style(apple): format localized share extension

.github/workflows/ci.yml

@@ -848,6 +848,32 @@ jobs:
           path: .local/gateway-watch-regression/
           retention-days: 7
 
+  native-i18n:
+    permissions:
+      contents: read
+    needs: [preflight]
+    if: ${{ !cancelled() && always() && (needs.preflight.outputs.run_macos == 'true' || needs.preflight.outputs.run_android == 'true' || needs.preflight.outputs.run_node == 'true') }}
+    runs-on: ${{ github.repository == 'openclaw/openclaw' && 'blacksmith-4vcpu-ubuntu-2404' || 'ubuntu-24.04' }}
+    timeout-minutes: 10
+    steps:
+      - name: Checkout
+        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
+        with:
+          ref: ${{ needs.preflight.outputs.checkout_revision }}
+          persist-credentials: false
+
+      - name: Setup Node environment
+        uses: ./.github/actions/setup-node-env
+        with:
+          install-bun: "false"
+
+      - name: Check native app i18n inventory
+        run: pnpm native:i18n:check
+
+      - name: Check Apple app i18n catalogs
+        if: needs.preflight.outputs.run_macos == 'true'
+        run: pnpm apple:i18n:check
+
   checks-fast-core:
     permissions:
       contents: read

CHANGELOG.md

@@ -81,7 +81,7 @@ Automatic fast mode starts short conversations quickly, then returns longer or f
 
 - Prevents [Docker](https://docs.openclaw.ai/install/docker) and [Podman](https://docs.openclaw.ai/install/podman) setup from running unbounded on hosts where GNU timeout is installed as `gtimeout`, so image pulls, builds, and detached startup receive the intended guard. [62b2e9e](https://github.com/openclaw/openclaw/commit/62b2e9ef14b4be6fd396621c8e5e248331f08695).
 
-### Plugins and Packaging
+### Plugins, Packaging, and QA
 
 #### Codex service-tier clearing
 
@@ -96,6 +96,7 @@ Automatic fast mode starts short conversations quickly, then returns longer or f
 #### Doctor check ordering
 
 - Keeps core [`openclaw doctor`](https://docs.openclaw.ai/gateway/doctor) diagnostics in their normal order before extension checks, making lint and repair output easier to follow. [PR #86627](https://github.com/openclaw/openclaw/pull/86627). Thanks @giodl73-repo.
+
 ## 2026.6.9
 
 ### Highlights

apps/ios/ShareExtension/ShareViewController.swift

@@ -49,13 +49,15 @@ final class ShareViewController: UIViewController {
         self.draftTextView.textContainerInset = UIEdgeInsets(top: 12, left: 10, bottom: 12, right: 10)
 
         self.sendButton.translatesAutoresizingMaskIntoConstraints = false
-        self.sendButton.setTitle("Send to OpenClaw", for: .normal)
+        self.sendButton.setTitle(
+            NSLocalizedString("Send to OpenClaw", comment: "Share extension send action"),
+            for: .normal)
         self.sendButton.titleLabel?.font = .preferredFont(forTextStyle: .headline)
         self.sendButton.addTarget(self, action: #selector(self.handleSendTap), for: .touchUpInside)
         self.sendButton.isEnabled = false
 
         self.cancelButton.translatesAutoresizingMaskIntoConstraints = false
-        self.cancelButton.setTitle("Cancel", for: .normal)
+        self.cancelButton.setTitle(NSLocalizedString("Cancel", comment: "Share extension cancel action"), for: .normal)
         self.cancelButton.addTarget(self, action: #selector(self.handleCancelTap), for: .touchUpInside)
 
         let buttons = UIStackView(arrangedSubviews: [self.cancelButton, self.sendButton])
@@ -84,7 +86,7 @@ final class ShareViewController: UIViewController {
     private func prepareDraft() async {
         let traceId = UUID().uuidString
         ShareGatewayRelaySettings.saveLastEvent("Share opened.")
-        self.showStatus("Preparing share…")
+        self.showStatus(NSLocalizedString("Preparing share…", comment: "Share extension preparation status"))
         self.logger.info("share begin trace=\(traceId, privacy: .public)")
         let extracted = await self.extractSharedContent()
         let payload = extracted.payload
@@ -102,10 +104,12 @@ final class ShareViewController: UIViewController {
         }
         if message.trimmingCharacters(in: .whitespacesAndNewlines).isEmpty {
             ShareGatewayRelaySettings.saveLastEvent("Share ready: waiting for message input.")
-            self.showStatus("Add a message, then tap Send.")
+            self.showStatus(NSLocalizedString(
+                "Add a message, then tap Send.",
+                comment: "Share extension empty draft guidance"))
         } else {
             ShareGatewayRelaySettings.saveLastEvent("Share ready: draft prepared.")
-            self.showStatus("Edit text, then tap Send.")
+            self.showStatus(NSLocalizedString("Edit text, then tap Send.", comment: "Share extension draft guidance"))
         }
     }
 
@@ -125,7 +129,7 @@ final class ShareViewController: UIViewController {
         let trimmed = message.trimmingCharacters(in: .whitespacesAndNewlines)
         guard !trimmed.isEmpty else {
             ShareGatewayRelaySettings.saveLastEvent("Share blocked: message is empty.")
-            self.showStatus("Message is empty.")
+            self.showStatus(NSLocalizedString("Message is empty.", comment: "Share extension empty message status"))
             return
         }
 
@@ -134,20 +138,23 @@ final class ShareViewController: UIViewController {
             self.sendButton.isEnabled = false
             self.cancelButton.isEnabled = false
         }
-        self.showStatus("Sending to OpenClaw gateway…")
+        self.showStatus(NSLocalizedString("Sending to OpenClaw gateway…", comment: "Share extension sending status"))
         ShareGatewayRelaySettings.saveLastEvent("Sending to gateway…")
         do {
             try await self.sendMessageToGateway(trimmed, attachments: self.pendingAttachments)
             ShareGatewayRelaySettings.saveLastEvent(
                 "Sent to gateway (\(trimmed.count) chars, \(self.pendingAttachments.count) attachment(s)).")
-            self.showStatus("Sent to OpenClaw.")
+            self.showStatus(NSLocalizedString("Sent to OpenClaw.", comment: "Share extension success status"))
             DispatchQueue.main.asyncAfter(deadline: .now() + 0.45) {
                 self.extensionContext?.completeRequest(returningItems: nil)
             }
         } catch {
             self.logger.error("share send failed reason=\(error.localizedDescription, privacy: .public)")
             ShareGatewayRelaySettings.saveLastEvent("Send failed: \(error.localizedDescription)")
-            self.showStatus("Send failed: \(error.localizedDescription)")
+            self.showStatus(
+                String(
+                    format: NSLocalizedString("Send failed: %@", comment: "Share extension failure status"),
+                    error.localizedDescription))
             await MainActor.run {
                 self.isSending = false
                 self.sendButton.isEnabled = true
@@ -161,13 +168,21 @@ final class ShareViewController: UIViewController {
             throw NSError(
                 domain: "OpenClawShare",
                 code: 10,
-                userInfo: [NSLocalizedDescriptionKey: "OpenClaw is not connected to a gateway yet."])
+                userInfo: [
+                    NSLocalizedDescriptionKey: NSLocalizedString(
+                        "OpenClaw is not connected to a gateway yet.",
+                        comment: "Share extension missing gateway error"),
+                ])
         }
         guard let url = URL(string: config.gatewayURLString) else {
             throw NSError(
                 domain: "OpenClawShare",
                 code: 11,
-                userInfo: [NSLocalizedDescriptionKey: "Invalid saved gateway URL."])
+                userInfo: [
+                    NSLocalizedDescriptionKey: NSLocalizedString(
+                        "Invalid saved gateway URL.",
+                        comment: "Share extension invalid gateway error"),
+                ])
         }
 
         let gateway = GatewayNodeSession()

apps/ios/project.yml

@@ -60,6 +60,8 @@ targets:
       Release: Signing.xcconfig
     sources:
       - path: Sources
+    resources:
+      - path: Resources/Localizable.xcstrings
     dependencies:
       - target: OpenClawShareExtension
         embed: true
@@ -185,6 +187,8 @@ targets:
       Release: Signing.xcconfig
     sources:
       - path: ShareExtension
+    resources:
+      - path: Resources/Localizable.xcstrings
     dependencies:
       - package: OpenClawKit
       - sdk: AppIntents.framework
@@ -227,6 +231,8 @@ targets:
     sources:
       - path: ActivityWidget
       - path: Sources/LiveActivity/OpenClawActivityAttributes.swift
+    resources:
+      - path: Resources/Localizable.xcstrings
     dependencies:
       - sdk: WidgetKit.framework
       - sdk: ActivityKit.framework
@@ -259,6 +265,8 @@ targets:
       - path: WatchApp
         excludes:
           - Info.plist
+    resources:
+      - path: Resources/Localizable.xcstrings
     dependencies:
       - sdk: AppIntents.framework
       - sdk: WatchConnectivity.framework

apps/macos/Package.swift

@@ -63,6 +63,7 @@ let package = Package(
             resources: [
                 .copy("Resources/OpenClaw.icns"),
                 .copy("Resources/DeviceModels"),
+                .process("Resources/Localizable.xcstrings"),
             ],
             swiftSettings: [
                 .enableUpcomingFeature("StrictConcurrency"),

apps/macos/Sources/OpenClaw/Resources/Localizable.xcstrings

@@ -0,0 +1,526 @@
+{
+  "sourceLanguage": "en",
+  "strings": {
+    "Logout": {
+      "localizations": {
+        "en": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Logout"
+          }
+        },
+        "zh-CN": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "退出登录"
+          }
+        },
+        "zh-TW": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "登出"
+          }
+        },
+        "pt-BR": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Sair"
+          }
+        },
+        "de": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Abmelden"
+          }
+        },
+        "es": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Cerrar sesión"
+          }
+        },
+        "ja-JP": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "ログアウト"
+          }
+        },
+        "ko": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "로그아웃"
+          }
+        },
+        "fr": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Déconnexion"
+          }
+        },
+        "hi": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "लॉग आउट"
+          }
+        },
+        "ar": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "تسجيل الخروج"
+          }
+        },
+        "it": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Esci"
+          }
+        },
+        "tr": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Çıkış yap"
+          }
+        },
+        "uk": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Вийти"
+          }
+        },
+        "id": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Keluar"
+          }
+        },
+        "pl": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Wyloguj"
+          }
+        },
+        "th": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "ออกจากระบบ"
+          }
+        },
+        "vi": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Đăng xuất"
+          }
+        },
+        "nl": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Uitloggen"
+          }
+        },
+        "fa": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "خروج"
+          }
+        },
+        "ru": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Выйти"
+          }
+        }
+      }
+    },
+    "Refresh": {
+      "localizations": {
+        "en": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Refresh"
+          }
+        },
+        "zh-CN": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "刷新"
+          }
+        },
+        "zh-TW": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "重新整理"
+          }
+        },
+        "pt-BR": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Atualizar"
+          }
+        },
+        "de": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Aktualisieren"
+          }
+        },
+        "es": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Actualizar"
+          }
+        },
+        "ja-JP": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "更新"
+          }
+        },
+        "ko": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "새로 고침"
+          }
+        },
+        "fr": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Actualiser"
+          }
+        },
+        "hi": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "रीफ़्रेश"
+          }
+        },
+        "ar": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "تحديث"
+          }
+        },
+        "it": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Aggiorna"
+          }
+        },
+        "tr": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Yenile"
+          }
+        },
+        "uk": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Оновити"
+          }
+        },
+        "id": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Segarkan"
+          }
+        },
+        "pl": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Odśwież"
+          }
+        },
+        "th": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "รีเฟรช"
+          }
+        },
+        "vi": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Làm mới"
+          }
+        },
+        "nl": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Vernieuwen"
+          }
+        },
+        "fa": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "بازخوانی"
+          }
+        },
+        "ru": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Обновить"
+          }
+        }
+      }
+    },
+    "Run now": {
+      "localizations": {
+        "en": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Run now"
+          }
+        },
+        "zh-CN": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "立即运行"
+          }
+        },
+        "zh-TW": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "立即執行"
+          }
+        },
+        "pt-BR": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Executar agora"
+          }
+        },
+        "de": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Jetzt ausführen"
+          }
+        },
+        "es": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Ejecutar ahora"
+          }
+        },
+        "ja-JP": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "今すぐ実行"
+          }
+        },
+        "ko": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "지금 실행"
+          }
+        },
+        "fr": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Exécuter maintenant"
+          }
+        },
+        "hi": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "अभी चलाएँ"
+          }
+        },
+        "ar": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "تشغيل الآن"
+          }
+        },
+        "it": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Esegui ora"
+          }
+        },
+        "tr": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Şimdi çalıştır"
+          }
+        },
+        "uk": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Запустити зараз"
+          }
+        },
+        "id": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Jalankan sekarang"
+          }
+        },
+        "pl": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Uruchom teraz"
+          }
+        },
+        "th": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "เรียกใช้ตอนนี้"
+          }
+        },
+        "vi": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Chạy ngay"
+          }
+        },
+        "nl": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Nu uitvoeren"
+          }
+        },
+        "fa": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "اکنون اجرا شود"
+          }
+        },
+        "ru": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Запустить сейчас"
+          }
+        }
+      }
+    },
+    "Save": {
+      "localizations": {
+        "en": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Save"
+          }
+        },
+        "zh-CN": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "保存"
+          }
+        },
+        "zh-TW": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "儲存"
+          }
+        },
+        "pt-BR": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Salvar"
+          }
+        },
+        "de": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Speichern"
+          }
+        },
+        "es": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Guardar"
+          }
+        },
+        "ja-JP": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "保存"
+          }
+        },
+        "ko": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "저장"
+          }
+        },
+        "fr": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Enregistrer"
+          }
+        },
+        "hi": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "सहेजें"
+          }
+        },
+        "ar": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "حفظ"
+          }
+        },
+        "it": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Salva"
+          }
+        },
+        "tr": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Kaydet"
+          }
+        },
+        "uk": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Зберегти"
+          }
+        },
+        "id": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Simpan"
+          }
+        },
+        "pl": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Zapisz"
+          }
+        },
+        "th": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "บันทึก"
+          }
+        },
+        "vi": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Lưu"
+          }
+        },
+        "nl": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Opslaan"
+          }
+        },
+        "fa": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "ذخیره"
+          }
+        },
+        "ru": {
+          "stringUnit": {
+            "state": "translated",
+            "value": "Сохранить"
+          }
+        }
+      }
+    }
+  },
+  "version": "1.0"
+}

apps/shared/OpenClawKit/Sources/OpenClawProtocol/GatewayModels.swift

@@ -7187,20 +7187,17 @@ public struct ChatHistoryParams: Codable, Sendable {
     public let sessionkey: String
     public let agentid: String?
     public let limit: Int?
-    public let offset: Int?
     public let maxchars: Int?
 
     public init(
         sessionkey: String,
         agentid: String? = nil,
         limit: Int?,
-        offset: Int? = nil,
         maxchars: Int?)
     {
         self.sessionkey = sessionkey
         self.agentid = agentid
         self.limit = limit
-        self.offset = offset
         self.maxchars = maxchars
     }
 
@@ -7208,7 +7205,6 @@ public struct ChatHistoryParams: Codable, Sendable {
         case sessionkey = "sessionKey"
         case agentid = "agentId"
         case limit
-        case offset
         case maxchars = "maxChars"
     }
 }

docs/ci.md

@@ -651,16 +651,7 @@ pnpm crabbox:run -- --provider blacksmith-testbox \
   "corepack pnpm test"
 ```
 
-Read the final JSON summary. The useful fields are `provider`, `leaseId`,
-`syncDelegated`, `exitCode`, `commandMs`, and `totalMs`. For delegated
-Blacksmith Testbox runs, the Crabbox wrapper exit code and JSON summary are the
-command result. The linked GitHub Actions run owns hydration and keepalive; it
-can finish as `cancelled` when the Testbox is stopped externally after the SSH
-command has already returned. Treat that as a cleanup/status artifact unless
-the wrapper `exitCode` is non-zero or the command output shows a failed test.
-One-shot Blacksmith-backed Crabbox runs should stop the Testbox automatically;
-if a run is interrupted or cleanup is unclear, inspect live boxes and stop only
-the boxes you created:
+Read the final JSON summary. The useful fields are `provider`, `leaseId`, `syncDelegated`, `exitCode`, `commandMs`, and `totalMs`. One-shot Blacksmith-backed Crabbox runs should stop the Testbox automatically; if a run is interrupted or cleanup is unclear, inspect live boxes and stop only the boxes you created:
 
 ```bash
 blacksmith testbox list --all

docs/concepts/delegate-architecture.md

@@ -297,8 +297,7 @@ tool-call XML payloads (including `<tool_call>...</tool_call>`,
 downgraded tool-call scaffolding / leaked ASCII/full-width model control
 tokens / malformed MiniMax tool-call XML from assistant recall, and can
 replace oversized rows with `[sessions_history omitted: message too large]`
-instead of returning a raw transcript dump. Use `nextOffset` when present to
-page backward through older transcript windows.
+instead of returning a raw transcript dump.
 
