REF" -lc '
+          docker run --rm --entrypoint sh "$IMAGE_REF" -lc '
            which openclaw &&
            openclaw --version &&
            node -e "
@@ -405,7 +385,7 @@ jobs:
  installer_smoke:
    needs: [preflight, root_dockerfile_image]
    if: needs.preflight.outputs.run_full_install_smoke == 'true'
-    runs-on: ubuntu-24.04
+    runs-on: blacksmith-16vcpu-ubuntu-2404
    env:
      DOCKER_BUILD_SUMMARY: "false"
      DOCKER_BUILD_RECORD_UPLOAD: "false"
@@ -414,7 +394,6 @@ jobs:
        uses: actions/checkout@v6
        with:
          ref: ${{ inputs.ref || github.ref }}
-          persist-credentials: false

      - name: Log in to GHCR
        uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4
@@ -426,7 +405,7 @@ jobs:
      - name: Pull root Dockerfile smoke image
        env:
          IMAGE_REF: ${{ needs.root_dockerfile_image.outputs.image_ref }}
-        run: timeout --kill-after=30s 600s docker pull "$IMAGE_REF"
+        run: timeout 600s docker pull "$IMAGE_REF"

      - name: Set up Blacksmith Docker Builder
        uses: useblacksmith/setup-docker-builder@722e97d12b1d06a961800dd6c05d79d951ad3c80 # v1
@@ -435,7 +414,7 @@ jobs:

      - name: Build installer smoke image
        run: |
-          timeout --kill-after=30s 20m docker buildx build \
+          timeout 20m docker buildx build \
            --progress=plain \
            --load \
            -t openclaw-install-smoke:local \
@@ -444,7 +423,7 @@ jobs:

      - name: Build installer non-root image
        run: |
-          timeout --kill-after=30s 20m docker buildx build \
+          timeout 20m docker buildx build \
            --progress=plain \
            --load \
            -t openclaw-install-nonroot:local \
@@ -459,10 +438,10 @@ jobs:

      - name: Run installer docker tests
        env:
-          OPENCLAW_INSTALL_URL: file:///tmp/openclaw-install.sh
-          OPENCLAW_INSTALL_CLI_URL: file:///tmp/openclaw-install-cli.sh
+          OPENCLAW_INSTALL_URL: https://openclaw.ai/install.sh
+          OPENCLAW_INSTALL_CLI_URL: https://openclaw.ai/install-cli.sh
          OPENCLAW_NO_ONBOARD: "1"
-          OPENCLAW_INSTALL_SMOKE_SKIP_CLI: "0"
+          OPENCLAW_INSTALL_SMOKE_SKIP_CLI: "1"
          OPENCLAW_INSTALL_SMOKE_SKIP_IMAGE_BUILD: "1"
          OPENCLAW_INSTALL_NONROOT_SKIP_IMAGE_BUILD: "1"
          OPENCLAW_INSTALL_SMOKE_SKIP_NONROOT: "0"
@@ -473,34 +452,15 @@ jobs:
          OPENCLAW_INSTALL_SMOKE_UPDATE_SKIP_LOCAL_BUILD: "1"
        run: bash scripts/test-install-sh-docker.sh

-      - name: Run Rocky Linux installer smoke
-        run: |
-          timeout --kill-after=30s 20m docker run --rm \
-            -e OPENCLAW_NO_ONBOARD=1 \
-            -e OPENCLAW_NO_PROMPT=1 \
-            -v "$PWD/scripts/install.sh:/tmp/install.sh:ro" \
-            rockylinux:9@sha256:d7be1c094cc5845ee815d4632fe377514ee6ebcf8efaed6892889657e5ddaaa6 \
-            bash -lc 'dnf install -y -q ca-certificates tar gzip xz findutils which sudo >/dev/null && bash /tmp/install.sh --install-method npm --version latest --no-onboard --no-prompt --verify && openclaw --version'
-
-      - name: Run Rocky Linux CLI installer smoke
-        run: |
-          timeout --kill-after=30s 20m docker run --rm \
-            -e OPENCLAW_NO_ONBOARD=1 \
-            -e OPENCLAW_NO_PROMPT=1 \
-            -v "$PWD/scripts/install-cli.sh:/tmp/install-cli.sh:ro" \
-            rockylinux:9@sha256:d7be1c094cc5845ee815d4632fe377514ee6ebcf8efaed6892889657e5ddaaa6 \
-            bash -lc 'dnf install -y -q ca-certificates tar gzip xz findutils which sudo >/dev/null && bash /tmp/install-cli.sh --prefix /tmp/openclaw-cli --version latest --no-onboard && /tmp/openclaw-cli/bin/openclaw --version'
-
  bun_global_install_smoke:
    needs: [preflight, root_dockerfile_image]
    if: needs.preflight.outputs.run_full_install_smoke == 'true' && needs.preflight.outputs.run_bun_global_install_smoke == 'true'
-    runs-on: ubuntu-24.04
+    runs-on: blacksmith-16vcpu-ubuntu-2404
    steps:
      - name: Checkout CLI
        uses: actions/checkout@v6
        with:
          ref: ${{ inputs.ref || github.ref }}
-          persist-credentials: false

      - name: Log in to GHCR
        uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4
@@ -512,7 +472,7 @@ jobs:
      - name: Pull root Dockerfile smoke image
        env:
          IMAGE_REF: ${{ needs.root_dockerfile_image.outputs.image_ref }}
-        run: timeout --kill-after=30s 600s docker pull "$IMAGE_REF"
+        run: timeout 600s docker pull "$IMAGE_REF"

      - name: Setup Node environment for Bun smoke
        uses: ./.github/actions/setup-node-env
@@ -529,7 +489,7 @@ jobs:
  docker-e2e-fast:
    needs: [preflight]
    if: needs.preflight.outputs.run_fast_install_smoke == 'true' || needs.preflight.outputs.run_full_install_smoke == 'true'
-    runs-on: ubuntu-24.04
+    runs-on: blacksmith-16vcpu-ubuntu-2404
    timeout-minutes: 12
    env:
      DOCKER_BUILD_SUMMARY: "false"
@@ -539,7 +499,6 @@ jobs:
        uses: actions/checkout@v6
        with:
          ref: ${{ inputs.ref || github.ref }}
-          persist-credentials: false

      - name: Set up Blacksmith Docker Builder
        uses: useblacksmith/setup-docker-builder@722e97d12b1d06a961800dd6c05d79d951ad3c80 # v1
--- a/.github/workflows/labeler.yml
+++ b/.github/workflows/labeler.yml
@@ -89,10 +89,10 @@ jobs:
              per_page: 100,
            });

-            const excludedLockfiles = new Set(["pnpm-lock.yaml", "package-lock.json", "npm-shrinkwrap.json", "yarn.lock", "bun.lockb"]);
+            const excludedLockfiles = new Set(["pnpm-lock.yaml", "package-lock.json", "yarn.lock", "bun.lockb"]);
            const totalChangedLines = files.reduce((total, file) => {
              const path = file.filename ?? "";
-              if (path.startsWith("docs/") || excludedLockfiles.has(path) || path.endsWith("/package-lock.json") || path.endsWith("/npm-shrinkwrap.json")) {
+              if (path.startsWith("docs/") || excludedLockfiles.has(path)) {
                return total;
              }
              return total + (file.additions ?? 0) + (file.deletions ?? 0);
@@ -603,10 +603,10 @@ jobs:
                per_page: 100,
              });

-              const excludedLockfiles = new Set(["pnpm-lock.yaml", "package-lock.json", "npm-shrinkwrap.json", "yarn.lock", "bun.lockb"]);
+              const excludedLockfiles = new Set(["pnpm-lock.yaml", "package-lock.json", "yarn.lock", "bun.lockb"]);
              const totalChangedLines = files.reduce((total, file) => {
                const path = file.filename ?? "";
-                if (path.startsWith("docs/") || excludedLockfiles.has(path) || path.endsWith("/package-lock.json") || path.endsWith("/npm-shrinkwrap.json")) {
+                if (path.startsWith("docs/") || excludedLockfiles.has(path)) {
                  return total;
                }
                return total + (file.additions ?? 0) + (file.deletions ?? 0);
@@ -760,7 +760,6 @@ jobs:
            core.info(`Processed ${processed} pull requests.`);

  label-issues:
-    if: github.event_name == 'issues'
    permissions:
      issues: write
    runs-on: ubuntu-24.04
--- a/.github/workflows/macos-release.yml
+++ b/.github/workflows/macos-release.yml
@@ -24,7 +24,8 @@ concurrency:

 env:
  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true"
-  NODE_VERSION: "24.15.0"
+  NODE_VERSION: "24.x"
+  PNPM_VERSION: "10.32.1"

 jobs:
  validate_macos_release_request:
@@ -52,6 +53,7 @@ jobs:
        uses: ./.github/actions/setup-node-env
        with:
          node-version: ${{ env.NODE_VERSION }}
+          pnpm-version: ${{ env.PNPM_VERSION }}
          install-bun: "false"

      - name: Ensure matching GitHub release exists
@@ -96,5 +98,5 @@ jobs:
            echo "- Run \`openclaw/releases-private/.github/workflows/openclaw-macos-validate.yml\` with tag \`${RELEASE_TAG}\` and wait for the private mac validation lane to pass."
            echo "- Run \`openclaw/releases-private/.github/workflows/openclaw-macos-publish.yml\` with tag \`${RELEASE_TAG}\` and \`preflight_only=true\` for the full private mac preflight."
            echo "- For the real publish path, run the same private mac publish workflow from \`main\` with the successful private preflight \`preflight_run_id\` so it promotes the prepared artifacts instead of rebuilding them."
-            echo "- For stable releases, the private publish workflow also publishes the signed \`appcast.xml\` to public \`main\`, or opens an appcast PR if direct push is blocked."
+            echo "- For stable releases, also download \`macos-appcast-${RELEASE_TAG}\` from the successful private run and commit \`appcast.xml\` back to \`main\` in \`openclaw/openclaw\`."
          } >> "$GITHUB_STEP_SUMMARY"
--- a/.github/workflows/mantis-discord-smoke.yml
+++ b/.github/workflows/mantis-discord-smoke.yml
@@ -25,6 +25,7 @@ concurrency:
 env:
  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true"
  NODE_VERSION: "24.x"
+  PNPM_VERSION: "10.33.0"
  OPENCLAW_BUILD_PRIVATE_QA: "1"
  OPENCLAW_ENABLE_PRIVATE_QA_CLI: "1"

@@ -32,11 +33,8 @@ jobs:
  authorize_actor:
    name: Authorize workflow actor
    runs-on: blacksmith-8vcpu-ubuntu-2404
-    outputs:
-      authorized: ${{ steps.permission.outputs.authorized }}
    steps:
      - name: Require maintainer-level repository access
-        id: permission
        uses: actions/github-script@v8
        with:
          script: |
@@ -50,18 +48,14 @@ jobs:
            const permission = data.permission;
            core.info(`Actor ${context.actor} permission: ${permission}`);
            if (!allowed.has(permission)) {
-              core.notice(
+              core.setFailed(
                `Workflow requires write/maintain/admin access. Actor "${context.actor}" has "${permission}".`,
              );
-              core.setOutput("authorized", "false");
-              return;
            }
-            core.setOutput("authorized", "true");

  validate_selected_ref:
    name: Validate selected ref
    needs: authorize_actor
-    if: needs.authorize_actor.outputs.authorized == 'true'
    runs-on: blacksmith-8vcpu-ubuntu-2404
    outputs:
      selected_revision: ${{ steps.validate.outputs.selected_revision }}
@@ -141,6 +135,7 @@ jobs:
        uses: ./.github/actions/setup-node-env
        with:
          node-version: ${{ env.NODE_VERSION }}
+          pnpm-version: ${{ env.PNPM_VERSION }}
          install-bun: "true"

      - name: Build private QA runtime
@@ -166,7 +161,7 @@ jobs:

      - name: Upload Mantis artifacts
        if: always()
-        uses: actions/upload-artifact@v7
+        uses: actions/upload-artifact@v4
        with:
          name: mantis-discord-smoke-${{ github.run_id }}-${{ github.run_attempt }}
          path: .artifacts/qa-e2e/mantis/
--- a/.github/workflows/mantis-discord-status-reactions.yml
+++ b/.github/workflows/mantis-discord-status-reactions.yml
@@ -21,7 +21,7 @@ on:
        type: string

 permissions:
-  contents: read
+  contents: write
  issues: write
  pull-requests: write

@@ -32,6 +32,7 @@ concurrency:
 env:
  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true"
  NODE_VERSION: "24.x"
+  PNPM_VERSION: "10.33.0"
  OPENCLAW_BUILD_PRIVATE_QA: "1"
  OPENCLAW_ENABLE_PRIVATE_QA_CLI: "1"

@@ -45,17 +46,15 @@ jobs:
          github.event_name == 'issue_comment' &&
          github.event.issue.pull_request &&
          (
-            contains(github.event.comment.body, '@openclaw-mantis') ||
-            contains(github.event.comment.body, '/openclaw-mantis')
+            contains(github.event.comment.body, '@Mantis') ||
+            contains(github.event.comment.body, '@mantis') ||
+            contains(github.event.comment.body, '/mantis')
          )
        )
      }}
    runs-on: blacksmith-8vcpu-ubuntu-2404
-    outputs:
-      authorized: ${{ steps.permission.outputs.authorized }}
    steps:
      - name: Require maintainer-level repository access
-        id: permission
        uses: actions/github-script@v8
        with:
          script: |
@@ -69,18 +68,14 @@ jobs:
            const permission = data.permission;
            core.info(`Actor ${context.actor} permission: ${permission}`);
            if (!allowed.has(permission)) {
-              core.notice(
+              core.setFailed(
                `Workflow requires write/maintain/admin access. Actor "${context.actor}" has "${permission}".`,
              );
-              core.setOutput("authorized", "false");
-              return;
            }
-            core.setOutput("authorized", "true");

  resolve_request:
    name: Resolve Mantis request
    needs: authorize_actor
-    if: needs.authorize_actor.outputs.authorized == 'true'
    runs-on: blacksmith-8vcpu-ubuntu-2404
    outputs:
      baseline_ref: ${{ steps.resolve.outputs.baseline_ref }}
@@ -126,7 +121,7 @@ jobs:

            const normalized = body.toLowerCase();
            const requested =
-              (normalized.includes("@openclaw-mantis") || normalized.includes("/openclaw-mantis")) &&
+              (normalized.includes("@mantis") || normalized.includes("/mantis")) &&
              normalized.includes("discord") &&
              normalized.includes("status") &&
              normalized.includes("reaction");
@@ -254,6 +249,7 @@ jobs:
        uses: ./.github/actions/setup-node-env
        with:
          node-version: ${{ env.NODE_VERSION }}
+          pnpm-version: ${{ env.PNPM_VERSION }}
          install-bun: "true"