 ## Scaling pattern
 

docs/concepts/session-tool.md

@@ -58,11 +58,6 @@ results may be scope-limited.
 
 `sessions_history` fetches the conversation transcript for a specific session.
 By default, tool results are excluded -- pass `includeTools: true` to see them.
-Use `limit` for the newest bounded tail. Pass `offset: 0` when you need
-pagination metadata, then pass returned `nextOffset` values to page backward
-through older OpenClaw transcript windows without reading raw transcript files.
-Explicit offset pages do not merge external CLI fallback imports; use the
-default newest-tail view when you need that merged display history.
 The returned view is intentionally bounded and safety-filtered:
 
 - assistant text is normalized before recall:
@@ -83,7 +78,7 @@ The returned view is intentionally bounded and safety-filtered:
 - very large histories can drop older rows or replace an oversized row with
   `[sessions_history omitted: message too large]`
 - the tool reports summary flags such as `truncated`, `droppedMessages`,
-  `contentTruncated`, `contentRedacted`, `bytes`, and pagination metadata
+  `contentTruncated`, `contentRedacted`, and `bytes`
 
 Both tools accept either a **session key** (like `"main"`) or a **session ID**
 from a previous list call.

docs/gateway/configuration-reference.md

@@ -316,11 +316,6 @@ conversation bindings, or any non-Codex harness.
   plugin/app support for the Codex harness. Default: `false`.
 - `plugins.entries.codex.config.codexPlugins.allow_destructive_actions`:
   default destructive-action policy for migrated plugin app elicitations.
-  Use `true` to accept safe Codex approval schemas without prompting, `false`
-  to decline them, `"auto"` to route Codex-required approvals through OpenClaw
-  plugin approvals, or `"always"` to ask for every plugin write/destructive
-  action without durable approval. The `"always"` mode clears durable Codex
-  per-tool approval overrides for the affected app before starting the thread.
   Default: `true`.
 - `plugins.entries.codex.config.codexPlugins.plugins.<key>.enabled`: enables a
   migrated plugin entry when global `codexPlugins.enabled` is also true.
@@ -331,8 +326,7 @@ conversation bindings, or any non-Codex harness.
   Codex plugin identity from migration, for example `"google-calendar"`.
 - `plugins.entries.codex.config.codexPlugins.plugins.<key>.allow_destructive_actions`:
   per-plugin destructive-action override. When omitted, the global
-  `allow_destructive_actions` value is used. The per-plugin value accepts the
-  same `true`, `false`, `"auto"`, or `"always"` policies.
+  `allow_destructive_actions` value is used.
 
 `codexPlugins.enabled` is the global enablement directive. Explicit plugin
 entries written by migration are the durable install and repair eligibility set.

docs/platforms/mac/bundled-gateway.md

@@ -57,34 +57,6 @@ Logging:
 The macOS app checks the gateway version against its own version. If they're
 incompatible, update the global CLI to match the app version.
 
-## State directory on macOS
-
-Keep OpenClaw state on a local, non-synced disk. Avoid iCloud Drive and other
-cloud-synced folders because sync latency and file locks can affect sessions,
-credentials, and Gateway state.
-
-Set `OPENCLAW_STATE_DIR` to a local path only when you need an override.
-`openclaw doctor` warns about common cloud-synced state paths and recommends
-moving back to local storage. See
-[environment variables](/help/environment#path-related-env-vars) and
-[Doctor](/gateway/doctor).
-
-## Debug app connectivity
-
-Use the macOS debug CLI from a source checkout to exercise the same Gateway
-WebSocket handshake and discovery logic the app uses:
-
-```bash
-cd apps/macos
-swift run openclaw-mac connect --json
-swift run openclaw-mac discover --timeout 3000 --json
-```
-
-`connect` accepts `--url`, `--token`, `--timeout`, and `--json`. `discover`
-accepts `--timeout`, `--json`, and `--include-local`. Compare discovery output
-with `openclaw gateway discover --json` when you need to separate CLI discovery
-from app-side connection issues.
-
 ## Smoke check
 
 ```bash

docs/platforms/mac/canvas.md

@@ -114,18 +114,7 @@ Example (in JS):
 window.location.href = "openclaw://agent?message=Review%20this%20design";
 ```
 
-Supported query parameters:
-
-- `message`: prefilled agent prompt.
-- `sessionKey`: stable session identifier.
-- `thinking`: optional thinking profile.
-- `deliver`, `to`, or `channel`: delivery target.
-- `timeoutSeconds`: optional run timeout.
-- `key`: app-generated safety token for trusted local callers.
-
-The app prompts for confirmation unless a valid key is provided. Unkeyed links
-show the message and URL before approval, and ignore delivery routing fields;
-keyed links use the normal Gateway run path.
+The app prompts for confirmation unless a valid key is provided.
 
 ## Security notes
 

docs/platforms/mac/remote.md

@@ -24,9 +24,6 @@ In SSH tunnel mode, discovered LAN/tailnet hostnames are saved as
 `gateway.remote.sshTarget`. The app keeps `gateway.remote.url` on the local
 tunnel endpoint, for example `ws://127.0.0.1:18789`, so CLI, Web Chat, and
 the local node-host service all use the same safe loopback transport.
-When discovery returns both raw Tailnet IPs and stable hostnames, the app
-prefers Tailscale MagicDNS or LAN names so remote connections survive address
-changes better.
 If the local tunnel port differs from the remote gateway port, set
 `gateway.remote.remotePort` to the port on the remote host.
 

docs/platforms/mac/xpc.md

@@ -21,10 +21,6 @@ title: "macOS IPC"
 
 - The app runs the Gateway (local mode) and connects to it as a node.
 - Agent actions are performed via `node.invoke` (e.g. `system.run`, `system.notify`, `canvas.*`).
-- Common Mac node commands include `canvas.*`, `camera.snap`, `camera.clip`,
-  `screen.snapshot`, `screen.record`, `system.run`, and `system.notify`.
-- The node reports a `permissions` map so agents can see whether screen,
-  camera, microphone, speech, automation, or accessibility access is available.
 
 ### Node service + app IPC
 

docs/platforms/macos.md

@@ -1,87 +1,228 @@
 ---
-summary: "Install and use the OpenClaw macOS menu bar app"
+summary: "OpenClaw macOS companion app (menu bar + gateway broker)"
 read_when:
-  - Installing the macOS app
-  - Deciding between local and remote Gateway mode on macOS
-  - Looking for macOS app release downloads
+  - Implementing macOS app features
+  - Changing gateway lifecycle or node bridging on macOS
 title: "macOS app"
 ---
 
-The macOS app is the OpenClaw **menu bar companion**. Use it when you want a
-native tray UI, macOS permission prompts, notifications, WebChat, voice input,
-Canvas, or Mac-hosted node tools such as `system.run`.
+The macOS app is the **menu-bar companion** for OpenClaw. It owns permissions,
+manages/attaches to the Gateway locally (launchd or manual), and exposes macOS
+capabilities to the agent as a node.
 
-If you only need the CLI and Gateway, start with [Getting started](/start/getting-started).
+## What it does
 
-## Download
+- Shows native notifications and status in the menu bar.
+- Owns TCC prompts (Notifications, Accessibility, Screen Recording, Microphone,
+  Speech Recognition, Automation/AppleScript).
+- Runs or connects to the Gateway (local or remote).
+- Exposes macOS-only tools (Canvas, Camera, Screen Recording, `system.run`).
+- Starts the local node host service in **remote** mode (launchd), and stops it in **local** mode.
+- Optionally hosts **PeekabooBridge** for UI automation.
+- Installs the global CLI (`openclaw`) on request via npm, pnpm, or bun (the app prefers npm, then pnpm, then bun; Node remains the recommended Gateway runtime).
 
-Download macOS app builds from the
-[OpenClaw GitHub releases](https://github.com/openclaw/openclaw/releases).
-When a release includes macOS app assets, look for:
+## Local vs remote mode
 
-- `OpenClaw-<version>.dmg` (preferred)
-- `OpenClaw-<version>.zip`
+- **Local** (default): the app attaches to a running local Gateway if present;
+  otherwise it enables the launchd service via `openclaw gateway install`.
+- **Remote**: the app connects to a Gateway over SSH/Tailscale and never starts
+  a local process.
+  The app starts the local **node host service** so the remote Gateway can reach this Mac.
+  The app does not spawn the Gateway as a child process.
+  Gateway discovery now prefers Tailscale MagicDNS names over raw tailnet IPs,
+  so the Mac app recovers more reliably when tailnet IPs change.
 
-Some releases only include CLI, evidence, or Windows assets. If the newest
-release has no macOS app asset, use the newest release that does, or build the
-app from source with [macOS dev setup](/platforms/mac/dev-setup).
+## Launchd control
 
-## First run
+The app manages a per-user LaunchAgent labeled `ai.openclaw.gateway`
+(or `ai.openclaw.<profile>` when using `--profile`/`OPENCLAW_PROFILE`; legacy `com.openclaw.*` still unloads).
+
+```bash
+launchctl kickstart -k gui/$UID/ai.openclaw.gateway
+launchctl bootout gui/$UID/ai.openclaw.gateway
+```
+
+Replace the label with `ai.openclaw.<profile>` when running a named profile.
+
+If the LaunchAgent isn't installed, enable it from the app or run
+`openclaw gateway install`.
+
+If the gateway repeatedly disappears for minutes to hours and only resumes when you touch the Control UI or SSH into the host, see the troubleshooting note for macOS Maintenance Sleep / `ENETDOWN` crashes and launchd's respawn-protection gate in [Gateway troubleshooting](/gateway/troubleshooting#macos-gateway-silently-stops-responding-then-resumes-when-you-touch-the-dashboard).
+
+## Node capabilities (mac)
+
+The macOS app presents itself as a node. Common commands:
+
+- Canvas: `canvas.present`, `canvas.navigate`, `canvas.eval`, `canvas.snapshot`, `canvas.a2ui.*`
+- Camera: `camera.snap`, `camera.clip`
+- Screen: `screen.snapshot`, `screen.record`
+- System: `system.run`, `system.notify`
+
+The node reports a `permissions` map so agents can decide what's allowed.
+
+Node service + app IPC:
+
+- When the headless node host service is running (remote mode), it connects to the Gateway WS as a node.
+- `system.run` executes in the macOS app (UI/TCC context) over a local Unix socket; prompts + output stay in-app.
+
+Diagram (SCI):
+
+```
+Gateway -> Node Service (WS)
+                 |  IPC (UDS + token + HMAC + TTL)
+                 v
+             Mac App (UI + TCC + system.run)
+```
+
+## Exec approvals (system.run)
+
+`system.run` is controlled by **Exec approvals** in the macOS app (Settings → Exec approvals).
+Security + ask + allowlist are stored locally on the Mac in:
+
+```
+~/.openclaw/exec-approvals.json
+```
+
+Example:
+
+```json
+{
+  "version": 1,
+  "defaults": {
+    "security": "deny",
+    "ask": "on-miss"
+  },
+  "agents": {
+    "main": {
+      "security": "allowlist",
+      "ask": "on-miss",
+      "allowlist": [{ "pattern": "/opt/homebrew/bin/rg" }]
+    }
+  }
+}
+```
+
+Notes:
+
+- `allowlist` entries are glob patterns for resolved binary paths, or bare command names for PATH-invoked commands.
+- Raw shell command text that contains shell control or expansion syntax (`&&`, `||`, `;`, `|`, `` ` ``, `$`, `<`, `>`, `(`, `)`) is treated as an allowlist miss and requires explicit approval (or allowlisting the shell binary).
+- Choosing "Always Allow" in the prompt adds that command to the allowlist.
+- `system.run` environment overrides are filtered (drops `PATH`, `DYLD_*`, `LD_*`, `BASHOPTS`, `FPATH`, `KSH_ENV`, `NODE_OPTIONS`, `NODE_REDIRECT_WARNINGS`, `NODE_REPL_EXTERNAL_MODULE`, `NODE_REPL_HISTORY`, `NODE_V8_COVERAGE`, `PYTHON*`, `PERL*`, `RUBYOPT`, `SHELLOPTS`, `PS4`, `TCLLIBPATH`) and then merged with the app's environment.
+- For shell wrappers (`bash|sh|zsh ... -c/-lc`), request-scoped environment overrides are reduced to a small explicit allowlist (`TERM`, `LANG`, `LC_*`, `COLORTERM`, `NO_COLOR`, `FORCE_COLOR`).
+- For allow-always decisions in allowlist mode, known dispatch wrappers (`env`, `flock`, `nice`, `nohup`, `stdbuf`, `timeout`) persist inner executable paths instead of wrapper paths. If unwrapping is not safe, no allowlist entry is persisted automatically.
+
+## Deep links
+
+The app registers the `openclaw://` URL scheme for local actions.
+
+### `openclaw://agent`
+
+Triggers a Gateway `agent` request.
+
+```bash
+open 'openclaw://agent?message=Hello%20from%20deep%20link'
+```
+
+Query parameters:
+
+- `message` (required)
+- `sessionKey` (optional)
+- `thinking` (optional)
+- `deliver` / `to` / `channel` (optional)
+- `timeoutSeconds` (optional)
+- `key` (optional unattended mode key)
+
+Safety:
+
+- Without `key`, the app prompts for confirmation.
+- Without `key`, the app enforces a short message limit for the confirmation prompt and ignores `deliver` / `to` / `channel`.
+- With a valid `key`, the run is unattended (intended for personal automations).
+
+## Onboarding flow (typical)
 
 1. Install and launch **OpenClaw.app**.
-2. Complete the macOS permission checklist.
-3. Pick **Local** or **Remote** mode.
-4. Install the `openclaw` CLI if the app asks for it.
-5. Open WebChat from the menu bar and send a test message.
+2. Complete the permissions checklist (TCC prompts).
+3. Ensure **Local** mode is active and the Gateway is running.
+4. Install the CLI if you want terminal access.
 
-For the CLI/Gateway setup path, use [Getting started](/start/getting-started).
-For permission recovery, use [macOS permissions](/platforms/mac/permissions).
+## State dir placement (macOS)
 
-## Choose a Gateway mode
+Avoid putting your OpenClaw state dir in iCloud or other cloud-synced folders.
+Sync-backed paths can add latency and occasionally cause file-lock/sync races for
+sessions and credentials.
 
-| Mode   | Use it when                                                                             | Detail page                                        |
-| ------ | --------------------------------------------------------------------------------------- | -------------------------------------------------- |
-| Local  | This Mac should run the Gateway and keep it alive with launchd.                         | [Gateway on macOS](/platforms/mac/bundled-gateway) |
-| Remote | Another host runs the Gateway and this Mac should control it over SSH, LAN, or Tailnet. | [Remote control](/platforms/mac/remote)            |
+Prefer a local non-synced state path such as:
 
-Local mode requires an installed `openclaw` CLI. The app can install it, or you
-can follow [Gateway on macOS](/platforms/mac/bundled-gateway).
+```bash
+OPENCLAW_STATE_DIR=~/.openclaw
+```
 
-## What the app owns
+If `openclaw doctor` detects state under:
 
-- Menu bar status, notifications, health, and WebChat.
-- macOS permission prompts for screen, microphone, speech, automation, and accessibility.
-- Local node tools such as Canvas, camera/screen capture, notifications, and `system.run`.
-- Exec approval prompts for Mac-hosted commands.
-- Remote-mode SSH tunnels or direct Gateway connections.
+- `~/Library/Mobile Documents/com~apple~CloudDocs/...`
+- `~/Library/CloudStorage/...`
 
-The app does **not** replace the OpenClaw Gateway or general CLI docs. Core
-Gateway configuration, providers, plugins, channels, tools, and security live in
-their own docs.
+it will warn and recommend moving back to a local path.
 
-## macOS detail pages
+## Build and dev workflow (native)
 
-| Task                                     | Read                                                                                        |
-| ---------------------------------------- | ------------------------------------------------------------------------------------------- |
-| Install or debug the CLI/Gateway service | [Gateway on macOS](/platforms/mac/bundled-gateway)                                          |
-| Keep state out of cloud-synced folders   | [Gateway on macOS](/platforms/mac/bundled-gateway#state-directory-on-macos)                 |
-| Debug app discovery and connectivity     | [Gateway on macOS](/platforms/mac/bundled-gateway#debug-app-connectivity)                   |
-| Understand launchd behavior              | [Gateway lifecycle](/platforms/mac/child-process)                                           |
-| Fix permissions or signing/TCC issues    | [macOS permissions](/platforms/mac/permissions)                                             |
-| Connect to a remote Gateway              | [Remote control](/platforms/mac/remote)                                                     |
-| Read menu bar status and health checks   | [Menu bar](/platforms/mac/menu-bar), [Health checks](/platforms/mac/health)                 |
-| Use the embedded chat UI                 | [WebChat](/platforms/mac/webchat)                                                           |
-| Use voice wake or push-to-talk           | [Voice wake](/platforms/mac/voicewake)                                                      |
-| Use Canvas and Canvas deep links         | [Canvas](/platforms/mac/canvas)                                                             |
-| Host PeekabooBridge for UI automation    | [Peekaboo bridge](/platforms/mac/peekaboo)                                                  |
-| Configure command approvals              | [Exec approvals](/tools/exec-approvals), [advanced details](/tools/exec-approvals-advanced) |
-| Inspect Mac node commands and app IPC    | [macOS IPC](/platforms/mac/xpc)                                                             |
-| Capture logs                             | [macOS logging](/platforms/mac/logging)                                                     |
-| Build from source                        | [macOS dev setup](/platforms/mac/dev-setup)                                                 |
+- `cd apps/macos && swift build`
+- `swift run OpenClaw` (or Xcode)
+- Package app: `scripts/package-mac-app.sh`
 
-## Related
+## Debug gateway connectivity (macOS CLI)
 
-- [Platforms](/platforms)
-- [Getting started](/start/getting-started)
-- [Gateway](/gateway)
-- [Exec approvals](/tools/exec-approvals)
+Use the debug CLI to exercise the same Gateway WebSocket handshake and discovery
+logic that the macOS app uses, without launching the app.
+
+```bash
+cd apps/macos
+swift run openclaw-mac connect --json
+swift run openclaw-mac discover --timeout 3000 --json
+```
+
+Connect options:
+
+- `--url <ws://host:port>`: override config
+- `--mode <local|remote>`: resolve from config (default: config or local)
+- `--probe`: force a fresh health probe
+- `--timeout <ms>`: request timeout (default: `15000`)
+- `--json`: structured output for diffing
+
+Discovery options:
+
+- `--include-local`: include gateways that would be filtered as "local"
+- `--timeout <ms>`: overall discovery window (default: `2000`)
+- `--json`: structured output for diffing
+
+<Tip>
+Compare against `openclaw gateway discover --json` to see whether the macOS app's discovery pipeline (`local.` plus the configured wide-area domain, with wide-area and Tailscale Serve fallbacks) differs from the Node CLI's `dns-sd` based discovery.
+</Tip>
+
+## Remote connection plumbing (SSH tunnels)
+
+When the macOS app runs in **Remote** mode, it opens an SSH tunnel so local UI
+components can talk to a remote Gateway as if it were on localhost.
+
+### Control tunnel (Gateway WebSocket port)
+
+- **Purpose:** health checks, status, Web Chat, config, and other control-plane calls.
+- **Local port:** the Gateway port (default `18789`), always stable.
+- **Remote port:** the same Gateway port on the remote host.
+- **Behavior:** no random local port; the app reuses an existing healthy tunnel
+  or restarts it if needed.
+- **SSH shape:** `ssh -N -L <local>:127.0.0.1:<remote>` with BatchMode +
+  ExitOnForwardFailure + keepalive options.
+- **IP reporting:** the SSH tunnel uses loopback, so the gateway will see the node
+  IP as `127.0.0.1`. Use **Direct (ws/wss)** transport if you want the real client
+  IP to appear (see [macOS remote access](/platforms/mac/remote)).
+
+For setup steps, see [macOS remote access](/platforms/mac/remote). For protocol
+details, see [Gateway protocol](/gateway/protocol).
+
+## Related docs
+
+- [Gateway runbook](/gateway)
+- [Gateway (macOS)](/platforms/mac/bundled-gateway)
+- [macOS permissions](/platforms/mac/permissions)
+- [Canvas](/platforms/mac/canvas)

docs/plugins/codex-native-plugins.md

@@ -200,11 +200,11 @@ enabled.
 
 OpenClaw sets app-level `destructive_enabled` from the effective global or
 per-plugin `allow_destructive_actions` policy and lets Codex enforce
-destructive tool metadata from its native app tool annotations. `true`,
-`"auto"`, and `"always"` set `destructive_enabled: true`; `false` sets it
-false. The `_default` app config is disabled with `open_world_enabled: false`.
-Enabled plugin apps are emitted with `open_world_enabled: true`; OpenClaw does
-not expose a separate plugin open-world policy knob and does not maintain
+destructive tool metadata from its native app tool annotations. `true` and
+`"auto"` both set `destructive_enabled: true`; `false` sets it false. The
+`_default` app config is disabled with `open_world_enabled: false`. Enabled
+plugin apps are emitted with `open_world_enabled: true`; OpenClaw does not
+expose a separate plugin open-world policy knob and does not maintain
 per-plugin destructive tool-name deny lists.
 
 Tool approval mode is automatic by default for plugin apps so non-destructive
@@ -225,10 +225,6 @@ plugins, while unsafe schemas and ambiguous ownership still fail closed:
 - When policy is `"auto"`, OpenClaw exposes destructive plugin actions to
   Codex but turns ownership-proven MCP approval elicitations into OpenClaw
   plugin approvals before returning the Codex approval response.
-- When policy is `"always"`, OpenClaw uses the same Codex write/destructive
-  gating as `"auto"`, clears durable Codex per-tool approval overrides for the
-  app before the thread starts, and only offers one-shot approval or denial so
-  durable approvals cannot suppress later write-action prompts.
 - Missing plugin identity, ambiguous ownership, a missing turn id, a wrong turn
   id, or an unsafe elicitation schema declines instead of prompting.
 
@@ -276,9 +272,8 @@ Codex thread bindings keep the app config they started with until OpenClaw
 establishes a new harness session or replaces a stale binding.
 
 **Destructive action is declined:** check the global and per-plugin
-`allow_destructive_actions` values. Even when policy is true, `"auto"`, or
-`"always"`, unsafe elicitation schemas and ambiguous plugin identity still fail
-closed.
+`allow_destructive_actions` values. Even when policy is true or `"auto"`,
+unsafe elicitation schemas and ambiguous plugin identity still fail closed.
 
 ## Related
 

docs/plugins/voice-call.md

@@ -211,18 +211,6 @@ each carrier call should start with fresh context, for example reception,
 booking, IVR, or Google Meet bridge flows where the same phone number may
 represent different meetings.
 
-Voice Call stores generated session keys under the configured agent namespace
-(`agent:<agentId>:voice:*`) so call memory survives Gateway session-key
-canonicalization after restarts. Raw explicit integration keys use the same
-agent namespace. A canonical `agent:<configuredAgentId>:*` key keeps that owner,
-and its main aliases honor core `session.mainKey` and global scope. Foreign or
-malformed `agent:*` input is scoped as an opaque key under the configured agent;
-`global` and `unknown` remain global sentinels. Gateway startup promotes older
-raw keys in default or `{agentId}`-templated stores where the path proves one
-owner. In fixed custom stores, ambiguous legacy rows remain untouched because
-they do not contain enough information to choose an owner; new calls use
-canonical agent-scoped history.
-
 ## Realtime voice conversations
 
 `realtime` selects a full-duplex realtime voice provider for live call

docs/providers/xai.md

@@ -29,11 +29,10 @@ Use the path that matches your OpenClaw install state:
     openclaw onboard --install-daemon
     ```
 
-    On a VPS or over SSH, select xAI OAuth directly; OpenClaw uses device-code
-    verification and does not require a localhost callback:
+    On a VPS or over SSH, use device-code during onboarding:
 
     ```bash
-    openclaw onboard --install-daemon --auth-choice xai-oauth
+    openclaw onboard --install-daemon --auth-choice xai-device-code
     ```
 
     OAuth does not require an xAI API key. OpenClaw does not require the Grok
@@ -49,6 +48,13 @@ Use the path that matches your OpenClaw install state:
     openclaw models auth login --provider xai --method oauth
     ```
 
+    Use the device-code flow instead when the Gateway runs over SSH, Docker, or
+    a VPS and a localhost browser callback is awkward:
+
+    ```bash
+    openclaw models auth login --provider xai --device-code
+    ```
+
     To make Grok the default model after signing in, apply it separately:
 
     ```bash
@@ -80,7 +86,8 @@ Use the path that matches your OpenClaw install state:
 
 <Note>
 OpenClaw uses the xAI Responses API as the bundled xAI transport. The same
-credential from `openclaw models auth login --provider xai --method oauth` or
+credential from `openclaw models auth login --provider xai --method oauth`,
+`openclaw models auth login --provider xai --device-code`, or
 `openclaw models auth login --provider xai --method api-key` can also power first-class
 `web_search`, `x_search`, remote `code_execution`, and xAI image/video generation.
 Speech and transcription currently require `XAI_API_KEY` or provider config.
@@ -95,9 +102,8 @@ and, by default, `x_search` through an operator xAI Responses proxy.
 
 ## OAuth troubleshooting
 
-- For SSH, Docker, VPS, or other remote setups, use
-  `openclaw models auth login --provider xai --method oauth`; xAI OAuth uses
-  device-code verification instead of a localhost callback.
+- If browser OAuth cannot reach `127.0.0.1:56121`, use
+  `openclaw models auth login --provider xai --device-code`.
 - If sign-in succeeds but Grok is not the default model, run
   `openclaw models set xai/grok-4.3`.
 - To inspect saved xAI auth profiles, run:
@@ -111,9 +117,9 @@ and, by default, `x_search` through an operator xAI Responses proxy.
   eligible, try the API-key path or check the subscription on xAI's side.
 
 <Tip>
-Use `xai-oauth` when signing in from SSH, Docker, or a VPS. OpenClaw prints an
-xAI URL and short code; finish sign-in in any local browser while the remote
-process polls xAI for the completed token exchange.
+Use `xai-device-code` when signing in from SSH, Docker, or a VPS. OpenClaw
+prints an xAI URL and short code; finish sign-in in any local browser while the
+remote process polls xAI for the completed token exchange.
 </Tip>
 
 ## Built-in catalog
@@ -492,10 +498,12 @@ Legacy aliases still normalize to the canonical bundled ids:
 
   <Accordion title="Known limits">
     - xAI auth can use an API key, environment variable, plugin config fallback,
-      or OAuth with an eligible xAI account. OAuth uses device-code verification
-      without a localhost callback. xAI decides which accounts can receive OAuth
-      API tokens, and the consent page may show Grok Build even though OpenClaw
-      does not require the Grok Build app.
+      browser OAuth, or device-code OAuth with an eligible xAI account. Browser
+      OAuth uses a local callback on `127.0.0.1:56121`; for remote hosts, use
+      `xai-device-code` unless you want to forward that port before opening the
+      sign-in URL. xAI decides which accounts can receive OAuth API tokens, and
+      the consent page may show Grok Build even though OpenClaw does not require
+      the Grok Build app.
     - OpenClaw does not currently expose the xAI multi-agent model family. xAI
       serves these models through the Responses API, but they do not accept the
       client-side or custom tools used by OpenClaw's shared agent loop. See the

docs/reference/test.md

@@ -20,7 +20,6 @@ title: "Tests"
 - `pnpm changed:lanes`: shows the architectural lanes triggered by the diff against `origin/main`.
 - `pnpm check:changed`: delegates to Crabbox/Testbox by default outside CI, then runs the smart changed check gate for the diff against `origin/main` inside the remote child. It runs typecheck, lint, and guard commands for the affected architectural lanes, but does not run Vitest tests. Use `pnpm test:changed` or explicit `pnpm test <target>` for test proof.
 - Codex worktrees and linked/sparse checkouts: avoid direct local `pnpm test*`, `pnpm check*`, and `pnpm crabbox:run` unless you have verified pnpm will not reconcile dependencies. For tiny explicit-file proof use `node scripts/run-vitest.mjs <path-or-filter>`; for changed gates or broad proof use `node scripts/crabbox-wrapper.mjs run --provider blacksmith-testbox ... -- env OPENCLAW_CHECK_CHANGED_REMOTE_CHILD=1 OPENCLAW_CHANGED_LANES_RAW_SYNC=1 corepack pnpm check:changed` so pnpm runs inside Testbox.
-- Testbox-through-Crabbox proof: use the wrapper's final `exitCode` and timing JSON as the command result. The delegated Blacksmith GitHub Actions run may show `cancelled` after a successful SSH command because the Testbox is stopped from outside the keepalive action; verify the wrapper summary and command output before treating that as a test failure.
 - `OPENCLAW_HEAVY_CHECK_LOCK_SCOPE=worktree <local-heavy-check command>`: keeps heavy-check serialization inside the current worktree instead of the Git common dir for commands such as `pnpm check:changed` and targeted `pnpm test ...`. Use it only on high-capacity local hosts when you intentionally run independent checks across linked worktrees.
 - `pnpm test`: routes explicit file/directory targets through scoped Vitest lanes. Untargeted runs are full-suite proof: they use fixed shard groups, expand to leaf configs for local parallel execution, and print the expected local shard fanout before starting. The extension group always expands to the per-extension shard configs instead of one giant root-project process.
 - Test wrapper runs end with a short `[test] passed|failed|skipped ... in ...` summary. Vitest's own duration line stays the per-shard detail.

docs/tools/code-execution.md

@@ -38,13 +38,13 @@ Do **not** use it when you need local files, your shell, your repo, or paired de
 <Steps>
   <Step title="Provide xAI credentials">
     Sign in with Grok OAuth using an eligible SuperGrok or X Premium subscription,
-    or store an API key. xAI OAuth uses device-code verification, so it works
-    from remote hosts without a localhost callback. OAuth works for
-    `code_execution` and `x_search`; `XAI_API_KEY` or plugin web-search config
-    can also power Grok `web_search`.
+    use the remote-friendly device-code flow, or store an API key. OAuth works
+    for `code_execution` and `x_search`; `XAI_API_KEY` or plugin web-search
+    config can also power Grok `web_search`.
 