      - name: Build Mantis harness
@@ -346,8 +342,8 @@ jobs:
              --repo-root "$repo_root" \
              --output-dir "$output_dir" \
              --provider-mode live-frontier \
-              --model openai/gpt-5.5 \
-              --alt-model openai/gpt-5.5 \
+              --model openai/gpt-5.4 \
+              --alt-model openai/gpt-5.4 \
              --fast \
              --credential-source convex \
              --credential-role ci \
@@ -526,7 +522,7 @@ jobs:
      - name: Upload Mantis status reaction artifacts
        id: upload_artifact
        if: ${{ always() && steps.run_mantis.outputs.output_dir != '' }}
-        uses: actions/upload-artifact@v7
+        uses: actions/upload-artifact@v4
        with:
          name: mantis-discord-status-reactions-${{ github.run_id }}-${{ github.run_attempt }}
          path: ${{ steps.run_mantis.outputs.output_dir }}
@@ -542,6 +538,7 @@ jobs:
          private-key: ${{ secrets.MANTIS_GITHUB_APP_PRIVATE_KEY }}
          owner: ${{ github.repository_owner }}
          repositories: ${{ github.event.repository.name }}
+          permission-contents: write
          permission-issues: write
          permission-pull-requests: write

@@ -549,15 +546,9 @@ jobs:
        if: ${{ always() && needs.resolve_request.outputs.pr_number != '' && steps.run_mantis.outputs.output_dir != '' }}
        env:
          GH_TOKEN: ${{ steps.mantis_app_token.outputs.token }}
-          ARTIFACT_URL: ${{ steps.upload_artifact.outputs.artifact-url }}
-          MANTIS_ARTIFACT_R2_ACCESS_KEY_ID: ${{ secrets.MANTIS_ARTIFACT_R2_ACCESS_KEY_ID }}
-          MANTIS_ARTIFACT_R2_BUCKET: openclaw-crabbox-artifacts
-          MANTIS_ARTIFACT_R2_ENDPOINT: ${{ vars.MANTIS_ARTIFACT_R2_ENDPOINT }}
-          MANTIS_ARTIFACT_R2_PUBLIC_BASE_URL: https://artifacts.openclaw.ai
-          MANTIS_ARTIFACT_R2_REGION: auto
-          MANTIS_ARTIFACT_R2_SECRET_ACCESS_KEY: ${{ secrets.MANTIS_ARTIFACT_R2_SECRET_ACCESS_KEY }}
-          REQUEST_SOURCE: ${{ needs.resolve_request.outputs.request_source }}
          TARGET_PR: ${{ needs.resolve_request.outputs.pr_number }}
+          ARTIFACT_URL: ${{ steps.upload_artifact.outputs.artifact-url }}
+          REQUEST_SOURCE: ${{ needs.resolve_request.outputs.request_source }}
        shell: bash
        run: |
          set -euo pipefail
@@ -571,44 +562,3 @@ jobs:
            --artifact-url "$ARTIFACT_URL" \
            --run-url "https://github.com/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}" \
            --request-source "$REQUEST_SOURCE"
-
-  clear_issue_comment_reaction:
-    name: Clear Mantis command reaction
-    needs: [resolve_request, validate_refs, run_status_reactions]
-    if: ${{ always() && github.event_name == 'issue_comment' && needs.resolve_request.outputs.request_source == 'issue_comment' }}
-    runs-on: ubuntu-24.04
-    permissions:
-      issues: write
-    steps:
-      - name: Remove workflow eyes reaction
-        uses: actions/github-script@v8
-        with:
-          script: |
-            const { owner, repo } = context.repo;
-            const commentId = context.payload.comment?.id;
-            if (!commentId) {
-              core.info("No issue comment id found; skipping reaction cleanup.");
-              return;
-            }
-
-            const reactions = await github.paginate(github.rest.reactions.listForIssueComment, {
-              owner,
-              repo,
-              comment_id: commentId,
-              per_page: 100,
-            });
-            const eyes = reactions.filter(
-              (reaction) => reaction.content === "eyes" && reaction.user?.login === "github-actions[bot]",
-            );
-            for (const reaction of eyes) {
-              await github.rest.reactions.deleteForIssueComment({
-                owner,
-                repo,
-                comment_id: commentId,
-                reaction_id: reaction.id,
-              });
-              core.info(`Removed eyes reaction ${reaction.id} from comment ${commentId}.`);
-            }
-            if (eyes.length === 0) {
-              core.info(`No workflow eyes reaction found on comment ${commentId}.`);
-            }
--- a/.github/workflows/mantis-discord-thread-attachment.yml
+++ b/.github/workflows/mantis-discord-thread-attachment.yml
@@ -21,7 +21,7 @@ on:
        type: string

 permissions:
-  contents: read
+  contents: write
  issues: write
  pull-requests: write

@@ -32,6 +32,7 @@ concurrency:
 env:
  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true"
  NODE_VERSION: "24.x"
+  PNPM_VERSION: "10.33.0"
  OPENCLAW_BUILD_PRIVATE_QA: "1"
  OPENCLAW_ENABLE_PRIVATE_QA_CLI: "1"

@@ -45,17 +46,15 @@ jobs:
          github.event_name == 'issue_comment' &&
          github.event.issue.pull_request &&
          (
-            contains(github.event.comment.body, '@openclaw-mantis') ||
-            contains(github.event.comment.body, '/openclaw-mantis')
+            contains(github.event.comment.body, '@Mantis') ||
+            contains(github.event.comment.body, '@mantis') ||
+            contains(github.event.comment.body, '/mantis')
          )
        )
      }}
    runs-on: blacksmith-8vcpu-ubuntu-2404
-    outputs:
-      authorized: ${{ steps.permission.outputs.authorized }}
    steps:
      - name: Require maintainer-level repository access
-        id: permission
        uses: actions/github-script@v8
        with:
          script: |
@@ -69,18 +68,14 @@ jobs:
            const permission = data.permission;
            core.info(`Actor ${context.actor} permission: ${permission}`);
            if (!allowed.has(permission)) {
-              core.notice(
+              core.setFailed(
                `Workflow requires write/maintain/admin access. Actor "${context.actor}" has "${permission}".`,
              );
-              core.setOutput("authorized", "false");
-              return;
            }
-            core.setOutput("authorized", "true");

  resolve_request:
    name: Resolve Mantis request
    needs: authorize_actor
-    if: needs.authorize_actor.outputs.authorized == 'true'
    runs-on: blacksmith-8vcpu-ubuntu-2404
    outputs:
      baseline_ref: ${{ steps.resolve.outputs.baseline_ref }}
@@ -126,7 +121,7 @@ jobs:

            const normalized = body.toLowerCase();
            const requested =
-              (normalized.includes("@openclaw-mantis") || normalized.includes("/openclaw-mantis")) &&
+              (normalized.includes("@mantis") || normalized.includes("/mantis")) &&
              normalized.includes("discord") &&
              normalized.includes("thread") &&
              (normalized.includes("attachment") ||
@@ -244,6 +239,7 @@ jobs:
        uses: ./.github/actions/setup-node-env
        with:
          node-version: ${{ env.NODE_VERSION }}
+          pnpm-version: ${{ env.PNPM_VERSION }}
          install-bun: "true"

      - name: Build Mantis harness
@@ -534,7 +530,7 @@ jobs:
      - name: Upload Mantis thread attachment artifacts
        id: upload_artifact
        if: ${{ always() && steps.run_mantis.outputs.output_dir != '' }}
-        uses: actions/upload-artifact@v7
+        uses: actions/upload-artifact@v4
        with:
          name: mantis-discord-thread-attachment-${{ github.run_id }}-${{ github.run_attempt }}
          path: ${{ steps.run_mantis.outputs.output_dir }}
@@ -550,6 +546,7 @@ jobs:
          private-key: ${{ secrets.MANTIS_GITHUB_APP_PRIVATE_KEY }}
          owner: ${{ github.repository_owner }}
          repositories: ${{ github.event.repository.name }}
+          permission-contents: write
          permission-issues: write
          permission-pull-requests: write

@@ -557,15 +554,9 @@ jobs:
        if: ${{ always() && needs.resolve_request.outputs.pr_number != '' && steps.run_mantis.outputs.output_dir != '' }}
        env:
          GH_TOKEN: ${{ steps.mantis_app_token.outputs.token }}
-          ARTIFACT_URL: ${{ steps.upload_artifact.outputs.artifact-url }}
-          MANTIS_ARTIFACT_R2_ACCESS_KEY_ID: ${{ secrets.MANTIS_ARTIFACT_R2_ACCESS_KEY_ID }}
-          MANTIS_ARTIFACT_R2_BUCKET: openclaw-crabbox-artifacts
-          MANTIS_ARTIFACT_R2_ENDPOINT: ${{ vars.MANTIS_ARTIFACT_R2_ENDPOINT }}
-          MANTIS_ARTIFACT_R2_PUBLIC_BASE_URL: https://artifacts.openclaw.ai
-          MANTIS_ARTIFACT_R2_REGION: auto
-          MANTIS_ARTIFACT_R2_SECRET_ACCESS_KEY: ${{ secrets.MANTIS_ARTIFACT_R2_SECRET_ACCESS_KEY }}
-          REQUEST_SOURCE: ${{ needs.resolve_request.outputs.request_source }}
          TARGET_PR: ${{ needs.resolve_request.outputs.pr_number }}
+          ARTIFACT_URL: ${{ steps.upload_artifact.outputs.artifact-url }}
+          REQUEST_SOURCE: ${{ needs.resolve_request.outputs.request_source }}
        shell: bash
        run: |
          set -euo pipefail
@@ -593,44 +584,3 @@ jobs:
        run: |
          echo "Mantis comparison failed." >&2
          exit 1
-
-  clear_issue_comment_reaction:
-    name: Clear Mantis command reaction
-    needs: [resolve_request, validate_candidate, run_thread_attachment]
-    if: ${{ always() && github.event_name == 'issue_comment' && needs.resolve_request.outputs.request_source == 'issue_comment' }}
-    runs-on: ubuntu-24.04
-    permissions:
-      issues: write
-    steps:
-      - name: Remove workflow eyes reaction
-        uses: actions/github-script@v8
-        with:
-          script: |
-            const { owner, repo } = context.repo;
-            const commentId = context.payload.comment?.id;
-            if (!commentId) {
-              core.info("No issue comment id found; skipping reaction cleanup.");
-              return;
-            }
-
-            const reactions = await github.paginate(github.rest.reactions.listForIssueComment, {
-              owner,
-              repo,
-              comment_id: commentId,
-              per_page: 100,
-            });
-            const eyes = reactions.filter(
-              (reaction) => reaction.content === "eyes" && reaction.user?.login === "github-actions[bot]",
-            );
-            for (const reaction of eyes) {
-              await github.rest.reactions.deleteForIssueComment({
-                owner,
-                repo,
-                comment_id: commentId,
-                reaction_id: reaction.id,
-              });
-              core.info(`Removed eyes reaction ${reaction.id} from comment ${commentId}.`);
-            }
-            if (eyes.length === 0) {
-              core.info(`No workflow eyes reaction found on comment ${commentId}.`);
-            }
--- a/.github/workflows/mantis-scenario.yml
+++ b/.github/workflows/mantis-scenario.yml
@@ -12,8 +12,6 @@ on:
          - discord-status-reactions-tool-only
          - discord-thread-reply-filepath-attachment
          - slack-desktop-smoke
-          - telegram-live
-          - telegram-desktop-proof
      baseline_ref:
        description: Optional baseline ref for before/after scenarios
        required: false
@@ -92,35 +90,6 @@ jobs:
              fi
              gh "${args[@]}"
              ;;
-            telegram-live)
-              args=(
-                workflow run mantis-telegram-live.yml
-                --repo "$GITHUB_REPOSITORY"
-                --ref main
-                -f "candidate_ref=${CANDIDATE_REF}"
-              )
-              if [[ -n "${PR_NUMBER:-}" ]]; then
-                args+=(-f "pr_number=${PR_NUMBER}")
-              fi
-              gh "${args[@]}"
-              ;;
-            telegram-desktop-proof)
-              baseline_ref="$BASELINE_REF"
-              if [[ -z "$baseline_ref" || "$baseline_ref" == "0bf06e953fdda290799fc9fb9244a8f67fdae593" ]]; then
-                baseline_ref="main"
-              fi
-              args=(
-                workflow run mantis-telegram-desktop-proof.yml
-                --repo "$GITHUB_REPOSITORY"
-                --ref main
-                -f "baseline_ref=${baseline_ref}"
-                -f "candidate_ref=${CANDIDATE_REF}"
-              )
-              if [[ -n "${PR_NUMBER:-}" ]]; then
-                args+=(-f "pr_number=${PR_NUMBER}")
-              fi
-              gh "${args[@]}"
-              ;;
            *)
              echo "Unsupported Mantis scenario: ${SCENARIO_ID}" >&2
              exit 1
--- a/.github/workflows/mantis-slack-desktop-smoke.yml
+++ b/.github/workflows/mantis-slack-desktop-smoke.yml
@@ -17,11 +17,6 @@ on:
        required: true
        default: slack-canary
        type: string
-      approval_checkpoints:
-        description: Run native Slack approval checkpoint mode instead of gateway setup
-        required: false
-        default: false
-        type: boolean
      keep_vm:
        description: Keep the desktop lease open after a passing run
        required: false
@@ -35,14 +30,6 @@ on:
        options:
          - aws
          - hetzner
-      crabbox_market:
-        description: Crabbox capacity market for AWS leases
-        required: false
-        default: on-demand
-        type: choice
-        options:
-          - on-demand
-          - spot
      crabbox_lease_id:
        description: Optional existing Crabbox desktop/browser lease id or slug to reuse
        required: false
@@ -57,7 +44,7 @@ on:
          - prehydrated

 permissions:
-  contents: read
+  contents: write
  issues: write
  pull-requests: write

@@ -68,6 +55,7 @@ concurrency:
 env:
  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true"
  NODE_VERSION: "24.x"
+  PNPM_VERSION: "10.33.0"
  OPENCLAW_BUILD_PRIVATE_QA: "1"
  OPENCLAW_ENABLE_PRIVATE_QA_CLI: "1"
  CRABBOX_REF: main
@@ -76,11 +64,8 @@ jobs:
  authorize_actor:
    name: Authorize workflow actor
    runs-on: ubuntu-24.04
-    outputs:
-      authorized: ${{ steps.permission.outputs.authorized }}
    steps:
      - name: Require maintainer-level repository access
-        id: permission
        uses: actions/github-script@v8
        with:
          script: |
@@ -94,18 +79,14 @@ jobs:
            const permission = data.permission;
            core.info(`Actor ${context.actor} permission: ${permission}`);
            if (!allowed.has(permission)) {
-              core.notice(
+              core.setFailed(
                `Workflow requires write/maintain/admin access. Actor "${context.actor}" has "${permission}".`,
              );
-              core.setOutput("authorized", "false");
-              return;
            }
-            core.setOutput("authorized", "true");

  validate_ref:
    name: Validate candidate ref
    needs: authorize_actor
-    if: needs.authorize_actor.outputs.authorized == 'true'
    runs-on: ubuntu-24.04
    outputs:
      candidate_revision: ${{ steps.validate.outputs.candidate_revision }}
@@ -174,6 +155,7 @@ jobs:
        uses: ./.github/actions/setup-node-env
        with:
          node-version: ${{ env.NODE_VERSION }}
+          pnpm-version: ${{ env.PNPM_VERSION }}
          install-bun: "true"

      - name: Build Mantis harness
@@ -240,11 +222,9 @@ jobs:
          CRABBOX_ACCESS_CLIENT_SECRET: ${{ secrets.CRABBOX_ACCESS_CLIENT_SECRET }}
          CRABBOX_LEASE_ID: ${{ inputs.crabbox_lease_id }}
          CRABBOX_PROVIDER: ${{ inputs.crabbox_provider }}
-          CRABBOX_MARKET: ${{ inputs.crabbox_market }}
          KEEP_VM: ${{ inputs.keep_vm }}
          HYDRATE_MODE: ${{ inputs.hydrate_mode }}
          SCENARIO_ID: ${{ inputs.scenario_id }}
-          APPROVAL_CHECKPOINTS: ${{ inputs.approval_checkpoints }}
        shell: bash
        run: |
          set -euo pipefail
@@ -265,15 +245,6 @@ jobs:
          require_var OPENCLAW_QA_CONVEX_SITE_URL
          require_var OPENCLAW_QA_CONVEX_SECRET_CI
          require_var CRABBOX_COORDINATOR_TOKEN
-          if [[ -z "${CRABBOX_LEASE_ID:-}" && "$CRABBOX_PROVIDER" == "aws" ]]; then
-            runner_ip="$(curl -fsS https://checkip.amazonaws.com | tr -d '[:space:]')"
-            if [[ -z "$runner_ip" ]]; then
-              echo "Could not resolve GitHub runner public IPv4 for AWS SSH ingress." >&2
-              exit 1
-            fi
-            export CRABBOX_AWS_SSH_CIDRS="${runner_ip}/32"
-            echo "Using AWS SSH CIDR ${CRABBOX_AWS_SSH_CIDRS}"
-          fi

          candidate_repo="$(pwd)/.artifacts/qa-e2e/mantis/slack-desktop-smoke-worktrees/candidate"
          output_rel=".artifacts/qa-e2e/mantis/slack-desktop-smoke"
@@ -289,22 +260,6 @@ jobs:
          else
            keep_args=(--no-keep-lease)
          fi
-          market_args=()
-          if [[ -n "${CRABBOX_MARKET:-}" ]]; then
-            market_args=(--market "$CRABBOX_MARKET")
-          fi
-          gateway_args=(--gateway-setup)
-          approval_args=()
-          scenario_args=(--scenario "$SCENARIO_ID")
-          scenario_label="$SCENARIO_ID"
-          if [[ "$APPROVAL_CHECKPOINTS" == "true" ]]; then
-            approval_args=(--approval-checkpoints)
-            gateway_args=()
-            if [[ -z "${SCENARIO_ID:-}" || "$SCENARIO_ID" == "slack-canary" || "$SCENARIO_ID" == "approval-checkpoints" ]]; then
-              scenario_args=()
-              scenario_label="approval-checkpoints"
-            fi
-          fi

          set +e
          pnpm openclaw qa mantis slack-desktop-smoke \
@@ -314,17 +269,15 @@ jobs:
            --class standard \
            --idle-timeout 45m \
            --ttl 120m \
-            "${gateway_args[@]}" \
+            --gateway-setup \
            --credential-source convex \
            --credential-role ci \
            --provider-mode live-frontier \
            --hydrate-mode "$HYDRATE_MODE" \
-            --model openai/gpt-5.5 \
-            --alt-model openai/gpt-5.5 \
+            --model openai/gpt-5.4 \
+            --alt-model openai/gpt-5.4 \
            --fast \
-            "${scenario_args[@]}" \
-            "${approval_args[@]}" \
-            "${market_args[@]}" \
+            --scenario "$SCENARIO_ID" \
            "${keep_args[@]}" \
            "${lease_args[@]}"
          mantis_exit=$?
@@ -354,81 +307,27 @@ jobs:

          status="$(jq -r '.status' "$root/mantis-slack-desktop-smoke-summary.json")"
          screenshot_required=false
-          desktop_capture_inline=true
          if [[ "$status" == "pass" ]]; then
            screenshot_required=true
          fi
-          evidence_summary="Mantis ran Slack QA inside a Crabbox Linux VNC desktop, started an OpenClaw Slack gateway in that VM, opened Slack Web in the visible browser, and captured screenshot/video evidence."
-          expected_result="Slack QA and VM gateway setup pass"
-          checkpoint_artifacts='[]'
-          checkpoint_required=false
-          if [[ "$APPROVAL_CHECKPOINTS" == "true" ]]; then
-            evidence_summary="Mantis ran Slack native approval QA inside a Crabbox Linux VNC desktop, rendered pending/resolved approval checkpoints from the Slack API messages, and stored Slack QA artifacts."
-            expected_result="Slack native exec and plugin approval checkpoints pass"
-            screenshot_required=false
-            desktop_capture_inline=false
-            if [[ "$status" == "pass" ]]; then
-              checkpoint_required=true
-            fi
-            checkpoint_scenarios=()
-            if [[ "$scenario_label" == "approval-checkpoints" ]]; then
-              checkpoint_scenarios=("slack-approval-exec-native" "slack-approval-plugin-native")
-            else
-              checkpoint_scenarios=("$scenario_label")
-            fi
-            checkpoint_scenarios_json="$(printf '%s\n' "${checkpoint_scenarios[@]}" | jq -R . | jq -s .)"
-            checkpoint_artifacts="$(
-              jq -n \
-                --argjson checkpoint_required "$checkpoint_required" \
-                --argjson scenario_ids "$checkpoint_scenarios_json" \
-                '
-                  def scenario_kind($id):
-                    if $id == "slack-approval-exec-native" then "exec"
-                    elif $id == "slack-approval-plugin-native" then "plugin"
-                    else error("unsupported approval checkpoint scenario: \($id)")
-                    end;
-                  def scenario_title($id):
-                    if scenario_kind($id) == "exec" then "Exec" else "Plugin" end;
-                  [
-                    $scenario_ids[] as $id
-                    | ["pending", "resolved"][] as $state
-                    | {
-                        kind: "desktopScreenshot",
-                        lane: "candidate",
-                        label: "\(scenario_title($id)) approval \($state) checkpoint",
-                        path: "approval-checkpoints/\($id)-\($state).png",
-                        targetPath: "approval-checkpoints/\($id)-\($state).png",
-                        alt: "Rendered Slack \(scenario_kind($id)) approval \($state) checkpoint",
-                        width: 720,
-                        inline: true,
-                        required: $checkpoint_required
-                      }
-                  ]
-                '
-            )"
-          fi
          jq -n \
            --arg status "$status" \
            --arg candidate_sha "${{ needs.validate_ref.outputs.candidate_revision }}" \
-            --arg scenario "$scenario_label" \
-            --arg summary "$evidence_summary" \
-            --arg expected "$expected_result" \
-            --argjson checkpoint_artifacts "$checkpoint_artifacts" \
+            --arg scenario "$SCENARIO_ID" \
            --argjson screenshot_required "$screenshot_required" \
-            --argjson desktop_capture_inline "$desktop_capture_inline" \
            '{
              schemaVersion: 1,
              id: "slack-desktop-smoke",
              title: "Mantis Slack Desktop Smoke QA",
-              summary: $summary,
+              summary: "Mantis ran Slack QA inside a Crabbox Linux VNC desktop, started an OpenClaw Slack gateway in that VM, opened Slack Web in the visible browser, and captured screenshot/video evidence.",
              scenario: $scenario,
              comparison: {
-                candidate: { sha: $candidate_sha, expected: $expected, status: $status, fixed: ($status == "pass") },
+                candidate: { sha: $candidate_sha, expected: "Slack QA and VM gateway setup pass", status: $status, fixed: ($status == "pass") },
                pass: ($status == "pass")
              },
-              artifacts: ([
-                { kind: "desktopScreenshot", lane: "candidate", label: "Slack desktop/VNC browser", path: "slack-desktop-smoke.png", targetPath: "slack-desktop.png", alt: "Slack Web desktop screenshot from the Mantis VM", width: 720, inline: $desktop_capture_inline, required: $screenshot_required },
-                { kind: "motionPreview", lane: "candidate", label: "Slack motion preview", path: "slack-desktop-smoke-preview.gif", targetPath: "slack-desktop-preview.gif", alt: "Animated Slack desktop preview", width: 720, inline: $desktop_capture_inline, required: false },
+              artifacts: [
+                { kind: "desktopScreenshot", lane: "candidate", label: "Slack desktop/VNC browser", path: "slack-desktop-smoke.png", targetPath: "slack-desktop.png", alt: "Slack Web desktop screenshot from the Mantis VM", width: 720, inline: true, required: $screenshot_required },
+                { kind: "motionPreview", lane: "candidate", label: "Slack motion preview", path: "slack-desktop-smoke-preview.gif", targetPath: "slack-desktop-preview.gif", alt: "Animated Slack desktop preview", width: 720, inline: true, required: false },
                { kind: "motionClip", lane: "candidate", label: "Slack change MP4", path: "slack-desktop-smoke-change.mp4", targetPath: "slack-desktop-change.mp4", required: false },
                { kind: "fullVideo", lane: "candidate", label: "Slack desktop MP4", path: "slack-desktop-smoke.mp4", targetPath: "slack-desktop.mp4", required: false },
                { kind: "metadata", lane: "run", label: "Slack desktop summary", path: "mantis-slack-desktop-smoke-summary.json", targetPath: "summary.json" },
@@ -436,7 +335,7 @@ jobs:
                { kind: "metadata", lane: "run", label: "Slack command log", path: "slack-desktop-command.log", targetPath: "slack-desktop-command.log", required: false },
                { kind: "metadata", lane: "run", label: "Slack preview metadata", path: "slack-desktop-smoke-preview.json", targetPath: "slack-desktop-preview.json", required: false },
                { kind: "metadata", lane: "run", label: "Slack error", path: "error.txt", targetPath: "error.txt", required: false }
-              ] + $checkpoint_artifacts)
+              ]
            }' > "$root/mantis-evidence.json"

          cat "$root/mantis-slack-desktop-smoke-report.md" >> "$GITHUB_STEP_SUMMARY"
@@ -453,7 +352,7 @@ jobs:
      - name: Upload Mantis Slack desktop artifacts
        id: upload_artifact
        if: ${{ always() && steps.run_mantis.outputs.output_dir != '' }}
-        uses: actions/upload-artifact@v7
+        uses: actions/upload-artifact@v4
        with:
          name: mantis-slack-desktop-smoke-${{ github.run_id }}-${{ github.run_attempt }}
          path: ${{ steps.run_mantis.outputs.output_dir }}
@@ -469,6 +368,7 @@ jobs:
          private-key: ${{ secrets.MANTIS_GITHUB_APP_PRIVATE_KEY }}
          owner: ${{ github.repository_owner }}
          repositories: ${{ github.event.repository.name }}
+          permission-contents: write
          permission-issues: write
          permission-pull-requests: write