     ```bash
     openclaw models auth login --provider xai --method oauth
+    openclaw models auth login --provider xai --device-code
     ```
 
     During a fresh install, the same auth choices are available inside
@@ -52,7 +52,7 @@ Do **not** use it when you need local files, your shell, your repo, or paired de
 
     ```bash
     openclaw onboard --install-daemon
-    openclaw onboard --install-daemon --auth-choice xai-oauth
+    openclaw onboard --install-daemon --auth-choice xai-device-code
     ```
 
     Or use an API key:

docs/tools/subagents.md

@@ -523,7 +523,6 @@ should be rewritten in normal assistant voice.
 - Credential/token-like text is redacted.
 - Long blocks can be truncated.
 - Very large histories can drop older rows or replace an oversized row with `[sessions_history omitted: message too large]`.
-- Use `nextOffset` when present to page backward through older transcript windows.
 - Raw on-disk transcript inspection is the fallback when you need the full byte-for-byte transcript.
 
 ## Tool policy

extensions/acpx/src/runtime.test.ts

@@ -192,109 +192,6 @@ describe("AcpxRuntime fresh reset wrapper", () => {
     );
   });
 
-  it("adds the OpenClaw session key to the managed OpenClaw tools MCP bridge", () => {
-    const baseStore: TestSessionStore = {
-      load: vi.fn(async () => undefined),
-      save: vi.fn(async () => {}),
-    };
-    const { runtime } = makeRuntime(baseStore, {
-      openclawToolsMcpBridgeEnabled: true,
-      mcpServers: [
-        {
-          name: "openclaw-tools",
-          command: "node",
-          args: ["dist/mcp/openclaw-tools-serve.js"],
-          env: [],
-        },
-      ],
-    });
-
-    const readScopedMcpEnv = (sessionKey: string) => {
-      const delegate = (
-        runtime as unknown as {
-          resolveOpenClawToolsDelegateForSession(sessionKey: string): unknown;
-        }
-      ).resolveOpenClawToolsDelegateForSession(sessionKey) as {
-        options: {
-          mcpServers?: Array<{
-            env?: Array<{ name: string; value: string }>;
-            name: string;
-          }>;
-        };
-      };
-      return delegate.options.mcpServers?.find((server) => server.name === "openclaw-tools")?.env;
-    };
-
-    expect(readScopedMcpEnv("agent:worker:main")).toContainEqual({
-      name: "OPENCLAW_TOOLS_MCP_AGENT_SESSION_KEY",
-      value: "agent:worker:main",
-    });
-    expect(readScopedMcpEnv("agent:research:main")).toContainEqual({
-      name: "OPENCLAW_TOOLS_MCP_AGENT_SESSION_KEY",
-      value: "agent:research:main",
-    });
-  });
-
-  it("keeps managed OpenClaw tools MCP delegates reachable for fresh sessions", async () => {
-    const baseStore: TestSessionStore = {
-      load: vi.fn(async () => undefined),
-      save: vi.fn(async () => {}),
-    };
-    const { runtime } = makeRuntime(baseStore, {
-      openclawToolsMcpBridgeEnabled: true,
-      mcpServers: [
-        {
-          name: "openclaw-tools",
-          command: "node",
-          args: ["dist/mcp/openclaw-tools-serve.js"],
-          env: [],
-        },
-      ],
-    });
-    const exposedRuntime = runtime as unknown as {
-      openclawToolsSessionDelegates: Map<string, unknown>;
-      resolveOpenClawToolsDelegateForSession(sessionKey: string): unknown;
-    };
-
-    const firstDelegate =
-      exposedRuntime.resolveOpenClawToolsDelegateForSession("agent:worker:main");
-    expect(exposedRuntime.openclawToolsSessionDelegates.has("agent:worker:main")).toBe(true);
-
-    await runtime.prepareFreshSession({ sessionKey: "agent:worker:main" });
-
-    expect(exposedRuntime.openclawToolsSessionDelegates.has("agent:worker:main")).toBe(true);
-    expect(exposedRuntime.resolveOpenClawToolsDelegateForSession("agent:worker:main")).toBe(
-      firstDelegate,
-    );
-  });
-
-  it("uses the no-MCP delegate for startup probes when the OpenClaw tools bridge is enabled", async () => {
-    const baseStore: TestSessionStore = {
-      load: vi.fn(async () => undefined),
-      save: vi.fn(async () => {}),
-    };
-    const { runtime, delegate, bridgeSafeDelegate } = makeRuntime(baseStore, {
-      openclawToolsMcpBridgeEnabled: true,
-      mcpServers: [
-        {
-          name: "openclaw-tools",
-          command: "node",
-          args: ["dist/mcp/openclaw-tools-serve.js"],
-          env: [],
-        },
-      ],
-    });
-    const defaultProbe = vi.spyOn(delegate, "probeAvailability").mockResolvedValue(undefined);
-    const safeProbe = vi
-      .spyOn(bridgeSafeDelegate, "probeAvailability")
-      .mockResolvedValue(undefined);
-
-    await runtime.probeAvailability();
-
-    expect(safeProbe).toHaveBeenCalledTimes(1);
-    expect(defaultProbe).not.toHaveBeenCalled();
-  });
-
   it("normalizes OpenClaw Codex model ids for ACP startup", async () => {
     const baseStore: TestSessionStore = {
       load: vi.fn(async () => undefined),
@@ -1266,46 +1163,6 @@ describe("AcpxRuntime fresh reset wrapper", () => {
     expect(baseStore["load"]).toHaveBeenCalledOnce();
   });
 
-  it("releases managed OpenClaw tools MCP delegates after close", async () => {
-    const baseStore: TestSessionStore = {
-      load: vi.fn(async () => undefined),
-      save: vi.fn(async () => {}),
-    };
-
-    const { runtime } = makeRuntime(baseStore, {
-      openclawToolsMcpBridgeEnabled: true,
-      mcpServers: [
-        {
-          name: "openclaw-tools",
-          command: "node",
-          args: ["dist/mcp/openclaw-tools-serve.js"],
-          env: [],
-        },
-      ],
-    });
-    const exposedRuntime = runtime as unknown as {
-      openclawToolsSessionDelegates: Map<string, { close: AcpRuntime["close"] }>;
-      resolveOpenClawToolsDelegateForSession(sessionKey: string): {
-        close: AcpRuntime["close"];
-      };
-    };
-    const scopedDelegate =
-      exposedRuntime.resolveOpenClawToolsDelegateForSession("agent:codex:main");
-    const close = vi.spyOn(scopedDelegate, "close").mockResolvedValue(undefined);
-
-    await runtime.close({
-      handle: {
-        sessionKey: "agent:codex:main",
-        backend: "acpx",
-        runtimeSessionName: "agent:codex:main",
-      },
-      reason: "closed",
-    });
-
-    expect(close).toHaveBeenCalledOnce();
-    expect(exposedRuntime.openclawToolsSessionDelegates.has("agent:codex:main")).toBe(false);
-  });
-
   it("cleans up OpenClaw-owned ACPX process trees after close", async () => {
     const baseStore: TestSessionStore = {
       load: vi.fn(async () => ({

extensions/acpx/src/runtime.ts

@@ -50,7 +50,6 @@ type OpenClawAcpxRuntimeOptions = AcpRuntimeOptions & {
   openclawWrapperRoot?: string;
   openclawGatewayInstanceId?: string;
   openclawProcessLeaseStore?: AcpxProcessLeaseStore;
-  openclawToolsMcpBridgeEnabled?: boolean;
 };
 type AcpxRuntimeTestOptions = Record<string, unknown> & {
   openclawProcessCleanup?: AcpxProcessCleanupDeps;
@@ -58,10 +57,6 @@ type AcpxRuntimeTestOptions = Record<string, unknown> & {
 type OpenClawRuntimeTurnInput = Parameters<NonNullable<AcpRuntime["startTurn"]>>[0];
 type OpenClawRuntimeEnsureInput = Parameters<AcpRuntime["ensureSession"]>[0];
 type AcpxDelegateEnsureInput = Parameters<BaseAcpxRuntime["ensureSession"]>[0];
-type AcpxMcpServer = NonNullable<AcpRuntimeOptions["mcpServers"]>[number];
-
-const ACPX_OPENCLAW_TOOLS_MCP_SERVER_NAME = "openclaw-tools";
-const OPENCLAW_TOOLS_MCP_AGENT_SESSION_KEY_ENV = "OPENCLAW_TOOLS_MCP_AGENT_SESSION_KEY";
 
 type ResetAwareSessionStore = AcpSessionStore & {
   markFresh: (sessionKey: string) => void;
@@ -687,33 +682,6 @@ function shouldUseDistinctBridgeDelegate(options: AcpRuntimeOptions): boolean {
   return Array.isArray(mcpServers) && mcpServers.length > 0;
 }
 
-function withOpenClawToolsMcpSessionEnv(params: {
-  enabled: boolean | undefined;
-  mcpServers: AcpRuntimeOptions["mcpServers"];
-  sessionKey: string;
-}): AcpRuntimeOptions["mcpServers"] {
-  const sessionKey = params.sessionKey.trim();
-  if (!params.enabled || !sessionKey || !params.mcpServers?.length) {
-    return params.mcpServers;
-  }
-  let changed = false;
-  const nextServers = params.mcpServers.map((server): AcpxMcpServer => {
-    if (server.name !== ACPX_OPENCLAW_TOOLS_MCP_SERVER_NAME || !("command" in server)) {
-      return server;
-    }
-    changed = true;
-    const env = [
-      ...server.env.filter((entry) => entry.name !== OPENCLAW_TOOLS_MCP_AGENT_SESSION_KEY_ENV),
-      {
-        name: OPENCLAW_TOOLS_MCP_AGENT_SESSION_KEY_ENV,
-        value: sessionKey,
-      },
-    ];
-    return { ...server, env };
-  });
-  return changed ? nextServers : params.mcpServers;
-}
-
 /** OpenClaw-managed ACP runtime implementation backed by the upstream acpx runtime. */
 export class AcpxRuntime implements AcpRuntime {
   private readonly sessionStore: ResetAwareSessionStore;
@@ -725,10 +693,6 @@ export class AcpxRuntime implements AcpRuntime {
   private readonly delegate: BaseAcpxRuntime;
   private readonly bridgeSafeDelegate: BaseAcpxRuntime;
   private readonly probeDelegate: BaseAcpxRuntime;
-  private readonly delegateOptions: AcpRuntimeOptions;
-  private readonly delegateTestOptions: BaseAcpxRuntimeTestOptions;
-  private readonly openclawToolsMcpBridgeEnabled: boolean;
-  private readonly openclawToolsSessionDelegates = new Map<string, BaseAcpxRuntime>();
   private readonly processCleanupDeps: AcpxProcessCleanupDeps | undefined;
   private readonly wrapperRoot: string | undefined;
   private readonly gatewayInstanceId: string | undefined;
@@ -742,7 +706,6 @@ export class AcpxRuntime implements AcpRuntime {
     this.wrapperRoot = options.openclawWrapperRoot;
     this.gatewayInstanceId = options.openclawGatewayInstanceId;
     this.processLeaseStore = options.openclawProcessLeaseStore;
-    this.openclawToolsMcpBridgeEnabled = options.openclawToolsMcpBridgeEnabled === true;
     this.cwd = options.cwd;
     this.sessionStore = createResetAwareSessionStore(options.sessionStore, {
       gatewayInstanceId: this.gatewayInstanceId,
@@ -760,21 +723,20 @@ export class AcpxRuntime implements AcpRuntime {
       sessionStore: this.sessionStore,
       agentRegistry: this.scopedAgentRegistry,
     };
-    this.delegateOptions = sharedOptions;
-    this.delegateTestOptions = delegateTestOptions as BaseAcpxRuntimeTestOptions;
-    this.delegate = new BaseAcpxRuntime(sharedOptions, this.delegateTestOptions);
+    this.delegate = new BaseAcpxRuntime(
+      sharedOptions,
+      delegateTestOptions as BaseAcpxRuntimeTestOptions,
+    );
     this.bridgeSafeDelegate = shouldUseDistinctBridgeDelegate(options)
       ? new BaseAcpxRuntime(
           {
             ...sharedOptions,
             mcpServers: [],
           },
-          this.delegateTestOptions,
+          delegateTestOptions as BaseAcpxRuntimeTestOptions,
         )
       : this.delegate;
-    this.probeDelegate = this.openclawToolsMcpBridgeEnabled
-      ? this.bridgeSafeDelegate
-      : this.resolveDelegateForAgent(resolveProbeAgentName(options));
+    this.probeDelegate = this.resolveDelegateForAgent(resolveProbeAgentName(options));
   }
 
   private resolveDelegateForAgent(agentName: string | undefined): BaseAcpxRuntime {
@@ -789,57 +751,6 @@ export class AcpxRuntime implements AcpRuntime {
     return shouldUseBridgeSafeDelegateForCommand(command) ? this.bridgeSafeDelegate : this.delegate;
   }
 