@@ -476,15 +376,9 @@ jobs:
        if: ${{ always() && inputs.pr_number != '' && steps.run_mantis.outputs.output_dir != '' && steps.upload_artifact.outputs.artifact-url != '' }}
        env:
          GH_TOKEN: ${{ steps.mantis_app_token.outputs.token }}
-          ARTIFACT_URL: ${{ steps.upload_artifact.outputs.artifact-url }}
-          MANTIS_ARTIFACT_R2_ACCESS_KEY_ID: ${{ secrets.MANTIS_ARTIFACT_R2_ACCESS_KEY_ID }}
-          MANTIS_ARTIFACT_R2_BUCKET: openclaw-crabbox-artifacts
-          MANTIS_ARTIFACT_R2_ENDPOINT: ${{ vars.MANTIS_ARTIFACT_R2_ENDPOINT }}
-          MANTIS_ARTIFACT_R2_PUBLIC_BASE_URL: https://artifacts.openclaw.ai
-          MANTIS_ARTIFACT_R2_REGION: auto
-          MANTIS_ARTIFACT_R2_SECRET_ACCESS_KEY: ${{ secrets.MANTIS_ARTIFACT_R2_SECRET_ACCESS_KEY }}
-          REQUEST_SOURCE: workflow_dispatch
          TARGET_PR: ${{ inputs.pr_number }}
+          ARTIFACT_URL: ${{ steps.upload_artifact.outputs.artifact-url }}
+          REQUEST_SOURCE: workflow_dispatch
        shell: bash
        run: |
          set -euo pipefail
--- a/.github/workflows/mantis-telegram-desktop-proof.yml
+++ b/.github/workflows/mantis-telegram-desktop-proof.yml
@@ -1,738 +0,0 @@
-name: Mantis Telegram Desktop Proof
-
-on:
-  issue_comment:
-    types: [created]
-  pull_request_target: # zizmor: ignore[dangerous-triggers] maintainer-owned Mantis label trigger; trusted base workflow validates refs before checkout/use
-    types: [labeled]
-  workflow_dispatch:
-    inputs:
-      pr_number:
-        description: PR number to capture
-        required: true
-        type: string
-      instructions:
-        description: Optional freeform proof instructions for the agent
-        required: false
-        type: string
-      crabbox_provider:
-        description: Crabbox provider for the native Telegram Desktop capture
-        required: false
-        default: aws
-        type: choice
-        options:
-          - aws
-          - hetzner
-      crabbox_lease_id:
-        description: Optional existing Crabbox desktop lease id or slug to reuse
-        required: false
-        type: string
-      publish_artifact_name:
-        description: Optional existing proof artifact name to publish without recapturing
-        required: false
-        type: string
-      publish_run_id:
-        description: Workflow run id that owns publish_artifact_name; required with publish_artifact_name
-        required: false
-        type: string
-
-permissions:
-  actions: read
-  contents: read
-  issues: write
-  pull-requests: write
-
-env:
-  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true"
-  NODE_VERSION: "24.x"
-  OPENCLAW_BUILD_PRIVATE_QA: "1"
-  OPENCLAW_ENABLE_PRIVATE_QA_CLI: "1"
-  CRABBOX_REF: main
-  CRABBOX_CAPACITY_REGIONS: eu-west-1,eu-west-2,eu-central-1,us-east-1,us-west-2
-  MANTIS_OUTPUT_DIR: .artifacts/qa-e2e/mantis/telegram-desktop-proof
-
-jobs:
-  authorize_actor:
-    name: Authorize workflow actor
-    if: >-
-      ${{
-        github.event_name == 'workflow_dispatch' ||
-        (
-          github.event_name == 'pull_request_target' &&
-          github.event.action == 'labeled' &&
-          github.event.label.name == 'mantis: telegram-visible-proof'
-        ) ||
-        (
-          github.event_name == 'issue_comment' &&
-          github.event.issue.pull_request &&
-          contains(github.event.issue.labels.*.name, 'mantis: telegram-visible-proof') &&
-          (
-            contains(github.event.comment.body, '@openclaw-mantis') ||
-            contains(github.event.comment.body, '/openclaw-mantis')
-          )
-        )
-      }}
-    runs-on: ubuntu-24.04
-    outputs:
-      authorized: ${{ steps.permission.outputs.authorized }}
-    steps:
-      - name: Require maintainer-level repository access
-        id: permission
-        uses: actions/github-script@v8
-        with:
-          script: |
-            if (context.eventName === "pull_request_target") {
-              core.info(`Accepted Mantis label trigger from ${context.actor}.`);
-              core.setOutput("authorized", "true");
-              return;
-            }
-
-            const allowed = new Set(["admin", "maintain", "write"]);
-            const { owner, repo } = context.repo;
-            const { data } = await github.rest.repos.getCollaboratorPermissionLevel({
-              owner,
-              repo,
-              username: context.actor,
-            });
-            const permission = data.permission;
-            core.info(`Actor ${context.actor} permission: ${permission}`);
-            if (!allowed.has(permission)) {
-              core.notice(
-                `Workflow requires write/maintain/admin access. Actor "${context.actor}" has "${permission}".`,
-              );
-              core.setOutput("authorized", "false");
-              return;
-            }
-            core.setOutput("authorized", "true");
-
-  resolve_request:
-    name: Resolve Mantis request
-    needs: authorize_actor
-    if: needs.authorize_actor.outputs.authorized == 'true'
-    runs-on: ubuntu-24.04
-    outputs:
-      baseline_ref: ${{ steps.resolve.outputs.baseline_ref }}
-      candidate_ref: ${{ steps.resolve.outputs.candidate_ref }}
-      crabbox_provider: ${{ steps.resolve.outputs.crabbox_provider }}
-      instructions: ${{ steps.resolve.outputs.instructions }}
-      lease_id: ${{ steps.resolve.outputs.lease_id }}
-      publish_artifact_name: ${{ steps.resolve.outputs.publish_artifact_name }}
-      publish_run_id: ${{ steps.resolve.outputs.publish_run_id }}
-      pr_number: ${{ steps.resolve.outputs.pr_number }}
-      request_source: ${{ steps.resolve.outputs.request_source }}
-      should_run: ${{ steps.resolve.outputs.should_run }}
-    steps:
-      - name: Resolve refs and target PR
-        id: resolve
-        uses: actions/github-script@v8
-        with:
-          script: |
-            const eventName = context.eventName;
-
-            function setOutput(name, value) {
-              core.setOutput(name, value ?? "");
-              core.info(`${name}=${value ?? ""}`);
-            }
-
-            const inputs = context.payload.inputs ?? {};
-            const prNumber =
-              eventName === "workflow_dispatch"
-                ? inputs.pr_number
-                : eventName === "pull_request_target"
-                  ? String(context.payload.pull_request?.number ?? "")
-                  : String(context.payload.issue?.number ?? "");
-            if (!prNumber) {
-              core.setFailed("Mantis Telegram desktop proof requires a pull request.");
-              return;
-            }
-
-            const body =
-              eventName === "workflow_dispatch"
-                ? inputs.instructions || ""
-                : eventName === "issue_comment"
-                  ? context.payload.comment?.body || ""
-                  : "";
-            if (eventName === "issue_comment") {
-              const normalized = body.toLowerCase();
-              const requestedDesktopProof =
-                (normalized.includes("@openclaw-mantis") || normalized.includes("/openclaw-mantis")) &&
-                (normalized.includes("desktop proof") ||
-                  normalized.includes("desktop-proof") ||
-                  normalized.includes("telegram desktop") ||
-                  normalized.includes("native telegram") ||
-                  normalized.includes("visible proof") ||
-                  normalized.includes("visible-proof") ||
-                  normalized.includes("telegram-visible-proof"));
-              if (!requestedDesktopProof) {
-                core.notice("Comment mentioned Mantis but did not request Telegram desktop proof.");
-                setOutput("should_run", "false");
-                setOutput("baseline_ref", "");
-                setOutput("candidate_ref", "");
-                setOutput("pr_number", "");
-                setOutput("instructions", "");
-                setOutput("crabbox_provider", "");
-                setOutput("lease_id", "");
-                setOutput("publish_artifact_name", "");
-                setOutput("publish_run_id", "");
-                setOutput("request_source", "unsupported_issue_comment");
-                return;
-              }
-            }
-
-            const { owner, repo } = context.repo;
-            const { data: pr } = await github.rest.pulls.get({
-              owner,
-              repo,
-              pull_number: Number(prNumber),
-            });
-            const provider = inputs.crabbox_provider || "aws";
-            if (!["aws", "hetzner"].includes(provider)) {
-              core.setFailed(`Unsupported Crabbox provider for Mantis Telegram desktop proof: ${provider}`);
-              return;
-            }
-
-            setOutput("should_run", "true");
-            setOutput("baseline_ref", pr.base.sha);
-            setOutput("candidate_ref", pr.head.sha);
-            setOutput("pr_number", String(pr.number));
-            setOutput("instructions", body);
-            setOutput("crabbox_provider", provider);
-            setOutput("lease_id", inputs.crabbox_lease_id || "");
-            setOutput("publish_artifact_name", inputs.publish_artifact_name || "");
-            setOutput("publish_run_id", inputs.publish_run_id || "");
-            setOutput("request_source", eventName);
-
-            if (eventName === "issue_comment") {
-              await github.rest.reactions.createForIssueComment({
-                owner,
-                repo,
-                comment_id: context.payload.comment.id,
-                content: "eyes",
-              }).catch((error) => core.warning(`Could not add eyes reaction: ${error.message}`));
-            }
-
-  validate_refs:
-    name: Validate selected refs
-    needs: resolve_request
-    if: needs.resolve_request.outputs.should_run == 'true' && needs.resolve_request.outputs.publish_artifact_name == ''
-    runs-on: ubuntu-24.04
-    outputs:
-      baseline_revision: ${{ steps.validate.outputs.baseline_revision }}
-      candidate_revision: ${{ steps.validate.outputs.candidate_revision }}
-      candidate_trust: ${{ steps.validate.outputs.candidate_trust }}
-    steps:
-      - name: Checkout harness ref
-        uses: actions/checkout@v6
-        with:
-          persist-credentials: false
-          fetch-depth: 0
-
-      - name: Validate refs are trusted
-        id: validate
-        env:
-          BASELINE_REF: ${{ needs.resolve_request.outputs.baseline_ref }}
-          CANDIDATE_REF: ${{ needs.resolve_request.outputs.candidate_ref }}
-          GH_TOKEN: ${{ github.token }}
-          PR_NUMBER: ${{ needs.resolve_request.outputs.pr_number }}
-        shell: bash
-        run: |
-          set -euo pipefail
-
-          git fetch --no-tags origin +refs/heads/main:refs/remotes/origin/main
-          if [[ -n "${PR_NUMBER:-}" ]]; then
-            git fetch --no-tags origin "+refs/pull/${PR_NUMBER}/head:refs/remotes/origin/pr/${PR_NUMBER}" || true
-          fi
-
-          resolve_commit() {
-            local input_ref="$2"
-            local revision=""
-
-            if ! revision="$(git rev-parse --verify "${input_ref}^{commit}" 2>/dev/null)"; then
-              echo "$1 ref '${input_ref}' is not available in the workflow checkout." >&2
-              exit 1
-            fi
-            printf '%s\n' "$revision"
-          }
-
-          baseline_revision="$(resolve_commit baseline "$BASELINE_REF")"
-          candidate_revision="$(resolve_commit candidate "$CANDIDATE_REF")"
-          if ! git merge-base --is-ancestor "$baseline_revision" refs/remotes/origin/main; then
-            echo "baseline ref '${BASELINE_REF}' resolved to ${baseline_revision}, which is not on main." >&2
-            exit 1
-          fi
-          pr_head="$(
-            gh api \
-              -H "Accept: application/vnd.github+json" \
-              "repos/${GITHUB_REPOSITORY}/pulls/${PR_NUMBER}" \
-              --jq '{state, head_sha: .head.sha, head_repo: .head.repo.full_name}'
-          )"
-          pr_state="$(jq -r '.state' <<<"$pr_head")"
-          pr_head_sha="$(jq -r '.head_sha' <<<"$pr_head")"
-          pr_head_repo="$(jq -r '.head_repo' <<<"$pr_head")"
-          if [[ "$pr_state" != "open" || "$candidate_revision" != "$pr_head_sha" ]]; then
-            echo "candidate ref '${CANDIDATE_REF}' resolved to ${candidate_revision}, which is not the open PR head." >&2
-            exit 1
-          fi
-          candidate_trust="open-pr-head"
-          if [[ "$pr_head_repo" != "$GITHUB_REPOSITORY" ]]; then
-            candidate_trust="fork-pr-head"
-          fi
-
-          echo "baseline_revision=${baseline_revision}" >> "$GITHUB_OUTPUT"
-          echo "candidate_revision=${candidate_revision}" >> "$GITHUB_OUTPUT"
-          echo "candidate_trust=${candidate_trust}" >> "$GITHUB_OUTPUT"
-          {
-            echo "baseline: \`${BASELINE_REF}\`"
-            echo "baseline SHA: \`${baseline_revision}\`"
-            echo "baseline trust: \`main-ancestor\`"
-            echo "candidate: \`${CANDIDATE_REF}\`"
-            echo "candidate SHA: \`${candidate_revision}\`"
-            echo "candidate trust: \`${candidate_trust}\`"
-          } >> "$GITHUB_STEP_SUMMARY"
-
-  run_telegram_desktop_proof:
-    name: Run agentic native Telegram proof
-    needs: [resolve_request, validate_refs]
-    if: needs.resolve_request.outputs.should_run == 'true' && needs.resolve_request.outputs.publish_artifact_name == ''
-    runs-on: blacksmith-16vcpu-ubuntu-2404
-    timeout-minutes: 360
-    environment: qa-live-shared
-    outputs:
-      comparison_status: ${{ steps.inspect.outputs.comparison_status }}
-      output_dir: ${{ steps.inspect.outputs.output_dir }}
-    steps:
-      - name: Wait for older Mantis Telegram account run
-        env:
-          GH_TOKEN: ${{ github.token }}
-        shell: bash
-        run: |
-          set -euo pipefail
-          current_created="$(gh api "repos/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}" --jq .created_at)"
-          stale_before="$(date -u -d '8 hours ago' +%Y-%m-%dT%H:%M:%SZ)"
-          run_has_active_jobs() {
-            local run_id="$1"
-            local run_state="$2"
-            if [[ "$run_state" != "in_progress" ]]; then
-              return 0
-            fi
-            local active_jobs
-            active_jobs="$(gh run view "$run_id" --repo "$GITHUB_REPOSITORY" --json jobs --jq '[.jobs[] | select(.status == "queued" or .status == "in_progress" or .status == "waiting" or .status == "pending" or .status == "requested")] | length')"
-            [[ "$active_jobs" != "0" ]]
-          }
-          while true; do
-            candidates="$(
-              for workflow in mantis-telegram-desktop-proof.yml mantis-telegram-live.yml; do
-                for status in queued in_progress waiting pending requested; do
-                  gh run list --repo "$GITHUB_REPOSITORY" --workflow "$workflow" --status "$status" --limit 100 --json databaseId,status,createdAt,url \
-                    | jq -r \
-                      --argjson current_id "$GITHUB_RUN_ID" \
-                      --arg current_created "$current_created" \
-                      --arg stale_before "$stale_before" \
-                      '.[] | select(.databaseId != $current_id) | select(.createdAt >= $stale_before) | select(.createdAt < $current_created or (.createdAt == $current_created and .databaseId < $current_id)) | "\(.createdAt)\t#\(.databaseId)\t\(.status)\t\(.url)"'
-                done
-              done | sort -u
-            )"
-            blockers=""
-            while IFS=$'\t' read -r created run_id run_state url; do
-              if [[ -n "$run_id" ]] && run_has_active_jobs "${run_id#\#}" "$run_state"; then
-                blockers+="${created}"$'\t'"${run_id}"$'\t'"${run_state}"$'\t'"${url}"$'\n'
-              fi
-            done <<<"$candidates"
-            if [[ -z "$blockers" ]]; then
-              break
-            fi
-            echo "Waiting for older Mantis Telegram account run:"
-            printf '%s\n' "$blockers" | head -n 10
-            sleep 60
-          done
-
-      - name: Checkout harness ref
-        uses: actions/checkout@v6
-        with:
-          persist-credentials: false
-          fetch-depth: 0
-
-      - name: Setup Node environment
-        uses: ./.github/actions/setup-node-env
-        with:
-          node-version: ${{ env.NODE_VERSION }}
-          install-bun: "true"
-
-      - name: Setup Go for Crabbox CLI
-        uses: actions/setup-go@v6
-        with:
-          go-version: "1.26.x"
-          cache: false
-
-      - name: Install Crabbox CLI
-        shell: bash
-        run: |
-          set -euo pipefail
-          install_dir="${RUNNER_TEMP}/crabbox"
-          mkdir -p "$install_dir/src"
-          git init "$install_dir/src"
-          git -C "$install_dir/src" remote add origin https://github.com/openclaw/crabbox.git
-          git -C "$install_dir/src" fetch --depth 1 origin "$CRABBOX_REF"
-          git -C "$install_dir/src" checkout --detach FETCH_HEAD
-          go build -C "$install_dir/src" -o "$install_dir/crabbox" ./cmd/crabbox
-          sudo install -m 0755 "$install_dir/crabbox" /usr/local/bin/crabbox
-          crabbox --version
-          crabbox media preview --help >/dev/null
-
-      - name: Install local proof tools
-        shell: bash
-        run: |
-          set -euo pipefail
-          test -f scripts/e2e/telegram-user-driver.py
-          cat >"${RUNNER_TEMP}/openclaw-telegram-user-crabbox-proof" <<'EOF'
-          #!/usr/bin/env bash
-          set -euo pipefail
-          exec node --import tsx "${GITHUB_WORKSPACE}/scripts/e2e/telegram-user-crabbox-proof.ts" "$@"
-          EOF
-          chmod 0755 "${RUNNER_TEMP}/openclaw-telegram-user-crabbox-proof"
-          sudo install -m 0755 "${RUNNER_TEMP}/openclaw-telegram-user-crabbox-proof" /usr/local/bin/openclaw-telegram-user-crabbox-proof
-          /usr/local/bin/openclaw-telegram-user-crabbox-proof --help >/dev/null
-          media_tools="${RUNNER_TEMP}/mantis-media-tools"
-          install -d "$media_tools"
-          curl --fail --location --retry 3 --retry-delay 2 \
-            --connect-timeout 15 --max-time 180 \
-            https://github.com/BtbN/FFmpeg-Builds/releases/download/latest/ffmpeg-master-latest-linux64-gpl.tar.xz \
-            --output "$media_tools/ffmpeg.tar.xz"
-          tar -xJf "$media_tools/ffmpeg.tar.xz" -C "$media_tools"
-          bin_dir="$(find "$media_tools" -type d -path '*/bin' | head -n 1)"
-          sudo install -m 0755 "$bin_dir/ffmpeg" /usr/local/bin/ffmpeg
-          sudo install -m 0755 "$bin_dir/ffprobe" /usr/local/bin/ffprobe
-          ffmpeg -version >/dev/null
-          ffprobe -version >/dev/null
-
-      - name: Ensure agent key exists
-        env:
-          OPENAI_API_KEY: ${{ secrets.OPENCLAW_MANTIS_AGENT_OPENAI_API_KEY || secrets.OPENAI_API_KEY }}
-        run: |
-          set -euo pipefail
-          if [ -z "${OPENAI_API_KEY:-}" ]; then
-            echo "Missing OPENCLAW_MANTIS_AGENT_OPENAI_API_KEY or OPENAI_API_KEY secret." >&2
-            exit 1
-          fi
-
-      - name: Prepare Codex user
-        shell: bash
-        run: |
-          set -euo pipefail
-          sudo useradd --create-home --shell /bin/bash codex
-          {
-            printf '%s\n' 'Defaults env_keep += "CODEX_HOME CODEX_INTERNAL_ORIGINATOR_OVERRIDE"'
-            printf '%s\n' 'Defaults env_keep += "BASELINE_REF BASELINE_SHA CANDIDATE_REF CANDIDATE_SHA"'
-            printf '%s\n' 'Defaults env_keep += "CRABBOX_ACCESS_CLIENT_ID CRABBOX_ACCESS_CLIENT_SECRET CRABBOX_COORDINATOR CRABBOX_COORDINATOR_TOKEN CRABBOX_LEASE_ID CRABBOX_PROVIDER CRABBOX_CAPACITY_REGIONS"'
-            printf '%s\n' 'Defaults env_keep += "GH_TOKEN MANTIS_CANDIDATE_TRUST MANTIS_INSTRUCTIONS MANTIS_OUTPUT_DIR MANTIS_PR_NUMBER"'
-            printf '%s\n' 'Defaults env_keep += "OPENCLAW_BUILD_PRIVATE_QA OPENCLAW_ENABLE_PRIVATE_QA_CLI OPENCLAW_QA_CONVEX_SECRET_CI OPENCLAW_QA_CONVEX_SITE_URL OPENCLAW_QA_CREDENTIAL_OWNER_ID OPENCLAW_QA_MANTIS_CRABBOX_COORDINATOR OPENCLAW_QA_MANTIS_CRABBOX_COORDINATOR_TOKEN"'
-            printf '%s\n' 'Defaults env_keep += "OPENCLAW_TELEGRAM_USER_CRABBOX_BIN OPENCLAW_TELEGRAM_USER_CRABBOX_PROVIDER OPENCLAW_TELEGRAM_USER_DRIVER_SCRIPT OPENCLAW_TELEGRAM_USER_PROOF_CMD"'
-          } | sudo tee /etc/sudoers.d/mantis-codex-env >/dev/null
-          sudo chmod 0440 /etc/sudoers.d/mantis-codex-env
-          codex_home="/tmp/mantis-codex-home-${GITHUB_RUN_ID}"
-          sudo install -d -m 0770 -o codex -g codex "$codex_home"
-          sudo setfacl -m u:runner:rwx,u:codex:rwx "$codex_home"
-          sudo setfacl -d -m u:runner:rwx,u:codex:rwx "$codex_home"
-          workspace_parent="$(dirname "$GITHUB_WORKSPACE")"
-          while [ "$workspace_parent" != "/" ]; do
-            sudo setfacl -m u:codex:--x "$workspace_parent"
-            [ "$workspace_parent" = "/home/runner" ] && break
-            workspace_parent="$(dirname "$workspace_parent")"
-          done
-          sudo chown -R codex:codex "$GITHUB_WORKSPACE"
-
-      - name: Run Codex Mantis Telegram agent
-        uses: openai/codex-action@5c3f4ccdb2b8790f73d6b21751ac00e602aa0c02
-        env:
-          BASELINE_REF: ${{ needs.resolve_request.outputs.baseline_ref }}
-          BASELINE_SHA: ${{ needs.validate_refs.outputs.baseline_revision }}
-          CANDIDATE_REF: ${{ needs.resolve_request.outputs.candidate_ref }}
-          CANDIDATE_SHA: ${{ needs.validate_refs.outputs.candidate_revision }}
-          CRABBOX_ACCESS_CLIENT_ID: ${{ secrets.CRABBOX_ACCESS_CLIENT_ID }}
-          CRABBOX_ACCESS_CLIENT_SECRET: ${{ secrets.CRABBOX_ACCESS_CLIENT_SECRET }}
-          CRABBOX_COORDINATOR: ${{ secrets.CRABBOX_COORDINATOR || secrets.OPENCLAW_QA_MANTIS_CRABBOX_COORDINATOR }}
-          CRABBOX_COORDINATOR_TOKEN: ${{ secrets.CRABBOX_COORDINATOR_TOKEN || secrets.OPENCLAW_QA_MANTIS_CRABBOX_COORDINATOR_TOKEN }}
-          CRABBOX_CAPACITY_REGIONS: ${{ env.CRABBOX_CAPACITY_REGIONS }}
-          CRABBOX_LEASE_ID: ${{ needs.resolve_request.outputs.lease_id }}
-          CRABBOX_PROVIDER: ${{ needs.resolve_request.outputs.crabbox_provider }}
-          GH_TOKEN: ${{ github.token }}
-          MANTIS_CANDIDATE_TRUST: ${{ needs.validate_refs.outputs.candidate_trust }}
-          MANTIS_INSTRUCTIONS: ${{ needs.resolve_request.outputs.instructions }}
-          MANTIS_OUTPUT_DIR: ${{ env.MANTIS_OUTPUT_DIR }}
-          MANTIS_PR_NUMBER: ${{ needs.resolve_request.outputs.pr_number }}
-          OPENCLAW_QA_CONVEX_SECRET_CI: ${{ secrets.OPENCLAW_QA_CONVEX_SECRET_CI }}
-          OPENCLAW_QA_CONVEX_SITE_URL: ${{ secrets.OPENCLAW_QA_CONVEX_SITE_URL }}
-          OPENCLAW_QA_CREDENTIAL_OWNER_ID: mantis-telegram-desktop-${{ github.run_id }}-${{ github.run_attempt }}
-          OPENCLAW_QA_MANTIS_CRABBOX_COORDINATOR: ${{ secrets.OPENCLAW_QA_MANTIS_CRABBOX_COORDINATOR }}
-          OPENCLAW_QA_MANTIS_CRABBOX_COORDINATOR_TOKEN: ${{ secrets.OPENCLAW_QA_MANTIS_CRABBOX_COORDINATOR_TOKEN }}
-          OPENCLAW_TELEGRAM_USER_CRABBOX_BIN: /usr/local/bin/crabbox
-          OPENCLAW_TELEGRAM_USER_CRABBOX_PROVIDER: ${{ needs.resolve_request.outputs.crabbox_provider }}
-          OPENCLAW_TELEGRAM_USER_DRIVER_SCRIPT: ${{ github.workspace }}/scripts/e2e/telegram-user-driver.py
-          OPENCLAW_TELEGRAM_USER_PROOF_CMD: /usr/local/bin/openclaw-telegram-user-crabbox-proof
-        with:
-          openai-api-key: ${{ secrets.OPENCLAW_MANTIS_AGENT_OPENAI_API_KEY || secrets.OPENAI_API_KEY }}
-          prompt-file: .github/codex/prompts/mantis-telegram-desktop-proof.md
-          model: ${{ vars.OPENCLAW_CI_OPENAI_MODEL_BARE }}
-          effort: medium
-          sandbox: danger-full-access
-          codex-args: '["-c","service_tier=\"fast\""]'
-          codex-home: /tmp/mantis-codex-home-${{ github.run_id }}
-          safety-strategy: unprivileged-user
-          codex-user: codex
-          allow-bot-users: clawsweeper[bot]
-
-      - name: Release leaked Telegram proof leases
-        if: ${{ always() }}
-        env:
-          CRABBOX_PROVIDER: ${{ needs.resolve_request.outputs.crabbox_provider }}
-          OPENCLAW_QA_CONVEX_SECRET_CI: ${{ secrets.OPENCLAW_QA_CONVEX_SECRET_CI }}
-          OPENCLAW_QA_CONVEX_SITE_URL: ${{ secrets.OPENCLAW_QA_CONVEX_SITE_URL }}
-        shell: bash
-        run: |
-          set -euo pipefail
-          if [[ ! -d .artifacts/qa-e2e ]]; then
-            exit 0
-          fi
-          status=0
-          mapfile -d '' session_files < <(sudo find .artifacts/qa-e2e -name session.json -type f -print0)
-          for session_file in "${session_files[@]}"; do
-            if ! sudo -u codex node -e 'const fs = require("fs"); const session = JSON.parse(fs.readFileSync(process.argv[1], "utf8")); process.exit(session.command === "telegram-user-crabbox-session" ? 0 : 1);' "$session_file"; then
-              continue
-            fi
-            lease_file="${session_file%/session.json}/.session/lease.json"
-            if [[ ! -f "$lease_file" ]]; then
-              continue
-            fi
-            if ! sudo -u codex env \
-              OPENCLAW_QA_CONVEX_SECRET_CI="$OPENCLAW_QA_CONVEX_SECRET_CI" \
-              OPENCLAW_QA_CONVEX_SITE_URL="$OPENCLAW_QA_CONVEX_SITE_URL" \
-              OPENCLAW_TELEGRAM_USER_CRABBOX_BIN=/usr/local/bin/crabbox \
-              OPENCLAW_TELEGRAM_USER_CRABBOX_PROVIDER="$CRABBOX_PROVIDER" \
-              node --import tsx "$GITHUB_WORKSPACE/scripts/e2e/telegram-user-crabbox-proof.ts" \
-                finish --session "$session_file" --preview-crop telegram-window; then
-              status=1
-            fi
-          done
-          mapfile -d '' lease_files < <(sudo find .artifacts/qa-e2e -path '*/.session/lease.json' -type f -print0)
-          for lease_file in "${lease_files[@]}"; do
-            if ! sudo -u codex node -e 'const fs = require("fs"); const lease = JSON.parse(fs.readFileSync(process.argv[1], "utf8")); process.exit(lease.kind === "telegram-user" ? 0 : 1);' "$lease_file"; then
-              continue
-            fi
-            if ! sudo -u codex env \
-              OPENCLAW_QA_CONVEX_SECRET_CI="$OPENCLAW_QA_CONVEX_SECRET_CI" \
-              OPENCLAW_QA_CONVEX_SITE_URL="$OPENCLAW_QA_CONVEX_SITE_URL" \
-              node --import tsx "$GITHUB_WORKSPACE/scripts/e2e/telegram-user-credential.ts" \
-                release --lease-file "$lease_file"; then
-              status=1
-            fi
-          done
-          exit "$status"
-
-      - name: Inspect Mantis evidence manifest
-        id: inspect
-        if: ${{ always() }}
-        shell: bash
-        run: |
-          set -euo pipefail
-          output_dir="$MANTIS_OUTPUT_DIR"
-          echo "output_dir=${output_dir}" >> "$GITHUB_OUTPUT"
-          manifest="$output_dir/mantis-evidence.json"
-          if [[ ! -f "$manifest" ]]; then
-            echo "Mantis agent did not produce ${manifest}." >&2
-            exit 1
-          fi
-          comparison_status="$(jq -r 'if .comparison.pass then "pass" else "fail" end' "$manifest")"
-          echo "comparison_status=${comparison_status}" >> "$GITHUB_OUTPUT"
-
-      - name: Upload Mantis Telegram desktop artifacts
-        id: upload_artifact
-        if: ${{ always() && steps.inspect.outputs.output_dir != '' }}
-        uses: actions/upload-artifact@v7
-        with:
-          name: mantis-telegram-desktop-proof-${{ github.run_id }}-${{ github.run_attempt }}
-          path: ${{ steps.inspect.outputs.output_dir }}
-          retention-days: 14
-          if-no-files-found: warn
-
-      - name: Create Mantis GitHub App token
-        id: mantis_app_token
-        if: ${{ always() && needs.resolve_request.outputs.pr_number != '' }}
-        uses: actions/create-github-app-token@v3
-        with:
-          app-id: ${{ secrets.MANTIS_GITHUB_APP_ID }}
-          private-key: ${{ secrets.MANTIS_GITHUB_APP_PRIVATE_KEY }}
-          owner: ${{ github.repository_owner }}
-          repositories: ${{ github.event.repository.name }}
-          permission-issues: write
-          permission-pull-requests: write
-
-      - name: Comment PR with inline QA evidence
-        if: ${{ always() && needs.resolve_request.outputs.pr_number != '' && steps.inspect.outputs.output_dir != '' }}
-        env:
-          ARTIFACT_URL: ${{ steps.upload_artifact.outputs.artifact-url }}
-          GH_TOKEN: ${{ steps.mantis_app_token.outputs.token }}
-          MANTIS_ARTIFACT_R2_ACCESS_KEY_ID: ${{ secrets.MANTIS_ARTIFACT_R2_ACCESS_KEY_ID }}
-          MANTIS_ARTIFACT_R2_BUCKET: openclaw-crabbox-artifacts
-          MANTIS_ARTIFACT_R2_ENDPOINT: ${{ vars.MANTIS_ARTIFACT_R2_ENDPOINT }}
-          MANTIS_ARTIFACT_R2_PUBLIC_BASE_URL: https://artifacts.openclaw.ai
-          MANTIS_ARTIFACT_R2_REGION: auto
-          MANTIS_ARTIFACT_R2_SECRET_ACCESS_KEY: ${{ secrets.MANTIS_ARTIFACT_R2_SECRET_ACCESS_KEY }}
-          REQUEST_SOURCE: ${{ needs.resolve_request.outputs.request_source }}
-          TARGET_PR: ${{ needs.resolve_request.outputs.pr_number }}
-        shell: bash
-        run: |
-          set -euo pipefail
-          root="${{ steps.inspect.outputs.output_dir }}"
-          if [[ ! -f "$root/mantis-evidence.json" ]]; then
-            echo "No Mantis evidence manifest found; skipping PR evidence comment."
-            exit 0
-          fi
-          artifact_url_args=()
-          if [[ -n "${ARTIFACT_URL:-}" ]]; then
-            artifact_url_args=(--artifact-url "$ARTIFACT_URL")
-          fi
-          node scripts/mantis/publish-pr-evidence.mjs \
-            --manifest "$root/mantis-evidence.json" \
-            --target-pr "$TARGET_PR" \
-            --artifact-root "mantis/telegram-desktop/pr-${TARGET_PR}/run-${GITHUB_RUN_ID}-${GITHUB_RUN_ATTEMPT}" \
-            --marker "<!-- mantis-telegram-desktop-proof -->" \
-            "${artifact_url_args[@]}" \
-            --run-url "https://github.com/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}" \
-            --request-source "$REQUEST_SOURCE"
-
-      - name: Fail when Mantis Telegram desktop proof failed
-        if: ${{ always() && steps.inspect.outputs.output_dir != '' && steps.inspect.outputs.comparison_status != 'pass' }}
-        env:
-          COMPARISON_STATUS: ${{ steps.inspect.outputs.comparison_status }}
-        run: |
-          echo "Mantis Telegram desktop proof failed: comparison=${COMPARISON_STATUS:-unset}." >&2
-          exit 1
-
-  publish_existing_telegram_desktop_proof:
-    name: Publish existing native Telegram proof
-    needs: resolve_request
-    if: needs.resolve_request.outputs.should_run == 'true' && needs.resolve_request.outputs.publish_artifact_name != ''
-    runs-on: ubuntu-24.04
-    environment: qa-live-shared
-    steps:
-      - name: Checkout harness ref
-        uses: actions/checkout@v6
-        with:
-          persist-credentials: false
-
-      - name: Setup Node environment
-        uses: ./.github/actions/setup-node-env
-        with:
-          node-version: ${{ env.NODE_VERSION }}
-          install-bun: "true"
-
-      - name: Download existing proof artifact
-        env:
-          GH_TOKEN: ${{ github.token }}
-          PUBLISH_ARTIFACT_NAME: ${{ needs.resolve_request.outputs.publish_artifact_name }}
-          PUBLISH_RUN_ID: ${{ needs.resolve_request.outputs.publish_run_id }}
-        shell: bash
-        run: |
-          set -euo pipefail
-          if [[ -z "${PUBLISH_RUN_ID:-}" ]]; then
-            echo "publish_run_id is required when publish_artifact_name is set." >&2
-            exit 1
-          fi