-  private resolveDelegateForSession(params: {
-    command: string | undefined;
-    sessionKey: string;
-  }): BaseAcpxRuntime {
-    if (shouldUseBridgeSafeDelegateForCommand(params.command)) {
-      return this.bridgeSafeDelegate;
-    }
-    return this.resolveOpenClawToolsDelegateForSession(params.sessionKey);
-  }
-
-  private resolveOpenClawToolsDelegateForSession(sessionKey: string): BaseAcpxRuntime {
-    if (!this.openclawToolsMcpBridgeEnabled) {
-      return this.delegate;
-    }
-    const normalizedSessionKey = sessionKey.trim();
-    if (!normalizedSessionKey) {
-      return this.delegate;
-    }
-    const cached = this.openclawToolsSessionDelegates.get(normalizedSessionKey);
-    if (cached) {
-      return cached;
-    }
-    // Upstream acpx captures mcpServers at runtime construction. The managed
-    // OpenClaw tools bridge needs per-session identity, so cache one delegate
-    // per session with the scoped MCP env already embedded.
-    const delegate = new BaseAcpxRuntime(
-      {
-        ...this.delegateOptions,
-        mcpServers: withOpenClawToolsMcpSessionEnv({
-          enabled: this.openclawToolsMcpBridgeEnabled,
-          mcpServers: this.delegateOptions.mcpServers,
-          sessionKey: normalizedSessionKey,
-        }),
-      },
-      this.delegateTestOptions,
-    );
-    this.openclawToolsSessionDelegates.set(normalizedSessionKey, delegate);
-    return delegate;
-  }
-
-  private releaseOpenClawToolsDelegateForSession(sessionKey: string): void {
-    if (!this.openclawToolsMcpBridgeEnabled) {
-      return;
-    }
-    const normalizedSessionKey = sessionKey.trim();
-    if (!normalizedSessionKey) {
-      return;
-    }
-    this.openclawToolsSessionDelegates.delete(normalizedSessionKey);
-  }
-
   private async resolveDelegateForHandle(handle: AcpRuntimeHandle): Promise<BaseAcpxRuntime> {
     const record = await this.sessionStore.load(handle.acpxRecordId ?? handle.sessionKey);
     return this.resolveDelegateForLoadedRecord(handle, record);
@@ -851,17 +762,9 @@ export class AcpxRuntime implements AcpRuntime {
   ): BaseAcpxRuntime {
     const recordCommand = readAgentCommandFromRecord(record);
     if (recordCommand) {
-      return this.resolveDelegateForSession({
-        command: recordCommand,
-        sessionKey: handle.sessionKey,
-      });
+      return this.resolveDelegateForCommand(recordCommand);
     }
-    const agentName = readAgentFromHandle(handle);
-    const command = resolveAgentCommandForName({
-      agentName,
-      agentRegistry: this.agentRegistry,
-    });
-    return this.resolveDelegateForSession({ command, sessionKey: handle.sessionKey });
+    return this.resolveDelegateForAgent(readAgentFromHandle(handle));
   }
 
   private async resolveCommandForHandle(handle: AcpRuntimeHandle): Promise<string | undefined> {
@@ -1077,7 +980,7 @@ export class AcpxRuntime implements AcpRuntime {
       agentName: input.agent,
       agentRegistry: this.agentRegistry,
     });
-    const delegate = this.resolveDelegateForSession({ command, sessionKey: input.sessionKey });
+    const delegate = this.resolveDelegateForCommand(command);
     const claudeModelOverride = isClaudeAcpCommand(command)
       ? normalizeClaudeAcpModelOverride(input.model)
       : undefined;
@@ -1361,9 +1264,6 @@ export class AcpxRuntime implements AcpRuntime {
   }
 
   async prepareFreshSession(input: { sessionKey: string }): Promise<void> {
-    // Fresh reset has no ACP handle to close the delegate's upstream client.
-    // Keep the scoped delegate reachable so the next ensure can replace it;
-    // close() owns cache release when the session lifecycle ends.
     this.sessionStore.markFresh(input.sessionKey);
   }
 
@@ -1372,9 +1272,8 @@ export class AcpxRuntime implements AcpRuntime {
       input.handle.acpxRecordId ?? input.handle.sessionKey,
     );
     let closeSucceeded;
-    const delegate = this.resolveDelegateForLoadedRecord(input.handle, record);
     try {
-      await delegate.close({
+      await this.resolveDelegateForLoadedRecord(input.handle, record).close({
         handle: input.handle,
         reason: input.reason,
         discardPersistentState: input.discardPersistentState,
@@ -1383,9 +1282,6 @@ export class AcpxRuntime implements AcpRuntime {
     } finally {
       await this.cleanupProcessTreeForRecord(input.handle, record);
     }
-    if (closeSucceeded) {
-      this.releaseOpenClawToolsDelegateForSession(input.handle.sessionKey);
-    }
     if (closeSucceeded && input.discardPersistentState) {
       this.sessionStore.markFresh(input.handle.sessionKey);
     }

extensions/acpx/src/service.ts

@@ -111,7 +111,6 @@ function createLazyDefaultRuntime(params: AcpxRuntimeFactoryParams): AcpxRuntime
         }),
         probeAgent: params.pluginConfig.probeAgent,
         mcpServers: toAcpMcpServers(params.pluginConfig.mcpServers),
-        openclawToolsMcpBridgeEnabled: params.pluginConfig.openClawToolsMcpBridge,
         permissionMode: params.pluginConfig.permissionMode,
         nonInteractivePermissions: params.pluginConfig.nonInteractivePermissions,
         timeoutMs: resolveAcpxTimerTimeoutMs(params.pluginConfig.timeoutSeconds),

extensions/clickclack/src/http-client.test.ts

@@ -1,81 +1,6 @@
-import { createServer, type Server } from "node:http";
 import { describe, expect, it, vi } from "vitest";
 import { createClickClackClient } from "./http-client.js";
 
-const LOOPBACK_RESPONSE_BYTES = 18 * 1024 * 1024;
-
-async function listenLoopbackServer(server: Server): Promise<number> {
-  return await new Promise((resolve, reject) => {
-    server.once("error", reject);
-    server.listen(0, "127.0.0.1", () => {
-      server.off("error", reject);
-      const address = server.address();
-      if (!address || typeof address === "string") {
-        reject(new Error("expected loopback TCP address"));
-        return;
-      }
-      resolve(address.port);
-    });
-  });
-}
-
-function createOversizedJsonServer(): { server: Server; closed: Promise<number> } {
-  let resolveClosed: (sentBytes: number) => void = () => {};
-  const closed = new Promise<number>((resolve) => {
-    resolveClosed = resolve;
-  });
-  const server = createServer((req, res) => {
-    let sentBytes = 0;
-    let stopped = false;
-    let prefixSent = false;
-    const prefixChunk = Buffer.from('{"user":{"id":"');
-    const bodyChunk = Buffer.alloc(64 * 1024, 0x61);
-    const suffixChunk = Buffer.from('"}}');
-    const writeBuffer = (buffer: Buffer) => {
-      sentBytes += buffer.length;
-      if (!res.write(buffer)) {
-        res.once("drain", writeChunks);
-        return false;
-      }
-      return true;
-    };
-    const writeChunks = () => {
-      if (!prefixSent) {
-        prefixSent = true;
-        if (!writeBuffer(prefixChunk)) {
-          return;
-        }
-      }
-      while (true) {
-        if (stopped) {
-          return;
-        }
-        if (sentBytes + bodyChunk.length + suffixChunk.length >= LOOPBACK_RESPONSE_BYTES) {
-          break;
-        }
-        if (!writeBuffer(bodyChunk)) {
-          return;
-        }
-      }
-      if (!stopped) {
-        sentBytes += suffixChunk.length;
-        res.end(suffixChunk);
-      }
-    };
-    res.writeHead(200, { connection: "close", "content-type": "application/json" });
-    res.on("close", () => {
-      stopped = true;
-      resolveClosed(sentBytes);
-    });
-    req.on("aborted", () => {
-      stopped = true;
-      res.destroy();
-    });
-    writeChunks();
-  });
-  return { server, closed };
-}
-
 function streamedErrorResponse(body: string, limit: number) {
   const encoded = new TextEncoder().encode(body);
   let readCount = 0;
@@ -114,25 +39,6 @@ function streamedErrorResponse(body: string, limit: number) {
 }
 
 describe("ClickClack HTTP client", () => {
-  it("bounds oversized success JSON responses and closes the stream early", async () => {
-    const { server, closed } = createOversizedJsonServer();
-    const port = await listenLoopbackServer(server);
-    const client = createClickClackClient({
-      baseUrl: `http://127.0.0.1:${port}`,
-      token: "test-token",
-    });
-
-    try {
-      await expect(client.me()).rejects.toThrow(
-        "ClickClack response: JSON response exceeds 16777216 bytes",
-      );
-      const sentBytes = await closed;
-      expect(sentBytes).toBeLessThan(LOOPBACK_RESPONSE_BYTES);
-    } finally {
-      server.close();
-    }
-  });
-
   it("bounds error response bodies without using raw response.text()", async () => {
     const streamed = streamedErrorResponse("x".repeat(9000), 8 * 1024);
     const fetchMock = vi.fn(async () => streamed.response);

extensions/clickclack/src/http-client.ts

@@ -2,10 +2,7 @@
  * Thin ClickClack REST/websocket client used by gateway, resolver, and outbound
  * delivery code.
  */
-import {
-  readProviderJsonResponse,
-  readResponseTextLimited,
-} from "openclaw/plugin-sdk/provider-http";
+import { readResponseTextLimited } from "openclaw/plugin-sdk/provider-http";
 import { WebSocket } from "ws";
 import type {
   ClickClackChannel,
@@ -47,7 +44,7 @@ export function createClickClackClient(options: ClientOptions) {
       const detail = await readResponseTextLimited(response, CLICKCLACK_ERROR_BODY_LIMIT_BYTES);
       throw new Error(`ClickClack ${response.status}: ${detail}`);
     }
-    return await readProviderJsonResponse<T>(response, "ClickClack response");
+    return (await response.json()) as T;
   }
 
   return {

extensions/codex/doctor-contract-api.test.ts

@@ -36,14 +36,6 @@ describe("codex doctor contract", () => {
         },
       }),
     ).toBe(false);
-    expect(
-      legacyConfigRules[1]?.match({
-        allow_destructive_actions: "always",
-        plugins: {
-          "google-calendar": { allow_destructive_actions: "always" },
-        },
-      }),
-    ).toBe(false);
   });
 
   it("removes the retired dynamic tools profile without dropping other Codex config", () => {

extensions/codex/openclaw.plugin.json

@@ -101,7 +101,7 @@
             "default": false
           },
           "allow_destructive_actions": {
-            "oneOf": [{ "type": "boolean" }, { "const": "auto" }, { "const": "always" }],
+            "oneOf": [{ "type": "boolean" }, { "const": "auto" }],
             "default": true
           },
           "plugins": {
@@ -121,7 +121,7 @@
                   "type": "string"
                 },
                 "allow_destructive_actions": {
-                  "oneOf": [{ "type": "boolean" }, { "const": "auto" }, { "const": "always" }]
+                  "oneOf": [{ "type": "boolean" }, { "const": "auto" }]
                 }
               }
             }
@@ -343,7 +343,7 @@
     },
     "codexPlugins.allow_destructive_actions": {
       "label": "Allow Destructive Plugin Actions",
-      "help": "Default policy for plugin app write or destructive action elicitations. Use true to accept safe schemas without prompting, false to decline, auto to ask through plugin approvals when Codex requires approval, or always to ask for every write/destructive action without durable approval.",
+      "help": "Default policy for plugin app write or destructive action elicitations. Use true to accept safe schemas without prompting, false to decline, or auto to ask through plugin approvals.",
       "advanced": true
     },
     "codexPlugins.plugins": {

extensions/codex/src/app-server/attempt-startup.ts

@@ -346,7 +346,6 @@ export async function startCodexAttemptThread(params: {
                               timeoutMs: params.appServer.requestTimeoutMs,
                               signal,
                             }),
-                          configCwd: startupExecutionCwd,
                           appCache: defaultCodexAppInventoryCache,
                           appCacheKey: pluginAppCacheKey,
                         }),

extensions/codex/src/app-server/config.test.ts

@@ -1192,52 +1192,6 @@ allowed_sandbox_modes = ["read-only", "workspace-write"]
     });
   });
 
-  it("parses always native Codex plugin destructive policy", () => {
-    const config = readCodexPluginConfig({
-      codexPlugins: {
-        enabled: true,
-        allow_destructive_actions: "always",
-        plugins: {
-          "google-calendar": {
-            marketplaceName: "openai-curated",
-            pluginName: "google-calendar",
-          },
-          slack: {
-            marketplaceName: "openai-curated",
-            pluginName: "slack",
-            allow_destructive_actions: "auto",
-          },
-        },
-      },
-    });
-
-    expect(config.codexPlugins?.allow_destructive_actions).toBe("always");
-    expect(resolveCodexPluginsPolicy(config)).toEqual({
-      configured: true,
-      enabled: true,
-      allowDestructiveActions: true,
-      destructiveApprovalMode: "always",
-      pluginPolicies: [
-        {
-          configKey: "google-calendar",
-          marketplaceName: "openai-curated",
-          pluginName: "google-calendar",
-          enabled: true,
-          allowDestructiveActions: true,
-          destructiveApprovalMode: "always",
-        },
-        {
-          configKey: "slack",
-          marketplaceName: "openai-curated",
-          pluginName: "slack",
-          enabled: true,
-          allowDestructiveActions: true,
-          destructiveApprovalMode: "auto",
-        },
-      ],
-    });
-  });
-
   it("rejects unsupported native Codex plugin destructive policy strings", () => {
     const config = readCodexPluginConfig({
       codexPlugins: {

extensions/codex/src/app-server/config.ts

@@ -74,8 +74,8 @@ export type CodexAppServerSandboxMode = "read-only" | "workspace-write" | "dange
 type CodexAppServerApprovalsReviewer = "user" | "auto_review" | "guardian_subagent";
 type CodexAppServerCommandSource = "managed" | "resolved-managed" | "config" | "env";
 export type CodexDynamicToolsLoading = "searchable" | "direct";
-export type CodexPluginDestructivePolicy = boolean | "auto" | "always";
-export type CodexPluginDestructiveApprovalMode = "allow" | "deny" | "auto" | "always";
+export type CodexPluginDestructivePolicy = boolean | "auto";
+export type CodexPluginDestructiveApprovalMode = "allow" | "deny" | "auto";
 
 export const CODEX_PLUGINS_MARKETPLACE_NAME = "openai-curated";
 
@@ -311,11 +311,7 @@ const codexAppServerApprovalPolicySchema = z.enum([
 const codexAppServerSandboxSchema = z.enum(["read-only", "workspace-write", "danger-full-access"]);
 const codexAppServerApprovalsReviewerSchema = z.enum(["user", "auto_review", "guardian_subagent"]);
 const codexDynamicToolsLoadingSchema = z.enum(["searchable", "direct"]);
-const codexPluginDestructivePolicySchema = z.union([
-  z.boolean(),
-  z.literal("auto"),
-  z.literal("always"),
-]);
+const codexPluginDestructivePolicySchema = z.union([z.boolean(), z.literal("auto")]);
 const codexAppServerServiceTierSchema = z
   .preprocess(
     (value) => (value === null ? null : normalizeCodexServiceTier(value)),
@@ -499,8 +495,8 @@ function resolveCodexPluginDestructivePolicy(policy: CodexPluginDestructivePolic
   allowDestructiveActions: boolean;
   destructiveApprovalMode: CodexPluginDestructiveApprovalMode;
 } {
-  if (policy === "auto" || policy === "always") {
-    return { allowDestructiveActions: true, destructiveApprovalMode: policy };
+  if (policy === "auto") {
+    return { allowDestructiveActions: true, destructiveApprovalMode: "auto" };
   }
   return {
     allowDestructiveActions: policy,

extensions/codex/src/app-server/elicitation-bridge.test.ts

@@ -157,7 +157,7 @@ function buildConnectorPluginApprovalElicitation(overrides: Record<string, unkno
 function createPluginAppPolicyContext(
   params: {
     allowDestructiveActions?: boolean;
-    destructiveApprovalMode?: "allow" | "deny" | "auto" | "always";
+    destructiveApprovalMode?: "allow" | "deny" | "auto";
     apps?: Array<{ appId: string; pluginName: string; mcpServerNames: string[] }>;
   } = {},
 ) {
@@ -1017,96 +1017,6 @@ describe("Codex app-server elicitation bridge", () => {
     });
   });
 
-  it("does not expose allow-always for always plugin policy", async () => {
-    mockCallGatewayTool
-      .mockResolvedValueOnce({ id: "plugin:approval-calendar-always-policy", status: "accepted" })
-      .mockResolvedValueOnce({
-        id: "plugin:approval-calendar-always-policy",
-        decision: "allow-once",
-      });
-
-    const result = await handleCodexAppServerElicitationRequest({
-      requestParams: buildConnectorPluginApprovalElicitation({
-        _meta: {
-          codex_approval_kind: "mcp_tool_call",
-          source: "connector",
-          connector_id: "connector_google_calendar",
-          connector_name: "Google Calendar",
-          persist: ["session", "always"],
-          tool_title: "create_event",
-        },
-      }),
-      paramsForRun: createParams(),
-      threadId: "thread-1",
-      turnId: "turn-1",
-      pluginAppPolicyContext: createPluginAppPolicyContext({
-        allowDestructiveActions: true,
-        destructiveApprovalMode: "always",
-        apps: [
-          {
-            appId: "connector_google_calendar",
-            pluginName: "google-calendar",
-            mcpServerNames: [],
-          },
-        ],
-      }),
-    });
-
-    expect(result).toEqual({
-      action: "accept",
-      content: null,
-      _meta: null,
-    });
-    expect(gatewayToolArg(0, 2)).toMatchObject({
-      allowedDecisions: ["allow-once", "deny"],
-    });
-  });
-
-  it("maps unexpected allow-always decisions to one-shot for always plugin policy", async () => {
-    mockCallGatewayTool
-      .mockResolvedValueOnce({
-        id: "plugin:approval-calendar-unexpected-always",
-        status: "accepted",
-      })
-      .mockResolvedValueOnce({
-        id: "plugin:approval-calendar-unexpected-always",
-        decision: "allow-always",
-      });
-
-    const result = await handleCodexAppServerElicitationRequest({
-      requestParams: buildConnectorPluginApprovalElicitation({
-        _meta: {
-          codex_approval_kind: "mcp_tool_call",
-          source: "connector",
-          connector_id: "connector_google_calendar",
-          connector_name: "Google Calendar",
-          persist: ["session", "always"],
-          tool_title: "create_event",
-        },
-      }),
-      paramsForRun: createParams(),
-      threadId: "thread-1",
-      turnId: "turn-1",
-      pluginAppPolicyContext: createPluginAppPolicyContext({
-        allowDestructiveActions: true,
-        destructiveApprovalMode: "always",
-        apps: [
-          {
-            appId: "connector_google_calendar",
-            pluginName: "google-calendar",
-            mcpServerNames: [],
-          },
-        ],
-      }),
-    });
-
-    expect(result).toEqual({
-      action: "accept",
-      content: null,
-      _meta: null,
-    });
-  });
-
   it("declines denied auto plugin app approvals", async () => {
     mockCallGatewayTool
       .mockResolvedValueOnce({ id: "plugin:approval-calendar-deny", status: "accepted" })

extensions/codex/src/app-server/elicitation-bridge.ts

@@ -318,13 +318,10 @@ async function buildPluginPolicyElicitationResponse(params: {
       paramsForRun: params.paramsForRun,
       title: approvalPrompt.title,
       description: approvalPrompt.description,
-      allowedDecisions: allowedPluginPolicyApprovalDecisions(mode, approvalPrompt),
+      allowedDecisions: approvalPrompt.allowedDecisions,
       signal: params.signal,
     });
-    return buildElicitationResponse(
-      approvalPrompt,
-      oneShotPluginPolicyApprovalOutcome(mode, outcome),
-    );
+    return buildElicitationResponse(approvalPrompt, outcome);
   }
   logPluginElicitationDecline("unmappable_schema", params.requestParams);
   return declineElicitationResponse();
@@ -332,28 +329,10 @@ async function buildPluginPolicyElicitationResponse(params: {
 
 function resolvePluginDestructiveApprovalMode(
   entry: PluginAppPolicyContextEntry,
-): "allow" | "deny" | "auto" | "always" {
+): "allow" | "deny" | "auto" {
   return entry.destructiveApprovalMode ?? (entry.allowDestructiveActions ? "allow" : "deny");
 }
 
-function allowedPluginPolicyApprovalDecisions(
-  mode: "allow" | "deny" | "auto" | "always",
-  approvalPrompt: BridgeableApprovalElicitation,
-): ExecApprovalDecision[] {
-  const allowedDecisions = approvalPrompt.allowedDecisions ?? ["allow-once", "deny"];
-  if (mode !== "always") {
-    return allowedDecisions;
-  }
-  return allowedDecisions.filter((decision) => decision !== "allow-always");
-}
-
-function oneShotPluginPolicyApprovalOutcome(
-  mode: "allow" | "deny" | "auto" | "always",
-  outcome: AppServerApprovalOutcome,
-): AppServerApprovalOutcome {
-  return mode === "always" && outcome === "approved-session" ? "approved-once" : outcome;
-}
-
 function readPluginApprovalElicitation(
   entry: PluginAppPolicyContextEntry,
   requestParams: JsonObject,

extensions/codex/src/app-server/plugin-thread-config.test.ts

@@ -170,379 +170,6 @@ describe("Codex plugin thread config", () => {
     });
   });
 
-  it("exposes destructive app access while clearing only durable approval overrides for always mode", async () => {
-    const appCache = new CodexAppInventoryCache();
-    await appCache.refreshNow({
-      key: "runtime",
-      nowMs: 0,
-      request: async () => ({
-        data: [appInfo("google-calendar-app", true)],
-        nextCursor: null,
-      }),
-    });
-    let configReadCount = 0;
-    const request = vi.fn(async (method: string) => {
-      if (method === "plugin/list") {
-        return pluginList([pluginSummary("google-calendar", { installed: true, enabled: true })]);
-      }
-      if (method === "plugin/read") {
-        return pluginDetail(
-          "google-calendar",
-          [appSummary("google-calendar-app")],
-          ["google-calendar"],
-        );
-      }
-      if (method === "config/read") {
-        configReadCount += 1;
-        if (configReadCount > 1) {
-          return {
-            config: {
-              apps: {
-                "google-calendar-app": {
-                  tools: {
-                    "calendar/read": {
-                      enabled: false,
-                    },
-                  },
-                },
-              },
-            },
-          };
-        }
-        return {
-          config: {
-            apps: {
-              "google-calendar-app": {
-                tools: {
-                  "calendar/create": {
-                    approval_mode: "approve",
-                    enabled: false,
-                  },
-                  "calendar/read": {
-                    enabled: false,
-                  },
-                  "calendar/update": {
-                    approvalMode: "approve",
-                  },
-                },
-              },
-            },
-          },
-        };
-      }
-      if (method === "config/value/write") {
-        return {};
-      }
-      throw new Error(`unexpected request ${method}`);
-    });
-
-    const config = await buildCodexPluginThreadConfig({
-      pluginConfig: {
-        codexPlugins: {
-          enabled: true,
-          allow_destructive_actions: "always",
-          plugins: {
-            "google-calendar": {
-              marketplaceName: CODEX_PLUGINS_MARKETPLACE_NAME,
-              pluginName: "google-calendar",
-            },
-          },
-        },
-      },
-      appCache,
-      appCacheKey: "runtime",
-      nowMs: 1,
-      request,
-    });
-
-    const apps = config.configPatch?.apps as Record<string, unknown> | undefined;
-    expect(apps?.["google-calendar-app"]).toEqual({
-      enabled: true,
-      destructive_enabled: true,
-      open_world_enabled: true,
-      default_tools_approval_mode: "auto",
-    });
-    expect(config.policyContext.apps["google-calendar-app"]).toMatchObject({
-      allowDestructiveActions: true,
-      destructiveApprovalMode: "always",
-    });
-    expect(request).toHaveBeenCalledWith("config/read", { includeLayers: false });
-    expect(request.mock.calls.filter(([method]) => method === "config/read")).toHaveLength(2);
-    expect(request).toHaveBeenCalledWith("config/value/write", {
-      keyPath: 'apps."google-calendar-app".tools."calendar/create".approval_mode',
-      value: null,
-      mergeStrategy: "replace",
-    });
-    expect(request).toHaveBeenCalledWith("config/value/write", {
-      keyPath: 'apps."google-calendar-app".tools."calendar/update".approval_mode',
-      value: null,
-      mergeStrategy: "replace",
-    });
-    expect(request).not.toHaveBeenCalledWith("config/value/write", {
-      keyPath: 'apps."google-calendar-app".tools',
-      value: null,
-      mergeStrategy: "replace",
-    });
-  });
-
-  it("omits always policy apps when cwd effective approval overrides remain after cleanup", async () => {
-    const appCache = new CodexAppInventoryCache();
-    await appCache.refreshNow({
-      key: "runtime",
-      nowMs: 0,
-      request: async () => ({
-        data: [appInfo("google-calendar-app", true)],
-        nextCursor: null,
-      }),
-    });
-    let configReadCount = 0;
-    const request = vi.fn(async (method: string) => {
-      if (method === "plugin/list") {
-        return pluginList([pluginSummary("google-calendar", { installed: true, enabled: true })]);
-      }
-      if (method === "plugin/read") {
-        return pluginDetail(
-          "google-calendar",
-          [appSummary("google-calendar-app")],
-          ["google-calendar"],
-        );
-      }
-      if (method === "config/read") {
-        configReadCount += 1;
-        return {
-          config: {
-            apps: {
-              "google-calendar-app": {
-                tools: {
-                  "calendar/create": {
-                    approval_mode: "approve",
-                    source: configReadCount === 1 ? "user" : "project",
-                  },
-                },
-              },
-            },
-          },
-        };
-      }
-      if (method === "config/value/write") {
-        return { status: "ok" };
-      }
-      throw new Error(`unexpected request ${method}`);
-    });
-
-    const config = await buildCodexPluginThreadConfig({
-      pluginConfig: {
-        codexPlugins: {
-          enabled: true,
-          allow_destructive_actions: "always",
-          plugins: {
-            "google-calendar": {
-              marketplaceName: CODEX_PLUGINS_MARKETPLACE_NAME,
-              pluginName: "google-calendar",
-            },
-          },
-        },
-      },
-      appCache,
-      appCacheKey: "runtime",
-      configCwd: "/repo/project",
-      nowMs: 1,
-      request,
-    });
-
-    expect(config.configPatch).toEqual({
-      apps: {
-        _default: {
-          enabled: false,
-          destructive_enabled: false,
-          open_world_enabled: false,
-        },
-      },
-    });
-    expect(config.policyContext.apps).toStrictEqual({});
-    expect(request).toHaveBeenCalledWith("config/read", {
-      includeLayers: false,
-      cwd: "/repo/project",
-    });
-    expect(request.mock.calls.filter(([method]) => method === "config/read")).toHaveLength(2);
-    expect(config.diagnostics).toStrictEqual([
-      {
-        code: "approval_overrides_clear_failed",
-        plugin: {
-          configKey: "google-calendar",
-          marketplaceName: CODEX_PLUGINS_MARKETPLACE_NAME,
-          pluginName: "google-calendar",
-          enabled: true,
-          allowDestructiveActions: true,
-          destructiveApprovalMode: "always",
-        },
-        message:
-          "Could not clear durable Codex app approval overrides for google-calendar-app: effective approval overrides remain for calendar/create",
-      },
-    ]);
-  });
-
-  it("omits always policy apps when approval override writes are overridden", async () => {
-    const appCache = new CodexAppInventoryCache();
-    await appCache.refreshNow({
-      key: "runtime",
-      nowMs: 0,
-      request: async () => ({
-        data: [appInfo("google-calendar-app", true)],
-        nextCursor: null,
-      }),
-    });
-    const request = vi.fn(async (method: string) => {
-      if (method === "plugin/list") {
-        return pluginList([pluginSummary("google-calendar", { installed: true, enabled: true })]);
-      }
-      if (method === "plugin/read") {
-        return pluginDetail(
-          "google-calendar",
-          [appSummary("google-calendar-app")],
-          ["google-calendar"],
-        );
-      }
-      if (method === "config/read") {
-        return {
-          config: {
-            apps: {
-              "google-calendar-app": {
-                tools: {
-                  "calendar/create": {
-                    approval_mode: "approve",
-                  },
-                },
-              },
-            },
-          },
-        };
-      }
-      if (method === "config/value/write") {
-        return { status: "okOverridden" };
-      }
-      throw new Error(`unexpected request ${method}`);
-    });
-
-    const config = await buildCodexPluginThreadConfig({
-      pluginConfig: {
-        codexPlugins: {
-          enabled: true,
-          allow_destructive_actions: "always",
-          plugins: {
-            "google-calendar": {
-              marketplaceName: CODEX_PLUGINS_MARKETPLACE_NAME,
-              pluginName: "google-calendar",
-            },
-          },
-        },
-      },
-      appCache,
-      appCacheKey: "runtime",
-      configCwd: "/repo/project",
-      nowMs: 1,
-      request,
-    });
-
-    expect(config.configPatch).toEqual({
-      apps: {
-        _default: {
-          enabled: false,
-          destructive_enabled: false,
-          open_world_enabled: false,
-        },
-      },
-    });
-    expect(config.policyContext.apps).toStrictEqual({});
-    expect(config.diagnostics).toStrictEqual([
-      {
-        code: "approval_overrides_clear_failed",
-        plugin: {
-          configKey: "google-calendar",
-          marketplaceName: CODEX_PLUGINS_MARKETPLACE_NAME,
-          pluginName: "google-calendar",
-          enabled: true,
-          allowDestructiveActions: true,
-          destructiveApprovalMode: "always",
-        },
-        message:
-          "Could not clear durable Codex app approval overrides for google-calendar-app: approval override for calendar/create is controlled by another config layer",
-      },
-    ]);
-  });
-
-  it("omits always policy apps when durable approval override cleanup fails", async () => {
-    const appCache = new CodexAppInventoryCache();
-    await appCache.refreshNow({
-      key: "runtime",
-      nowMs: 0,
-      request: async () => ({
-        data: [appInfo("google-calendar-app", true)],
-        nextCursor: null,
-      }),
-    });
-
-    const config = await buildCodexPluginThreadConfig({
-      pluginConfig: {
-        codexPlugins: {
-          enabled: true,
-          allow_destructive_actions: "always",
-          plugins: {
-            "google-calendar": {
-              marketplaceName: CODEX_PLUGINS_MARKETPLACE_NAME,
-              pluginName: "google-calendar",
-            },
-          },
-        },
-      },
-      appCache,
-      appCacheKey: "runtime",
-      nowMs: 1,
-      request: async (method) => {
-        if (method === "plugin/list") {
-          return pluginList([pluginSummary("google-calendar", { installed: true, enabled: true })]);
-        }
-        if (method === "plugin/read") {
-          return pluginDetail(
-            "google-calendar",
-            [appSummary("google-calendar-app")],
-            ["google-calendar"],
-          );
-        }
-        if (method === "config/read") {
-          throw new Error("readonly config");
-        }
-        throw new Error(`unexpected request ${method}`);
-      },
-    });
-
-    expect(config.configPatch).toEqual({
-      apps: {
-        _default: {
-          enabled: false,
-          destructive_enabled: false,
-          open_world_enabled: false,
-        },
-      },
-    });
-    expect(config.policyContext.apps).toStrictEqual({});
-    expect(config.diagnostics).toStrictEqual([
-      {
-        code: "approval_overrides_clear_failed",
-        plugin: {
-          configKey: "google-calendar",
-          marketplaceName: CODEX_PLUGINS_MARKETPLACE_NAME,
-          pluginName: "google-calendar",
-          enabled: true,
-          allowDestructiveActions: true,
-          destructiveApprovalMode: "always",
-        },
-        message:
-          "Could not clear durable Codex app approval overrides for google-calendar-app: readonly config",
-      },
-    ]);
-  });
-
   it("builds a restrictive app config when native plugin support is disabled", async () => {
     expect(
       shouldBuildCodexPluginThreadConfig({

extensions/codex/src/app-server/plugin-thread-config.ts

@@ -29,7 +29,7 @@ import {
   type CodexPluginOwnedApp,
   type CodexPluginRuntimeRequest,
 } from "./plugin-inventory.js";
-import { isJsonObject, type JsonObject, type JsonValue } from "./protocol.js";
+import type { JsonObject, JsonValue } from "./protocol.js";
 