-          run_id="$PUBLISH_RUN_ID"
-          gh run download "$run_id" \
-            --repo "$GITHUB_REPOSITORY" \
-            --name "$PUBLISH_ARTIFACT_NAME" \
-            --dir "$MANTIS_OUTPUT_DIR"
-
-          artifacts_json="$(
-            gh api \
-              -H "Accept: application/vnd.github+json" \
-              "repos/${GITHUB_REPOSITORY}/actions/runs/${run_id}/artifacts"
-          )"
-          artifact_id="$(jq -r --arg name "$PUBLISH_ARTIFACT_NAME" '.artifacts[] | select(.name == $name) | .id' <<<"$artifacts_json" | head -n 1)"
-          if [[ -z "$artifact_id" || "$artifact_id" == "null" ]]; then
-            echo "Could not resolve artifact id for '${PUBLISH_ARTIFACT_NAME}' in run ${run_id}." >&2
-            exit 1
-          fi
-          echo "PUBLISH_RUN_ID=${run_id}" >> "$GITHUB_ENV"
-          echo "PUBLISH_ARTIFACT_URL=https://github.com/${GITHUB_REPOSITORY}/actions/runs/${run_id}/artifacts/${artifact_id}" >> "$GITHUB_ENV"
-
-      - name: Create Mantis GitHub App token
-        id: mantis_app_token
-        uses: actions/create-github-app-token@v3
-        with:
-          app-id: ${{ secrets.MANTIS_GITHUB_APP_ID }}
-          private-key: ${{ secrets.MANTIS_GITHUB_APP_PRIVATE_KEY }}
-          owner: ${{ github.repository_owner }}
-          repositories: ${{ github.event.repository.name }}
-          permission-issues: write
-          permission-pull-requests: write
-
-      - name: Comment PR with inline QA evidence
-        env:
-          GH_TOKEN: ${{ steps.mantis_app_token.outputs.token }}
-          MANTIS_ARTIFACT_R2_ACCESS_KEY_ID: ${{ secrets.MANTIS_ARTIFACT_R2_ACCESS_KEY_ID }}
-          MANTIS_ARTIFACT_R2_BUCKET: openclaw-crabbox-artifacts
-          MANTIS_ARTIFACT_R2_ENDPOINT: ${{ vars.MANTIS_ARTIFACT_R2_ENDPOINT }}
-          MANTIS_ARTIFACT_R2_PUBLIC_BASE_URL: https://artifacts.openclaw.ai
-          MANTIS_ARTIFACT_R2_REGION: auto
-          MANTIS_ARTIFACT_R2_SECRET_ACCESS_KEY: ${{ secrets.MANTIS_ARTIFACT_R2_SECRET_ACCESS_KEY }}
-          REQUEST_SOURCE: ${{ needs.resolve_request.outputs.request_source }}
-          TARGET_PR: ${{ needs.resolve_request.outputs.pr_number }}
-        shell: bash
-        run: |
-          set -euo pipefail
-          root="$MANTIS_OUTPUT_DIR"
-          if [[ ! -f "$root/mantis-evidence.json" ]]; then
-            echo "Downloaded artifact does not contain ${root}/mantis-evidence.json." >&2
-            exit 1
-          fi
-          node scripts/mantis/publish-pr-evidence.mjs \
-            --manifest "$root/mantis-evidence.json" \
-            --target-pr "$TARGET_PR" \
-            --artifact-root "mantis/telegram-desktop/pr-${TARGET_PR}/published-${PUBLISH_RUN_ID}-${GITHUB_RUN_ID}-${GITHUB_RUN_ATTEMPT}" \
-            --marker "<!-- mantis-telegram-desktop-proof -->" \
-            --artifact-url "$PUBLISH_ARTIFACT_URL" \
-            --run-url "https://github.com/${GITHUB_REPOSITORY}/actions/runs/${PUBLISH_RUN_ID}" \
-            --request-source "$REQUEST_SOURCE"
-
-  clear_issue_comment_reaction:
-    name: Clear Mantis command reaction
-    needs: [resolve_request, validate_refs, run_telegram_desktop_proof]
-    if: ${{ always() && github.event_name == 'issue_comment' && needs.resolve_request.outputs.request_source == 'issue_comment' }}
-    runs-on: ubuntu-24.04
-    permissions:
-      issues: write
-    steps:
-      - name: Remove workflow eyes reaction
-        uses: actions/github-script@v8
-        with:
-          script: |
-            const { owner, repo } = context.repo;
-            const commentId = context.payload.comment?.id;
-            if (!commentId) {
-              core.info("No issue comment id found; skipping reaction cleanup.");
-              return;
-            }
-
-            const reactions = await github.paginate(github.rest.reactions.listForIssueComment, {
-              owner,
-              repo,
-              comment_id: commentId,
-              per_page: 100,
-            });
-            const eyes = reactions.filter(
-              (reaction) => reaction.content === "eyes" && reaction.user?.login === "github-actions[bot]",
-            );
-            for (const reaction of eyes) {
-              await github.rest.reactions.deleteForIssueComment({
-                owner,
-                repo,
-                comment_id: commentId,
-                reaction_id: reaction.id,
-              });
-              core.info(`Removed eyes reaction ${reaction.id} from comment ${commentId}.`);
-            }
-            if (eyes.length === 0) {
-              core.info(`No workflow eyes reaction found on comment ${commentId}.`);
-            }
--- a/.github/workflows/mantis-telegram-live.yml
+++ b/.github/workflows/mantis-telegram-live.yml
@@ -1,601 +0,0 @@
-name: Mantis Telegram Live
-
-on:
-  issue_comment:
-    types: [created]
-  workflow_dispatch:
-    inputs:
-      candidate_ref:
-        description: Ref, tag, or SHA to verify with Telegram live QA
-        required: true
-        default: main
-        type: string
-      pr_number:
-        description: Optional PR number to receive the QA evidence comment
-        required: false
-        type: string
-      scenario:
-        description: Optional comma-separated Telegram scenario ids
-        required: false
-        default: telegram-status-command
-        type: string
-      crabbox_provider:
-        description: Crabbox provider for the desktop transcript capture
-        required: false
-        default: aws
-        type: choice
-        options:
-          - aws
-          - hetzner
-      crabbox_lease_id:
-        description: Optional existing Crabbox desktop/browser lease id or slug to reuse
-        required: false
-        type: string
-
-permissions:
-  actions: read
-  contents: read
-  issues: write
-  pull-requests: write
-
-env:
-  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true"
-  NODE_VERSION: "24.x"
-  OPENCLAW_BUILD_PRIVATE_QA: "1"
-  OPENCLAW_ENABLE_PRIVATE_QA_CLI: "1"
-  CRABBOX_REF: main
-
-jobs:
-  authorize_actor:
-    name: Authorize workflow actor
-    if: >-
-      ${{
-        github.event_name == 'workflow_dispatch' ||
-        (
-          github.event_name == 'issue_comment' &&
-          github.event.issue.pull_request &&
-          (
-            contains(github.event.comment.body, '@openclaw-mantis') ||
-            contains(github.event.comment.body, '/openclaw-mantis')
-          )
-        )
-      }}
-    runs-on: ubuntu-24.04
-    outputs:
-      authorized: ${{ steps.permission.outputs.authorized }}
-    steps:
-      - name: Require maintainer-level repository access
-        id: permission
-        uses: actions/github-script@v8
-        with:
-          script: |
-            const allowed = new Set(["admin", "maintain", "write"]);
-            const { owner, repo } = context.repo;
-            const { data } = await github.rest.repos.getCollaboratorPermissionLevel({
-              owner,
-              repo,
-              username: context.actor,
-            });
-            const permission = data.permission;
-            core.info(`Actor ${context.actor} permission: ${permission}`);
-            if (!allowed.has(permission)) {
-              core.notice(
-                `Workflow requires write/maintain/admin access. Actor "${context.actor}" has "${permission}".`,
-              );
-              core.setOutput("authorized", "false");
-              return;
-            }
-            core.setOutput("authorized", "true");
-
-  resolve_request:
-    name: Resolve Mantis request
-    needs: authorize_actor
-    if: needs.authorize_actor.outputs.authorized == 'true'
-    runs-on: ubuntu-24.04
-    outputs:
-      candidate_ref: ${{ steps.resolve.outputs.candidate_ref }}
-      crabbox_provider: ${{ steps.resolve.outputs.crabbox_provider }}
-      lease_id: ${{ steps.resolve.outputs.lease_id }}
-      pr_number: ${{ steps.resolve.outputs.pr_number }}
-      request_source: ${{ steps.resolve.outputs.request_source }}
-      scenario: ${{ steps.resolve.outputs.scenario }}
-      should_run: ${{ steps.resolve.outputs.should_run }}
-    steps:
-      - name: Resolve refs and target PR
-        id: resolve
-        uses: actions/github-script@v8
-        with:
-          script: |
-            const eventName = context.eventName;
-
-            function setOutput(name, value) {
-              core.setOutput(name, value ?? "");
-              core.info(`${name}=${value ?? ""}`);
-            }
-
-            if (eventName === "workflow_dispatch") {
-              const inputs = context.payload.inputs ?? {};
-              setOutput("should_run", "true");
-              setOutput("candidate_ref", inputs.candidate_ref || "main");
-              setOutput("pr_number", inputs.pr_number || "");
-              setOutput("scenario", inputs.scenario || "telegram-status-command");
-              setOutput("crabbox_provider", inputs.crabbox_provider || "aws");
-              setOutput("lease_id", inputs.crabbox_lease_id || "");
-              setOutput("request_source", "workflow_dispatch");
-              return;
-            }
-
-            if (eventName !== "issue_comment") {
-              core.setFailed(`Unsupported event: ${eventName}`);
-              return;
-            }
-
-            const issue = context.payload.issue;
-            const body = context.payload.comment?.body ?? "";
-            if (!issue?.pull_request) {
-              core.setFailed("Mantis issue_comment trigger requires a pull request comment.");
-              return;
-            }
-
-            const normalized = body.toLowerCase();
-            const requestedDesktopProof =
-              normalized.includes("desktop proof") ||
-              normalized.includes("desktop-proof") ||
-              normalized.includes("telegram desktop") ||
-              normalized.includes("native telegram") ||
-              normalized.includes("visible proof") ||
-              normalized.includes("visible-proof") ||
-              normalized.includes("telegram-visible-proof");
-            const requested =
-              (normalized.includes("@openclaw-mantis") || normalized.includes("/openclaw-mantis")) &&
-              normalized.includes("telegram") &&
-              !requestedDesktopProof;
-            if (!requested) {
-              core.notice("Comment mentioned Mantis but did not request Telegram live QA.");
-              setOutput("should_run", "false");
-              setOutput("candidate_ref", "");
-              setOutput("pr_number", "");
-              setOutput("scenario", "");
-              setOutput("crabbox_provider", "");
-              setOutput("lease_id", "");
-              setOutput("request_source", "unsupported_issue_comment");
-              return;
-            }
-
-            const { owner, repo } = context.repo;
-            const { data: pr } = await github.rest.pulls.get({
-              owner,
-              repo,
-              pull_number: issue.number,
-            });
-            const candidateMatch = body.match(/(?:candidate|head)[\s:=]+([^\s`]+)/i);
-            const scenarioMatch = body.match(/(?:scenario|scenarios)[\s:=]+([^\s`]+)/i);
-            const providerMatch = body.match(/(?:provider|crabbox_provider)[\s:=]+([^\s`]+)/i);
-            const leaseMatch = body.match(/(?:lease|lease_id|crabbox_lease_id)[\s:=]+([^\s`]+)/i);
-            const rawCandidate = candidateMatch?.[1];
-            const candidate =
-              rawCandidate && !["head", "pr", "pr-head"].includes(rawCandidate.toLowerCase())
-                ? rawCandidate
-                : pr.head.sha;
-            const provider = providerMatch?.[1] || "aws";
-            if (!["aws", "hetzner"].includes(provider)) {
-              core.setFailed(`Unsupported Crabbox provider for Mantis Telegram: ${provider}`);
-              return;
-            }
-
-            setOutput("should_run", "true");
-            setOutput("candidate_ref", candidate);
-            setOutput("pr_number", String(issue.number));
-            setOutput("scenario", scenarioMatch?.[1] || "telegram-status-command");
-            setOutput("crabbox_provider", provider);
-            setOutput("lease_id", leaseMatch?.[1] || "");
-            setOutput("request_source", "issue_comment");
-
-            await github.rest.reactions.createForIssueComment({
-              owner,
-              repo,
-              comment_id: context.payload.comment.id,
-              content: "eyes",
-            }).catch((error) => core.warning(`Could not add eyes reaction: ${error.message}`));
-
-  validate_ref:
-    name: Validate candidate ref
-    needs: resolve_request
-    if: ${{ needs.resolve_request.outputs.should_run == 'true' }}
-    runs-on: ubuntu-24.04
-    outputs:
-      candidate_revision: ${{ steps.validate.outputs.candidate_revision }}
-    steps:
-      - name: Checkout harness ref
-        uses: actions/checkout@v6
-        with:
-          persist-credentials: false
-          fetch-depth: 0
-
-      - name: Validate ref is trusted
-        id: validate
-        env:
-          GH_TOKEN: ${{ github.token }}
-          CANDIDATE_REF: ${{ needs.resolve_request.outputs.candidate_ref }}
-        shell: bash
-        run: |
-          set -euo pipefail
-
-          git fetch --no-tags origin +refs/heads/main:refs/remotes/origin/main
-
-          revision="$(git rev-parse "${CANDIDATE_REF}^{commit}")"
-          reason=""
-          if git merge-base --is-ancestor "$revision" refs/remotes/origin/main; then
-            reason="main-ancestor"
-          elif git tag --points-at "$revision" | grep -Eq '^v'; then
-            reason="release-tag"
-          else
-            pr_head_count="$(
-              gh api \
-                -H "Accept: application/vnd.github+json" \
-                "repos/${GITHUB_REPOSITORY}/commits/${revision}/pulls" \
-                --jq '[.[] | select(.state == "open" and .head.repo.full_name == "'"${GITHUB_REPOSITORY}"'" and .head.sha == "'"${revision}"'")] | length'
-            )"
-            if [[ "$pr_head_count" != "0" ]]; then
-              reason="open-pr-head"
-            fi
-          fi
-
-          if [[ -z "$reason" ]]; then
-            echo "Candidate ref '${CANDIDATE_REF}' resolved to ${revision}, which is not trusted for this secret-bearing Mantis run." >&2
-            exit 1
-          fi
-
-          echo "candidate_revision=${revision}" >> "$GITHUB_OUTPUT"
-          {
-            echo "candidate: \`${CANDIDATE_REF}\`"
-            echo "candidate SHA: \`${revision}\`"
-            echo "candidate trust reason: \`${reason}\`"
-          } >> "$GITHUB_STEP_SUMMARY"
-
-  run_telegram_live:
-    name: Run Telegram live QA with Crabbox evidence
-    needs: [resolve_request, validate_ref]
-    if: ${{ needs.resolve_request.outputs.should_run == 'true' }}
-    runs-on: ubuntu-24.04
-    timeout-minutes: 180
-    environment: qa-live-shared
-    outputs:
-      comparison_status: ${{ steps.run_mantis.outputs.comparison_status }}
-      output_dir: ${{ steps.run_mantis.outputs.output_dir }}
-    steps:
-      - name: Wait for older Mantis Telegram account run
-        env:
-          GH_TOKEN: ${{ github.token }}
-        shell: bash
-        run: |
-          set -euo pipefail
-          current_created="$(gh api "repos/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}" --jq .created_at)"
-          stale_before="$(date -u -d '8 hours ago' +%Y-%m-%dT%H:%M:%SZ)"
-          run_has_active_jobs() {
-            local run_id="$1"
-            local run_state="$2"
-            if [[ "$run_state" != "in_progress" ]]; then
-              return 0
-            fi
-            local active_jobs
-            active_jobs="$(gh run view "$run_id" --repo "$GITHUB_REPOSITORY" --json jobs --jq '[.jobs[] | select(.status == "queued" or .status == "in_progress" or .status == "waiting" or .status == "pending" or .status == "requested")] | length')"