 /** Policy context for one app id exposed by a configured Codex plugin. */
 export type PluginAppPolicyContextEntry = {
@@ -52,7 +52,7 @@ export type PluginAppPolicyContext = {
 export type CodexPluginThreadConfigDiagnostic =
   | CodexPluginInventoryDiagnostic
   | {
-      code: "plugin_activation_failed" | "app_not_ready" | "approval_overrides_clear_failed";
+      code: "plugin_activation_failed" | "app_not_ready";
       plugin?: ResolvedCodexPluginPolicy;
       message: string;
     };
@@ -72,7 +72,6 @@ export type CodexPluginThreadConfig = {
 export type BuildCodexPluginThreadConfigParams = {
   pluginConfig?: unknown;
   request: CodexPluginRuntimeRequest;
-  configCwd?: string;
   appCache?: CodexAppInventoryCache;
   appCacheKey: string;
   nowMs?: number;
@@ -251,18 +250,6 @@ export async function buildCodexPluginThreadConfig(
         });
         continue;
       }
-      if (
-        record.policy.destructiveApprovalMode === "always" &&
-        !(await clearPersistedAppToolApprovalOverrides({
-          request: params.request,
-          configCwd: params.configCwd,
-          plugin: record.policy,
-          app,
-          diagnostics,
-        }))
-      ) {
-        continue;
-      }
       const appConfig: JsonObject = {
         enabled: true,
         destructive_enabled: record.policy.allowDestructiveActions,
@@ -380,86 +367,6 @@ function buildPluginAppPolicyContext(
   };
 }
 
-async function clearPersistedAppToolApprovalOverrides(params: {
-  request: CodexPluginRuntimeRequest;
-  configCwd?: string;
-  plugin: ResolvedCodexPluginPolicy;
-  app: CodexPluginOwnedApp;
-  diagnostics: CodexPluginThreadConfigDiagnostic[];
-}): Promise<boolean> {
-  try {
-    const overrideNames = await readPersistedAppToolApprovalOverrideNames(params);
-    for (const toolName of overrideNames) {
-      const response = await params.request("config/value/write", {
-        keyPath: `apps.${quoteConfigKeyPathSegment(params.app.id)}.tools.${quoteConfigKeyPathSegment(
-          toolName,
-        )}.approval_mode`,
-        value: null,
-        mergeStrategy: "replace",
-      });
-      if (isOverriddenConfigWriteResponse(response)) {
-        throw new Error(`approval override for ${toolName} is controlled by another config layer`);
-      }
-    }
-    const remainingOverrideNames = await readPersistedAppToolApprovalOverrideNames(params);
-    if (remainingOverrideNames.length > 0) {
-      throw new Error(
-        `effective approval overrides remain for ${remainingOverrideNames.join(", ")}`,
-      );
-    }
-    return true;
-  } catch (error) {
-    params.diagnostics.push({
-      code: "approval_overrides_clear_failed",
-      plugin: params.plugin,
-      message: `Could not clear durable Codex app approval overrides for ${params.app.id}: ${
-        error instanceof Error ? error.message : String(error)
-      }`,
-    });
-    return false;
-  }
-}
-
-async function readPersistedAppToolApprovalOverrideNames(params: {
-  request: CodexPluginRuntimeRequest;
-  configCwd?: string;
-  app: CodexPluginOwnedApp;
-}): Promise<string[]> {
-  const response = await params.request("config/read", {
-    includeLayers: false,
-    ...(params.configCwd ? { cwd: params.configCwd } : {}),
-  });
-  const config = isJsonObject(response) ? response.config : undefined;
-  const appsRoot = isJsonObject(config) ? config.apps : undefined;
-  const nestedApps = isJsonObject(appsRoot) ? appsRoot.apps : undefined;
-  const appConfig = isJsonObject(appsRoot)
-    ? (appsRoot[params.app.id] ??
-      (isJsonObject(nestedApps) ? nestedApps[params.app.id] : undefined))
-    : undefined;
-  const tools = isJsonObject(appConfig) ? appConfig.tools : undefined;
-  if (!isJsonObject(tools)) {
-    return [];
-  }
-  return Object.entries(tools)
-    .filter(([, value]) => hasPersistedToolApprovalOverride(value))
-    .map(([toolName]) => toolName)
-    .toSorted();
-}
-
-function hasPersistedToolApprovalOverride(value: JsonValue): boolean {
-  return (
-    isJsonObject(value) && (value.approval_mode !== undefined || value.approvalMode !== undefined)
-  );
-}
-
-function isOverriddenConfigWriteResponse(response: unknown): boolean {
-  return isJsonObject(response) && response.status === "okOverridden";
-}
-
-function quoteConfigKeyPathSegment(segment: string): string {
-  return `"${segment.replace(/["\\]/g, (char) => `\\${char}`)}"`;
-}
-
 function shouldWaitForInitialAppInventory(
   params: BuildCodexPluginThreadConfigParams,
   policy: ResolvedCodexPluginsPolicy,

extensions/codex/src/app-server/protocol.ts

@@ -575,8 +575,6 @@ type CodexAppServerRequestResultMap = {
   "account/read": CodexGetAccountResponse;
   "app/list": CodexAppsListResponse;
   "config/mcpServer/reload": JsonValue;
-  "config/read": JsonValue;
-  "config/value/write": JsonValue;
   "environment/add": JsonValue;
   "experimentalFeature/enablement/set": JsonValue;
   "feedback/upload": JsonValue;

extensions/codex/src/app-server/request.test.ts

@@ -112,44 +112,6 @@ describe("requestCodexAppServerJson sandbox guard", () => {
     expect(request).toHaveBeenCalledWith("thread/list", { limit: 10 }, { timeoutMs: 60_000 });
   });
 
-  it("allows config value writes in sandboxed sessions", async () => {
-    const request = vi.fn(async () => ({ ok: true }));
-    sharedClientMocks.getSharedCodexAppServerClient.mockResolvedValue({ request });
-    const params = {
-      keyPath: 'apps."google-calendar-app".tools',
-      value: null,
-      mergeStrategy: "replace",
-    };
-
-    await expect(
-      requestCodexAppServerJson({
-        method: "config/value/write",
-        requestParams: params,
-        config: { agents: { defaults: { sandbox: { mode: "all" } } } },
-        sessionKey: "sandboxed-session",
-      }),
-    ).resolves.toEqual({ ok: true });
-
-    expect(request).toHaveBeenCalledWith("config/value/write", params, { timeoutMs: 60_000 });
-  });
-
-  it("allows config reads in sandboxed sessions", async () => {
-    const request = vi.fn(async () => ({ config: { apps: { apps: {} } } }));
-    sharedClientMocks.getSharedCodexAppServerClient.mockResolvedValue({ request });
-    const params = { includeLayers: false };
-
-    await expect(
-      requestCodexAppServerJson({
-        method: "config/read",
-        requestParams: params,
-        config: { agents: { defaults: { sandbox: { mode: "all" } } } },
-        sessionKey: "sandboxed-session",
-      }),
-    ).resolves.toEqual({ config: { apps: { apps: {} } } });
-
-    expect(request).toHaveBeenCalledWith("config/read", params, { timeoutMs: 60_000 });
-  });
-
   it("allows sandbox-pinned thread starts in sandboxed sessions", async () => {
     const request = vi.fn(async () => ({ thread: { id: "thread-1" }, model: "gpt-5.5" }));
     sharedClientMocks.getSharedCodexAppServerClient.mockResolvedValue({ request });

extensions/codex/src/app-server/sandbox-guard.ts

@@ -19,8 +19,6 @@ const DIRECT_METHOD_POLICIES = new Map<string, DirectMethodPolicy>([
   ["account/read", "allowed-control-plane"],
   ["app/list", "allowed-control-plane"],
   ["config/mcpServer/reload", "allowed-control-plane"],
-  ["config/read", "allowed-control-plane"],
-  ["config/value/write", "allowed-control-plane"],
   ["environment/add", "allowed-control-plane"],
   ["experimentalFeature/enablement/set", "allowed-control-plane"],
   ["feedback/upload", "allowed-control-plane"],

extensions/codex/src/app-server/session-binding.test.ts

@@ -145,35 +145,6 @@ describe("codex app-server session binding", () => {
     expect(binding?.pluginAppPolicyContext).toEqual(pluginAppPolicyContext);
   });
 
-  it("round-trips always plugin app policy context destructive approval mode", async () => {
-    const sessionFile = path.join(tempDir, "session.json");
-    const pluginAppPolicyContext = {
-      fingerprint: "plugin-policy-always",
-      apps: {
-        "google-calendar-app": {
-          configKey: "google-calendar",
-          marketplaceName: "openai-curated" as const,
-          pluginName: "google-calendar",
-          allowDestructiveActions: true,
-          destructiveApprovalMode: "always" as const,
-          mcpServerNames: ["google-calendar"],
-        },
-      },
-      pluginAppIds: {
-        "google-calendar": ["google-calendar-app"],
-      },
-    };
-    await writeCodexAppServerBinding(sessionFile, {
-      threadId: "thread-123",
-      cwd: tempDir,
-      pluginAppPolicyContext,
-    });
-
-    const binding = await readCodexAppServerBinding(sessionFile);
-
-    expect(binding?.pluginAppPolicyContext).toEqual(pluginAppPolicyContext);
-  });
-
   it("normalizes v1 plugin app policy context destructive approval modes", async () => {
     const sessionFile = path.join(tempDir, "session.json");
     await fs.writeFile(

extensions/codex/src/app-server/session-binding.ts

@@ -421,9 +421,6 @@ function readDestructiveApprovalMode(
   if (value === "auto") {
     return bindingSchemaVersion === 1 ? "allow" : "auto";
   }
-  if (value === "always" && bindingSchemaVersion === 2) {
-    return "always";
-  }
   if (value === "on-request" && bindingSchemaVersion === 1) {
     return "auto";
   }

extensions/codex/src/app-server/trajectory.test.ts

@@ -5,7 +5,6 @@ import path from "node:path";
 import { afterEach, describe, expect, it } from "vitest";
 import {
   createCodexTrajectoryRecorder,
-  recordCodexTrajectoryCompletion,
   recordCodexTrajectoryContext,
   resolveCodexTrajectoryAppendFlags,
   resolveCodexTrajectoryPointerFlags,
@@ -81,9 +80,7 @@ describe("Codex trajectory recorder", () => {
     expect(content).not.toContain("secret");
     expect(content).not.toContain("sk-test-secret-token");
     expect(content).not.toContain("sk-other-secret-token");
-    if (process.platform !== "win32") {
-      expect(fs.statSync(filePath).mode & 0o777).toBe(0o600);
-    }
+    expect(fs.statSync(filePath).mode & 0o777).toBe(0o600);
     expect(fs.existsSync(path.join(tmpDir, "session.trajectory-path.json"))).toBe(true);
   });
 
@@ -256,235 +253,4 @@ describe("Codex trajectory recorder", () => {
     expect(parsed.data?.truncated).toBe(true);
     expect(parsed.data?.reason).toBe("trajectory-event-size-limit");
   });
-
-  it("preserves usage when truncating oversized model completion events", async () => {
-    const tmpDir = makeTempDir();
-    const sessionFile = path.join(tmpDir, "session.jsonl");
-    const attempt = {
-      sessionFile,
-      sessionId: "session-1",
-      sessionKey: "agent:main:session-1",
-      runId: "run-1",
-      provider: "codex",
-      modelId: "gpt-5.4",
-      model: { api: "responses" },
-    } as never;
-    const usage = {
-      input: 384_954,
-      output: 5_624,
-      cacheRead: 333_824,
-      reasoningTokens: 2_038,
-      total: 724_402,
-    };
-    const recorder = createCodexTrajectoryRecorder({
-      cwd: tmpDir,
-      attempt,
-      env: {},
-    });
-
-    const trajectoryRecorder = expectTrajectoryRecorder(recorder);
-    recordCodexTrajectoryCompletion(trajectoryRecorder, {
-      attempt,
-      threadId: "thread-1",
-      turnId: "turn-1",
-      timedOut: false,
-      result: {
-        aborted: false,
-        attemptUsage: usage,
-        assistantTexts: ["done"],
-        messagesSnapshot: Array.from({ length: 20 }, (_value, index) => ({
-          role: index % 2 === 0 ? "user" : "assistant",
-          content: `message-${index} ${"x".repeat(32_000)}`,
-        })),
-      } as never,
-    });
-    await trajectoryRecorder.flush();
-
-    const parsed = JSON.parse(
-      fs.readFileSync(path.join(tmpDir, "session.trajectory.jsonl"), "utf8"),
-    );
-    expect(parsed.type).toBe("model.completed");
-    expect(parsed.data).toMatchObject({
-      truncated: true,
-      reason: "trajectory-event-size-limit",
-      usage,
-    });
-    expect(parsed.data.messagesSnapshot).toBeUndefined();
-    expect(parsed.data.droppedFields).toContain("messagesSnapshot");
-    expect(Buffer.byteLength(JSON.stringify(parsed), "utf8")).toBeLessThanOrEqual(256 * 1024);
-  });
-
-  it("drops oversized preserved fields when needed to keep completion events bounded", async () => {
-    const tmpDir = makeTempDir();
-    const sessionFile = path.join(tmpDir, "session.jsonl");
-    const attempt = {
-      sessionFile,
-      sessionId: "session-1",
-      sessionKey: "agent:main:session-1",
-      runId: "run-1",
-      provider: "codex",
-      modelId: "gpt-5.4",
-      model: { api: "responses" },
-    } as never;
-    const oversizedUsage = Object.fromEntries(
-      Array.from({ length: 100 }, (_value, index) => [`field-${index}`, "x".repeat(5_000)]),
-    );
-    const recorder = createCodexTrajectoryRecorder({
-      cwd: tmpDir,
-      attempt,
-      env: {},
-    });
-
-    const trajectoryRecorder = expectTrajectoryRecorder(recorder);
-    recordCodexTrajectoryCompletion(trajectoryRecorder, {
-      attempt,
-      threadId: "thread-1",
-      turnId: "turn-1",
-      timedOut: false,
-      result: {
-        aborted: false,
-        attemptUsage: oversizedUsage,
-        assistantTexts: ["x".repeat(32_000)],
-        messagesSnapshot: [{ role: "assistant", content: "x".repeat(32_000) }],
-      } as never,
-    });
-    await trajectoryRecorder.flush();
-
-    const parsed = JSON.parse(
-      fs.readFileSync(path.join(tmpDir, "session.trajectory.jsonl"), "utf8"),
-    );
-    expect(parsed.data).toMatchObject({
-      truncated: true,
-      reason: "trajectory-event-size-limit",
-    });
-    expect(parsed.data.usage).toBeUndefined();
-    expect(parsed.data.droppedFields).toEqual(
-      expect.arrayContaining(["usage", "assistantTexts", "messagesSnapshot"]),
-    );
-    expect(Buffer.byteLength(JSON.stringify(parsed), "utf8")).toBeLessThanOrEqual(256 * 1024);
-  });
-
-  it("preserves usage on non-final oversized model completion events", async () => {
-    const tmpDir = makeTempDir();
-    const sessionFile = path.join(tmpDir, "session.jsonl");
-    const attempt = {
-      sessionFile,
-      sessionId: "session-1",
-      sessionKey: "agent:main:session-1",
-      runId: "run-1",
-      provider: "codex",
-      modelId: "gpt-5.4",
-      model: { api: "responses" },
-    } as never;
-    const firstUsage = {
-      input: 384_954,
-      output: 5_624,
-      cacheRead: 333_824,
-      reasoningTokens: 2_038,
-      total: 724_402,
-    };
-    const secondUsage = { input: 12, output: 3, total: 15 };
-    const recorder = createCodexTrajectoryRecorder({
-      cwd: tmpDir,
-      attempt,
-      env: {},
-    });
-
-    const trajectoryRecorder = expectTrajectoryRecorder(recorder);
-    recordCodexTrajectoryCompletion(trajectoryRecorder, {
-      attempt,
-      threadId: "thread-1",
-      turnId: "turn-1",
-      timedOut: false,
-      result: {
-        aborted: false,
-        attemptUsage: firstUsage,
-        assistantTexts: ["first"],
-        messagesSnapshot: Array.from({ length: 20 }, (_value, index) => ({
-          role: index % 2 === 0 ? "user" : "assistant",
-          content: `message-${index} ${"x".repeat(32_000)}`,
-        })),
-      } as never,
-    });
-    recordCodexTrajectoryCompletion(trajectoryRecorder, {
-      attempt,
-      threadId: "thread-1",
-      turnId: "turn-2",
-      timedOut: false,
-      result: {
-        aborted: false,
-        attemptUsage: secondUsage,
-        assistantTexts: ["final answer"],
-        messagesSnapshot: [{ role: "assistant", content: "final answer" }],
-      } as never,
-    });
-    await trajectoryRecorder.flush();
-
-    const events = fs
-      .readFileSync(path.join(tmpDir, "session.trajectory.jsonl"), "utf8")
-      .trim()
-      .split(/\r?\n/u)
-      .map((line) => JSON.parse(line));
-    expect(events).toHaveLength(2);
-    expect(events[0].data).toMatchObject({
-      truncated: true,
-      usage: firstUsage,
-    });
-    expect(events[1].data).toMatchObject({
-      turnId: "turn-2",
-      usage: secondUsage,
-      assistantTexts: ["final answer"],
-    });
-    expect(events[1].data.truncated).toBeUndefined();
-  });
-
-  it("redacts secrets before preserving usage in truncated completion events", async () => {
-    const tmpDir = makeTempDir();
-    const sessionFile = path.join(tmpDir, "session.jsonl");
-    const attempt = {
-      sessionFile,
-      sessionId: "session-1",
-      sessionKey: "agent:main:session-1",
-      runId: "run-1",
-      provider: "codex",
-      modelId: "gpt-5.4",
-      model: { api: "responses" },
-    } as never;
-    const recorder = createCodexTrajectoryRecorder({
-      cwd: tmpDir,
-      attempt,
-      env: {},
-    });
-
-    const trajectoryRecorder = expectTrajectoryRecorder(recorder);
-    recordCodexTrajectoryCompletion(trajectoryRecorder, {
-      attempt,
-      threadId: "thread-1",
-      turnId: "turn-1",
-      timedOut: false,
-      result: {
-        aborted: false,
-        attemptUsage: {
-          total: 1,
-          apiKey: "sk-test-secret-token",
-          authorization: "Bearer sk-other-secret-token",
-        },
-        assistantTexts: ["done"],
-        messagesSnapshot: Array.from({ length: 20 }, (_value, index) => ({
-          role: index % 2 === 0 ? "user" : "assistant",
-          content: `message-${index} ${"x".repeat(32_000)}`,
-        })),
-      } as never,
-    });
-    await trajectoryRecorder.flush();
-
-    const parsed = JSON.parse(
-      fs.readFileSync(path.join(tmpDir, "session.trajectory.jsonl"), "utf8"),
-    );
-    const preservedUsage = JSON.stringify(parsed.data.usage);
-    expect(parsed.data.truncated).toBe(true);
-    expect(preservedUsage).toContain("redacted");
-    expect(preservedUsage).not.toContain("sk-test-secret-token");
-    expect(preservedUsage).not.toContain("sk-other-secret-token");
-  });
 });