-            [[ "$active_jobs" != "0" ]]
-          }
-          while true; do
-            candidates="$(
-              for workflow in mantis-telegram-desktop-proof.yml mantis-telegram-live.yml; do
-                for status in queued in_progress waiting pending requested; do
-                  gh run list --repo "$GITHUB_REPOSITORY" --workflow "$workflow" --status "$status" --limit 100 --json databaseId,status,createdAt,url \
-                    | jq -r \
-                      --argjson current_id "$GITHUB_RUN_ID" \
-                      --arg current_created "$current_created" \
-                      --arg stale_before "$stale_before" \
-                      '.[] | select(.databaseId != $current_id) | select(.createdAt >= $stale_before) | select(.createdAt < $current_created or (.createdAt == $current_created and .databaseId < $current_id)) | "\(.createdAt)\t#\(.databaseId)\t\(.status)\t\(.url)"'
-                done
-              done | sort -u
-            )"
-            blockers=""
-            while IFS=$'\t' read -r created run_id run_state url; do
-              if [[ -n "$run_id" ]] && run_has_active_jobs "${run_id#\#}" "$run_state"; then
-                blockers+="${created}"$'\t'"${run_id}"$'\t'"${run_state}"$'\t'"${url}"$'\n'
-              fi
-            done <<<"$candidates"
-            if [[ -z "$blockers" ]]; then
-              break
-            fi
-            echo "Waiting for older Mantis Telegram account run:"
-            printf '%s\n' "$blockers" | head -n 10
-            sleep 60
-          done
-
-      - name: Checkout harness ref
-        uses: actions/checkout@v6
-        with:
-          persist-credentials: false
-          fetch-depth: 0
-
-      - name: Setup Node environment
-        uses: ./.github/actions/setup-node-env
-        with:
-          node-version: ${{ env.NODE_VERSION }}
-          install-bun: "true"
-
-      - name: Build Mantis harness
-        run: pnpm build
-
-      - name: Cache Mantis candidate pnpm store
-        uses: actions/cache@v4
-        with:
-          path: |
-            ~/.local/share/pnpm/store
-            ~/.cache/pnpm
-          key: mantis-telegram-pnpm-${{ runner.os }}-${{ env.NODE_VERSION }}-${{ hashFiles('pnpm-lock.yaml') }}
-          restore-keys: |
-            mantis-telegram-pnpm-${{ runner.os }}-${{ env.NODE_VERSION }}-
-
-      - name: Setup Go for Crabbox CLI
-        uses: actions/setup-go@v6
-        with:
-          go-version: "1.26.x"
-          cache: false
-
-      - name: Install Crabbox CLI
-        shell: bash
-        run: |
-          set -euo pipefail
-          install_dir="${RUNNER_TEMP}/crabbox"
-          mkdir -p "$install_dir/src" "$HOME/.local/bin"
-          git init "$install_dir/src"
-          git -C "$install_dir/src" remote add origin https://github.com/openclaw/crabbox.git
-          git -C "$install_dir/src" fetch --depth 1 origin "$CRABBOX_REF"
-          git -C "$install_dir/src" checkout --detach FETCH_HEAD
-          go build -C "$install_dir/src" -o "$HOME/.local/bin/crabbox" ./cmd/crabbox
-          echo "$HOME/.local/bin" >> "$GITHUB_PATH"
-          "$HOME/.local/bin/crabbox" --version
-          "$HOME/.local/bin/crabbox" warmup --help > "$install_dir/warmup-help.txt" 2>&1
-          grep -q -- "-desktop" "$install_dir/warmup-help.txt"
-          "$HOME/.local/bin/crabbox" media preview --help >/dev/null
-
-      - name: Prepare candidate worktree
-        env:
-          CANDIDATE_SHA: ${{ needs.validate_ref.outputs.candidate_revision }}
-        shell: bash
-        run: |
-          set -euo pipefail
-          worktree_root=".artifacts/qa-e2e/mantis/telegram-live-worktrees"
-          mkdir -p "$worktree_root"
-          git worktree add --detach "$worktree_root/candidate" "$CANDIDATE_SHA"
-          pnpm --dir "$worktree_root/candidate" install --frozen-lockfile --prefer-offline
-          pnpm --dir "$worktree_root/candidate" build
-
-      - name: Run Telegram live scenario and capture desktop evidence
-        id: run_mantis
-        env:
-          OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
-          OPENCLAW_QA_CONVEX_SITE_URL: ${{ secrets.OPENCLAW_QA_CONVEX_SITE_URL }}
-          OPENCLAW_QA_CONVEX_SECRET_CI: ${{ secrets.OPENCLAW_QA_CONVEX_SECRET_CI }}
-          OPENCLAW_QA_REDACT_PUBLIC_METADATA: "1"
-          OPENCLAW_QA_TELEGRAM_CAPTURE_CONTENT: "1"
-          CRABBOX_COORDINATOR: ${{ secrets.CRABBOX_COORDINATOR }}
-          CRABBOX_COORDINATOR_TOKEN: ${{ secrets.CRABBOX_COORDINATOR_TOKEN }}
-          OPENCLAW_QA_MANTIS_CRABBOX_COORDINATOR: ${{ secrets.OPENCLAW_QA_MANTIS_CRABBOX_COORDINATOR }}
-          OPENCLAW_QA_MANTIS_CRABBOX_COORDINATOR_TOKEN: ${{ secrets.OPENCLAW_QA_MANTIS_CRABBOX_COORDINATOR_TOKEN }}
-          CRABBOX_ACCESS_CLIENT_ID: ${{ secrets.CRABBOX_ACCESS_CLIENT_ID }}
-          CRABBOX_ACCESS_CLIENT_SECRET: ${{ secrets.CRABBOX_ACCESS_CLIENT_SECRET }}
-          CRABBOX_LEASE_ID: ${{ needs.resolve_request.outputs.lease_id }}
-          CRABBOX_PROVIDER: ${{ needs.resolve_request.outputs.crabbox_provider }}
-          SCENARIO_INPUT: ${{ needs.resolve_request.outputs.scenario }}
-          CANDIDATE_SHA: ${{ needs.validate_ref.outputs.candidate_revision }}
-        shell: bash
-        run: |
-          set -euo pipefail
-
-          require_var() {
-            local key="$1"
-            if [[ -z "${!key:-}" ]]; then
-              echo "Missing required ${key}." >&2
-              exit 1
-            fi
-          }
-
-          CRABBOX_COORDINATOR="${CRABBOX_COORDINATOR:-${OPENCLAW_QA_MANTIS_CRABBOX_COORDINATOR:-}}"
-          CRABBOX_COORDINATOR_TOKEN="${CRABBOX_COORDINATOR_TOKEN:-${OPENCLAW_QA_MANTIS_CRABBOX_COORDINATOR_TOKEN:-}}"
-          export CRABBOX_COORDINATOR CRABBOX_COORDINATOR_TOKEN
-
-          require_var OPENAI_API_KEY
-          require_var OPENCLAW_QA_CONVEX_SITE_URL
-          require_var OPENCLAW_QA_CONVEX_SECRET_CI
-          require_var CRABBOX_COORDINATOR_TOKEN
-
-          candidate_repo="$(pwd)/.artifacts/qa-e2e/mantis/telegram-live-worktrees/candidate"
-          output_rel=".artifacts/qa-e2e/mantis/telegram-live"
-          root="$candidate_repo/$output_rel"
-          echo "output_dir=${root}" >> "$GITHUB_OUTPUT"
-          model="${OPENCLAW_CI_OPENAI_MODEL:-openai/gpt-5.5}"
-
-          scenario_args=()
-          if [[ -n "${SCENARIO_INPUT// }" ]]; then
-            IFS=',' read -r -a raw_scenarios <<<"${SCENARIO_INPUT}"
-            for raw in "${raw_scenarios[@]}"; do
-              scenario="$(printf '%s' "${raw}" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')"
-              if [[ -n "${scenario}" ]]; then
-                scenario_args+=(--scenario "${scenario}")
-              fi
-            done
-          fi
-
-          set +e
-          pnpm --dir "$candidate_repo" openclaw qa telegram \
-            --repo-root "$candidate_repo" \
-            --output-dir "$output_rel" \
-            --provider-mode live-frontier \
-            --model "$model" \
-            --alt-model "$model" \
-            --fast \
-            --credential-source convex \
-            --credential-role ci \
-            --allow-failures \
-            "${scenario_args[@]}"
-          telegram_exit=$?
-          set -e
-
-          if [[ ! -f "$root/telegram-qa-summary.json" ]]; then
-            echo "Telegram live QA did not produce a summary." >&2
-            exit "$telegram_exit"
-          fi
-          echo "telegram_exit=${telegram_exit}" >> "$GITHUB_OUTPUT"
-
-          node "${GITHUB_WORKSPACE}/scripts/mantis/build-telegram-evidence.mjs" \
-            --output-dir "$root" \
-            --candidate-ref "$CANDIDATE_SHA" \
-            --candidate-sha "$CANDIDATE_SHA" \
-            --scenario-label "${SCENARIO_INPUT:-telegram-live}"
-
-          comparison_status="$(jq -r 'if .comparison.pass then "pass" else "fail" end' "$root/mantis-evidence.json")"
-          echo "comparison_status=${comparison_status}" >> "$GITHUB_OUTPUT"
-
-          desktop_args=()
-          if [[ -n "${CRABBOX_LEASE_ID:-}" ]]; then
-            desktop_args+=(--lease-id "$CRABBOX_LEASE_ID")
-          fi
-          pnpm --dir "$candidate_repo" openclaw qa mantis desktop-browser-smoke \
-            --repo-root "$candidate_repo" \
-            --html-file "$output_rel/telegram-live-transcript.html" \
-            --output-dir "$output_rel/desktop-browser" \
-            --provider "$CRABBOX_PROVIDER" \
-            --class standard \
-            --idle-timeout 45m \
-            --ttl 120m \
-            --video-duration 18 \
-            "${desktop_args[@]}"
-
-          cp "$root/desktop-browser/desktop-browser-smoke.png" "$root/telegram-live-desktop.png"
-          if [[ -f "$root/desktop-browser/desktop-browser-smoke.mp4" ]]; then
-            cp "$root/desktop-browser/desktop-browser-smoke.mp4" "$root/telegram-live.mp4"
-          fi
-
-          if [[ -f "$root/telegram-live.mp4" ]]; then
-            if ! command -v ffmpeg >/dev/null 2>&1 || ! command -v ffprobe >/dev/null 2>&1; then
-              sudo apt-get update -y >/tmp/mantis-telegram-ffmpeg-apt.log 2>&1 || true
-              sudo DEBIAN_FRONTEND=noninteractive apt-get install -y ffmpeg >>/tmp/mantis-telegram-ffmpeg-apt.log 2>&1 || true
-            fi
-            if ! crabbox media preview \
-              --input "$root/telegram-live.mp4" \
-              --output "$root/telegram-live-preview.gif" \
-              --trimmed-video-output "$root/telegram-live-change.mp4" \
-              --json > "$root/telegram-live-preview.json"; then
-              rm -f "$root/telegram-live-preview.gif"
-              rm -f "$root/telegram-live-change.mp4"
-              rm -f "$root/telegram-live-preview.json"
-              echo "::warning::Could not generate Telegram motion-trimmed desktop preview."
-            fi
-          fi
-
-          cat "$root/telegram-qa-report.md" >> "$GITHUB_STEP_SUMMARY"
-
-      - name: Upload Mantis Telegram artifacts
-        id: upload_artifact
-        if: ${{ always() && steps.run_mantis.outputs.output_dir != '' }}
-        uses: actions/upload-artifact@v7
-        with:
-          name: mantis-telegram-live-${{ github.run_id }}-${{ github.run_attempt }}
-          path: ${{ steps.run_mantis.outputs.output_dir }}
-          retention-days: 14
-          if-no-files-found: warn
-
-      - name: Create Mantis GitHub App token
-        id: mantis_app_token
-        if: ${{ always() && needs.resolve_request.outputs.pr_number != '' }}
-        uses: actions/create-github-app-token@v3
-        with:
-          app-id: ${{ secrets.MANTIS_GITHUB_APP_ID }}
-          private-key: ${{ secrets.MANTIS_GITHUB_APP_PRIVATE_KEY }}
-          owner: ${{ github.repository_owner }}
-          repositories: ${{ github.event.repository.name }}
-          permission-issues: write
-          permission-pull-requests: write
-
-      - name: Comment PR with inline QA evidence
-        if: ${{ always() && needs.resolve_request.outputs.pr_number != '' && steps.run_mantis.outputs.output_dir != '' }}
-        env:
-          GH_TOKEN: ${{ steps.mantis_app_token.outputs.token }}
-          ARTIFACT_URL: ${{ steps.upload_artifact.outputs.artifact-url }}
-          MANTIS_ARTIFACT_R2_ACCESS_KEY_ID: ${{ secrets.MANTIS_ARTIFACT_R2_ACCESS_KEY_ID }}
-          MANTIS_ARTIFACT_R2_BUCKET: openclaw-crabbox-artifacts
-          MANTIS_ARTIFACT_R2_ENDPOINT: ${{ vars.MANTIS_ARTIFACT_R2_ENDPOINT }}
-          MANTIS_ARTIFACT_R2_PUBLIC_BASE_URL: https://artifacts.openclaw.ai
-          MANTIS_ARTIFACT_R2_REGION: auto
-          MANTIS_ARTIFACT_R2_SECRET_ACCESS_KEY: ${{ secrets.MANTIS_ARTIFACT_R2_SECRET_ACCESS_KEY }}
-          REQUEST_SOURCE: ${{ needs.resolve_request.outputs.request_source }}
-          TARGET_PR: ${{ needs.resolve_request.outputs.pr_number }}
-        shell: bash
-        run: |
-          set -euo pipefail
-          root="${{ steps.run_mantis.outputs.output_dir }}"
-          if [[ ! -f "$root/mantis-evidence.json" ]]; then
-            echo "No Mantis evidence manifest found; skipping PR evidence comment."
-            exit 0
-          fi
-          artifact_url_args=()
-          if [[ -n "${ARTIFACT_URL:-}" ]]; then
-            artifact_url_args=(--artifact-url "$ARTIFACT_URL")
-          fi
-          node scripts/mantis/publish-pr-evidence.mjs \
-            --manifest "$root/mantis-evidence.json" \
-            --target-pr "$TARGET_PR" \
-            --artifact-root "mantis/telegram-live/pr-${TARGET_PR}/run-${GITHUB_RUN_ID}-${GITHUB_RUN_ATTEMPT}" \
-            --marker "<!-- mantis-telegram-live -->" \
-            "${artifact_url_args[@]}" \
-            --run-url "https://github.com/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}" \
-            --request-source "$REQUEST_SOURCE"
-
-      - name: Fail when Mantis Telegram failed
-        if: ${{ always() && steps.run_mantis.outputs.output_dir != '' && (steps.run_mantis.outputs.comparison_status != 'pass' || steps.run_mantis.outputs.telegram_exit != '0') }}
-        env:
-          COMPARISON_STATUS: ${{ steps.run_mantis.outputs.comparison_status }}
-          TELEGRAM_EXIT: ${{ steps.run_mantis.outputs.telegram_exit }}
-        run: |
-          echo "Mantis Telegram live failed: comparison=${COMPARISON_STATUS:-unset} telegram_exit=${TELEGRAM_EXIT:-unset}." >&2
-          exit 1
-
-  clear_issue_comment_reaction:
-    name: Clear Mantis command reaction
-    needs: [resolve_request, validate_ref, run_telegram_live]
-    if: ${{ always() && github.event_name == 'issue_comment' && needs.resolve_request.outputs.request_source == 'issue_comment' }}
-    runs-on: ubuntu-24.04
-    permissions:
-      issues: write
-    steps:
-      - name: Remove workflow eyes reaction
-        uses: actions/github-script@v8
-        with:
-          script: |
-            const { owner, repo } = context.repo;
-            const commentId = context.payload.comment?.id;
-            if (!commentId) {
-              core.info("No issue comment id found; skipping reaction cleanup.");
-              return;
-            }
-
-            const reactions = await github.paginate(github.rest.reactions.listForIssueComment, {
-              owner,
-              repo,
-              comment_id: commentId,
-              per_page: 100,
-            });
-            const eyes = reactions.filter(
-              (reaction) => reaction.content === "eyes" && reaction.user?.login === "github-actions[bot]",
-            );
-            for (const reaction of eyes) {
-              await github.rest.reactions.deleteForIssueComment({
-                owner,
-                repo,
-                comment_id: commentId,
-                reaction_id: reaction.id,
-              });
-              core.info(`Removed eyes reaction ${reaction.id} from comment ${commentId}.`);
-            }
-            if (eyes.length === 0) {
-              core.info(`No workflow eyes reaction found on comment ${commentId}.`);
-            }
--- a/.github/workflows/npm-telegram-beta-e2e.yml
+++ b/.github/workflows/npm-telegram-beta-e2e.yml
@@ -40,18 +40,8 @@ on:
        description: Optional comma-separated Telegram scenario ids
        required: false
        type: string
-      advisory:
-        description: Treat package Telegram failures as advisory for the caller
-        required: false
-        default: false
-        type: boolean
  workflow_call:
    inputs:
-      advisory:
-        description: Treat package Telegram failures as advisory for the caller
-        required: false
-        default: false
-        type: boolean
      package_spec:
        description: Published OpenClaw package spec to test when no artifact is supplied
        required: true
@@ -103,13 +93,13 @@ concurrency:

 env:
  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true"
-  NODE_VERSION: "24.15.0"
+  NODE_VERSION: "24.x"
+  PNPM_VERSION: "10.33.0"

 jobs:
  run_package_telegram_e2e:
    name: Run package Telegram E2E
    runs-on: blacksmith-32vcpu-ubuntu-2404
-    continue-on-error: ${{ inputs.advisory }}
    timeout-minutes: 60
    environment: qa-live-shared
    permissions:
@@ -146,6 +136,7 @@ jobs:
        uses: ./.github/actions/setup-node-env
        with:
          node-version: ${{ env.NODE_VERSION }}
+          pnpm-version: ${{ env.PNPM_VERSION }}
          install-bun: "true"

      - name: Validate inputs and secrets
@@ -268,7 +259,7 @@ jobs:

      - name: Upload npm Telegram E2E artifacts
        if: always()
-        uses: actions/upload-artifact@v7
+        uses: actions/upload-artifact@v4
        with:
          name: npm-telegram-beta-e2e-${{ github.run_id }}-${{ github.run_attempt }}
          path: .artifacts/qa-e2e/
--- a/.github/workflows/openclaw-cross-os-release-checks-reusable.yml
+++ b/.github/workflows/openclaw-cross-os-release-checks-reusable.yml
@@ -86,18 +86,8 @@ on:
        required: false
        default: ""
        type: string
-      advisory:
-        description: Treat failures as advisory for the caller
-        required: false
-        default: false
-        type: boolean
  workflow_call:
    inputs:
-      advisory:
-        description: Treat failures as advisory for the caller
-        required: false
-        default: false
-        type: boolean
      ref:
        description: Public OpenClaw ref to validate (tag, branch, or full commit SHA)
        required: true
@@ -192,15 +182,15 @@ concurrency:

 env:
  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true"
-  NODE_VERSION: "24.15.0"
+  NODE_VERSION: "24.x"
+  PNPM_VERSION: "10.32.1"
  OPENCLAW_REPOSITORY: openclaw/openclaw
  TSX_VERSION: "4.21.0"
-  OPENCLAW_CROSS_OS_OPENAI_MODEL: ${{ inputs.openai_model || vars.OPENCLAW_CROSS_OS_OPENAI_MODEL || 'openai/gpt-5.5' }}
+  OPENCLAW_CROSS_OS_OPENAI_MODEL: ${{ inputs.openai_model || vars.OPENCLAW_CROSS_OS_OPENAI_MODEL || 'openai/gpt-5.4' }}

 jobs:
  prepare:
    runs-on: ubuntu-24.04
-    continue-on-error: ${{ inputs.advisory }}
    outputs:
      baseline_file_name: ${{ steps.baseline_metadata.outputs.file_name }}
      baseline_spec: ${{ steps.baseline.outputs.value }}
@@ -338,7 +328,7 @@ jobs:
          ref: ${{ steps.workflow_ref.outputs.value }}
          path: workflow
          fetch-depth: 1
-          persist-credentials: true
+          persist-credentials: false

      - name: Checkout public source ref
        if: inputs.candidate_artifact_name == ''
@@ -348,21 +338,21 @@ jobs:
          ref: ${{ inputs.ref }}
          path: source
          fetch-depth: 0
-          persist-credentials: true
+          persist-credentials: false
          submodules: recursive

+      - name: Setup pnpm
+        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1
+        with:
+          version: ${{ env.PNPM_VERSION }}
+          run_install: false
+
      - name: Setup Node.js
        uses: actions/setup-node@v6
        with:
          node-version: ${{ env.NODE_VERSION }}
-
-      - name: Setup pnpm
-        uses: ./workflow/.github/actions/setup-pnpm-store-cache
-        with:
-          node-version: ${{ env.NODE_VERSION }}
-          package-manager-file: ${{ inputs.candidate_artifact_name == '' && 'source/package.json' || 'workflow/package.json' }}
-          lockfile-path: ${{ inputs.candidate_artifact_name == '' && 'source/pnpm-lock.yaml' || 'workflow/pnpm-lock.yaml' }}
-          use-actions-cache: ${{ inputs.candidate_artifact_name == '' && 'true' || 'false' }}
+          cache: pnpm
+          cache-dependency-path: ${{ inputs.candidate_artifact_name == '' && 'source/pnpm-lock.yaml' || 'workflow/pnpm-lock.yaml' }}

      - name: Ensure pnpm store cache directory exists
        run: mkdir -p "$(pnpm store path --silent)"
@@ -523,12 +513,11 @@ jobs:
  cross_os_release_checks:
    name: "${{ matrix.display_name }} / ${{ matrix.suite_label }}"
    needs: prepare
-    continue-on-error: ${{ inputs.advisory }}
    strategy:
      fail-fast: false
      matrix: ${{ fromJson(needs.prepare.outputs.matrix) }}
    runs-on: ${{ matrix.runner }}
-    timeout-minutes: 60
+    timeout-minutes: 120
    steps:
      - name: Checkout workflow repo
        uses: actions/checkout@v6
@@ -537,31 +526,20 @@ jobs:
          ref: ${{ needs.prepare.outputs.workflow_ref }}
          path: workflow
          fetch-depth: 1
-          persist-credentials: true
+          persist-credentials: false
+
+      - name: Setup pnpm
+        uses: pnpm/action-setup@b906affcce14559ad1aafd4ab0e942779e9f58b1
+        with:
+          version: ${{ env.PNPM_VERSION }}
+          run_install: false

      - name: Setup Node.js
        uses: actions/setup-node@v6
        with:
          node-version: ${{ env.NODE_VERSION }}

-      - name: Setup pnpm
-        uses: ./workflow/.github/actions/setup-pnpm-store-cache
-        with:
-          node-version: ${{ env.NODE_VERSION }}
-          package-manager-file: workflow/package.json
-          lockfile-path: workflow/pnpm-lock.yaml
-          use-actions-cache: "false"
-
      - name: Download candidate artifact
-        id: download_candidate
-        continue-on-error: true
-        uses: actions/download-artifact@v8
-        with:
-          name: openclaw-cross-os-release-checks-candidate-${{ github.run_id }}
-          path: ${{ runner.temp }}/openclaw-cross-os-release-checks/candidate
-
-      - name: Retry candidate artifact download
-        if: ${{ steps.download_candidate.outcome == 'failure' }}
        uses: actions/download-artifact@v8
        with:
          name: openclaw-cross-os-release-checks-candidate-${{ github.run_id }}
@@ -569,38 +547,11 @@ jobs:

      - name: Download baseline artifact
        if: ${{ matrix.suite == 'packaged-upgrade' }}
-        id: download_baseline
-        continue-on-error: true
        uses: actions/download-artifact@v8
        with:
          name: openclaw-cross-os-release-checks-baseline-${{ github.run_id }}
          path: ${{ runner.temp }}/openclaw-cross-os-release-checks/baseline

-      - name: Retry baseline artifact download
-        if: ${{ matrix.suite == 'packaged-upgrade' && steps.download_baseline.outcome == 'failure' }}
-        uses: actions/download-artifact@v8
-        with:
-          name: openclaw-cross-os-release-checks-baseline-${{ github.run_id }}
-          path: ${{ runner.temp }}/openclaw-cross-os-release-checks/baseline
-
-      - name: Verify release-check inputs
-        shell: bash
-        env:
-          CANDIDATE_TGZ: ${{ runner.temp }}/openclaw-cross-os-release-checks/candidate/${{ needs.prepare.outputs.candidate_file_name }}
-          BASELINE_TGZ: ${{ runner.temp }}/openclaw-cross-os-release-checks/baseline/${{ needs.prepare.outputs.baseline_file_name }}
-          OUTPUT_DIR: ${{ runner.temp }}/openclaw-cross-os-release-checks/${{ matrix.artifact_name }}-${{ matrix.suite }}
-          SUITE: ${{ matrix.suite }}
-        run: |
-          mkdir -p "${OUTPUT_DIR}"
-          if [[ ! -f "${CANDIDATE_TGZ}" ]]; then
-            echo "::error::candidate artifact missing: ${CANDIDATE_TGZ}"
-            exit 1
-          fi
-          if [[ "${SUITE}" == "packaged-upgrade" ]] && [[ ! -f "${BASELINE_TGZ}" ]]; then
-            echo "::error::baseline artifact missing: ${BASELINE_TGZ}"
-            exit 1
-          fi
-
      - name: Run cross-OS release checks
        shell: bash
        env:
@@ -651,8 +602,7 @@ jobs:
          if [[ -f "${SUMMARY_PATH}" ]]; then
            cat "${SUMMARY_PATH}" >> "$GITHUB_STEP_SUMMARY"
          else
-            mkdir -p "$(dirname "${SUMMARY_PATH}")"
-            echo "No summary generated." | tee "${SUMMARY_PATH}" >> "$GITHUB_STEP_SUMMARY"
+            echo "No summary generated." >> "$GITHUB_STEP_SUMMARY"
          fi

      - name: Upload release-check artifacts
--- a/.github/workflows/openclaw-live-and-e2e-checks-reusable.yml
+++ b/.github/workflows/openclaw-live-and-e2e-checks-reusable.yml
--- a/Show More
+++ b/Show More