extensions/codex/src/app-server/trajectory.ts

@@ -40,7 +40,6 @@ const JWT_VALUE_RE = /\beyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]
 const COOKIE_PAIR_RE = /\b([A-Za-z][A-Za-z0-9_.-]{1,64})=([A-Za-z0-9+/._~%=-]{16,})(?=;|\s|$)/gu;
 const TRAJECTORY_RUNTIME_FILE_MAX_BYTES = 50 * 1024 * 1024;
 const TRAJECTORY_RUNTIME_EVENT_MAX_BYTES = 256 * 1024;
-const TRAJECTORY_RUNTIME_OVERSIZE_PRESERVED_DATA_KEYS = ["usage", "promptCache"] as const;
 
 type CodexTrajectoryOpenFlagConstants = Pick<
   typeof nodeFs.constants,
@@ -83,57 +82,19 @@ function boundedTrajectoryLine(event: Record<string, unknown>): string | undefin
   if (bytes <= TRAJECTORY_RUNTIME_EVENT_MAX_BYTES) {
     return `${line}\n`;
   }
-
-  const originalData =
-    event.data && typeof event.data === "object" && !Array.isArray(event.data)
-      ? (event.data as Record<string, unknown>)
-      : {};
-  const originalDataKeys = Object.keys(originalData);
-  const preservedDataKeys = new Set<string>();
-  const baseData = {
-    truncated: true,
-    originalBytes: bytes,
-    limitBytes: TRAJECTORY_RUNTIME_EVENT_MAX_BYTES,
-    reason: "trajectory-event-size-limit",
-  };
-  const buildTruncatedLine = (includeDroppedFields: boolean): string | undefined => {
-    const data: Record<string, unknown> = { ...baseData };
-    for (const key of TRAJECTORY_RUNTIME_OVERSIZE_PRESERVED_DATA_KEYS) {
-      if (preservedDataKeys.has(key)) {
-        data[key] = originalData[key];
-      }
-    }
-    if (includeDroppedFields) {
-      const droppedFields = originalDataKeys.filter((key) => !preservedDataKeys.has(key));
-      if (droppedFields.length > 0) {
-        data.droppedFields = droppedFields;
-      }
-    }
-    const truncated = JSON.stringify({ ...event, data });
-    if (Buffer.byteLength(truncated, "utf8") <= TRAJECTORY_RUNTIME_EVENT_MAX_BYTES) {
-      return `${truncated}\n`;
-    }
-    return undefined;
-  };
-
-  let best = buildTruncatedLine(true) ?? buildTruncatedLine(false);
-  if (!best) {
-    return undefined;
+  const truncated = JSON.stringify({
+    ...event,
+    data: {
+      truncated: true,
+      originalBytes: bytes,
+      limitBytes: TRAJECTORY_RUNTIME_EVENT_MAX_BYTES,
+      reason: "trajectory-event-size-limit",
+    },
+  });
+  if (Buffer.byteLength(truncated, "utf8") <= TRAJECTORY_RUNTIME_EVENT_MAX_BYTES) {
+    return `${truncated}\n`;
   }
-
-  for (const key of TRAJECTORY_RUNTIME_OVERSIZE_PRESERVED_DATA_KEYS) {
-    if (!Object.hasOwn(originalData, key)) {
-      continue;
-    }
-    preservedDataKeys.add(key);
-    const next = buildTruncatedLine(true) ?? buildTruncatedLine(false);
-    if (next) {
-      best = next;
-      continue;
-    }
-    preservedDataKeys.delete(key);
-  }
-  return best;
+  return undefined;
 }
 
 function resolveTrajectoryPointerFilePath(sessionFile: string): string {

extensions/codex/src/command-plugins-management.ts

@@ -23,7 +23,7 @@ export type CodexPluginConfigEntry = {
   enabled?: boolean;
   marketplaceName?: string;
   pluginName?: string;
-  allow_destructive_actions?: boolean | "auto" | "always";
+  allow_destructive_actions?: boolean | "auto";
 };
 
 export type CodexPluginsConfigBlock = {

extensions/codex/src/migration/plan.ts

@@ -43,7 +43,7 @@ export type CodexPluginMigrationConfigEntry = {
   configKey: string;
   pluginName: string;
   enabled: boolean;
-  allowDestructiveActions?: "auto" | "always";
+  allowDestructiveActions?: "auto";
 };
 
 type CodexPluginMigrationBlockSkipDetails = {
@@ -168,18 +168,15 @@ function isLegacyDestructivePolicyRepair(
   );
 }
 
-function readExistingPluginAllowDestructiveActions(
+function isLegacyDestructivePolicyConfigEntryRepair(
   existing: unknown,
   pluginName: string,
-): "auto" | "always" | undefined {
+): boolean {
   const existingEntry = isRecord(existing) ? existing : undefined;
-  if (existingEntry?.pluginName !== pluginName) {
-    return undefined;
-  }
-  const normalized = normalizeExistingAllowDestructiveActions(
-    existingEntry.allow_destructive_actions,
+  return (
+    existingEntry?.allow_destructive_actions === "on-request" &&
+    existingEntry.pluginName === pluginName
   );
-  return normalized === "auto" || normalized === "always" ? normalized : undefined;
 }
 
 function buildPluginItems(
@@ -206,15 +203,12 @@ function buildPluginItems(
         enabled: true,
         marketplaceName: CODEX_PLUGINS_MARKETPLACE_NAME,
         pluginName: plugin.pluginName,
-        ...(() => {
-          const allowDestructiveActions = readExistingPluginAllowDestructiveActions(
-            existingPluginEntries[configKey],
-            plugin.pluginName,
-          );
-          return allowDestructiveActions
-            ? { allow_destructive_actions: allowDestructiveActions }
-            : {};
-        })(),
+        ...(isLegacyDestructivePolicyConfigEntryRepair(
+          existingPluginEntries[configKey],
+          plugin.pluginName,
+        )
+          ? { allow_destructive_actions: "auto" }
+          : {}),
       };
       const conflict =
         !ctx.overwrite &&
@@ -240,9 +234,8 @@ function buildPluginItems(
             pluginName: plugin.pluginName,
             sourceInstalled: plugin.installed === true,
             sourceEnabled: plugin.enabled === true,
-            ...(plannedEntry.allow_destructive_actions === "auto" ||
-            plannedEntry.allow_destructive_actions === "always"
-              ? { allowDestructiveActions: plannedEntry.allow_destructive_actions }
+            ...(plannedEntry.allow_destructive_actions === "auto"
+              ? { allowDestructiveActions: "auto" }
               : {}),
             ...(plugin.apps && plugin.apps.length > 0 && !shouldVerifyPluginApps(ctx)
               ? { sourceAppVerification: CODEX_PLUGIN_SOURCE_APP_VERIFICATION_UNVERIFIED }
@@ -317,15 +310,13 @@ export function readCodexPluginMigrationConfigEntry(
     configKey,
     pluginName,
     enabled,
-    ...(allowDestructiveActions === "auto" || allowDestructiveActions === "always"
-      ? { allowDestructiveActions }
-      : {}),
+    ...(allowDestructiveActions === "auto" ? { allowDestructiveActions: "auto" } : {}),
   };
 }
 
 function readExistingAllowDestructiveActions(
   config: MigrationProviderContext["config"],
-): boolean | "auto" | "always" | undefined {
+): boolean | "auto" | undefined {
   const value = readMigrationConfigPath(config as Record<string, unknown>, [
     ...CODEX_PLUGIN_NATIVE_CONFIG_PATH,
     "allow_destructive_actions",
@@ -333,16 +324,8 @@ function readExistingAllowDestructiveActions(
   return normalizeExistingAllowDestructiveActions(value);
 }
 
-function normalizeExistingAllowDestructiveActions(
-  value: unknown,
-): boolean | "auto" | "always" | undefined {
-  if (value === "auto" || value === "on-request") {
-    return "auto";
-  }
-  if (value === "always") {
-    return "always";
-  }
-  return asBoolean(value);
+function normalizeExistingAllowDestructiveActions(value: unknown): boolean | "auto" | undefined {
+  return value === "auto" || value === "on-request" ? "auto" : asBoolean(value);
 }
 
 function readExistingPluginPolicyRepairs(

extensions/codex/src/migration/provider.test.ts

@@ -2108,76 +2108,6 @@ describe("buildCodexMigrationProvider", () => {
     });
   });
 
-  it("preserves global always destructive plugin policy during migration", async () => {
-    const fixture = await createCodexFixture();
-    const configState: MigrationProviderContext["config"] = {
-      plugins: {
-        entries: {
-          codex: {
-            enabled: true,
-            config: {
-              codexPlugins: {
-                enabled: true,
-                allow_destructive_actions: "always",
-                plugins: {},
-              },
-            },
-          },
-        },
-      },
-      agents: { defaults: { workspace: fixture.workspaceDir } },
-    } as MigrationProviderContext["config"];
-    appServerRequest.mockImplementation(async ({ method }: { method: string }) => {
-      if (method === "plugin/list") {
-        return pluginList([pluginSummary("google-calendar", { installed: true, enabled: true })]);
-      }
-      if (method === "plugin/read") {
-        return pluginRead("google-calendar");
-      }
-      if (method === "plugin/install") {
-        return { authPolicy: "ON_USE", appsNeedingAuth: [] } satisfies v2.PluginInstallResponse;
-      }
-      if (method === "skills/list") {
-        return { data: [] } satisfies v2.SkillsListResponse;
-      }
-      if (method === "hooks/list") {
-        return { data: [] } satisfies v2.HooksListResponse;
-      }
-      if (method === "config/mcpServer/reload") {
-        return {};
-      }
-      if (method === "app/list") {
-        return appsList([]);
-      }
-      throw new Error(`unexpected request ${method}`);
-    });
-    const provider = buildCodexMigrationProvider({
-      runtime: createConfigRuntime(configState),
-    });
-
-    const result = await provider.apply(
-      makeContext({
-        source: fixture.codexHome,
-        stateDir: fixture.stateDir,
-        workspaceDir: fixture.workspaceDir,
-        config: configState,
-      }),
-    );
-
-    expectRecordFields(findItem(result.items, "config:codex-plugins"), { status: "migrated" });
-    expect(configState.plugins?.entries?.codex?.config?.codexPlugins).toEqual({
-      enabled: true,
-      allow_destructive_actions: "always",
-      plugins: {
-        "google-calendar": {
-          enabled: true,
-          marketplaceName: CODEX_PLUGINS_MARKETPLACE_NAME,
-          pluginName: "google-calendar",
-        },
-      },
-    });
-  });
-
   it("records auth-required plugin installs as disabled explicit config entries", async () => {
     const fixture = await createCodexFixture();
     const configState: MigrationProviderContext["config"] = {

extensions/codex/src/node-cli-sessions.test.ts

@@ -207,65 +207,4 @@ describe("codex cli node sessions", () => {
       }),
     ).rejects.toThrow("Codex CLI node command returned malformed payloadJSON.");
   });
-
-  it("keeps Codex history session previews on UTF-16 code point boundaries", async () => {
-    const sessionId = "019e2007-1f7e-7eb1-a42b-8c01f4b9b5ce";
-    const text = `${"a".repeat(136)}🤖tail`;
-    await fs.writeFile(
-      path.join(tempDir, "history.jsonl"),
-      JSON.stringify({ session_id: sessionId, ts: 1778678322, text }),
-    );
-
-    const command = createCodexCliSessionNodeHostCommands().find(
-      (entry) => entry.command === CODEX_CLI_SESSIONS_LIST_COMMAND,
-    );
-    const raw = await command?.handle(JSON.stringify({ filter: "", limit: 5 }));
-    const parsed = JSON.parse(raw ?? "{}") as {
-      sessions?: Array<{ lastMessage?: string }>;
-    };
-
-    expect(parsed.sessions?.[0]?.lastMessage).toBe(`${"a".repeat(136)}...`);
-    expect(parsed.sessions?.[0]?.lastMessage).not.toContain("\ud83e");
-    expect(parsed.sessions?.[0]?.lastMessage).not.toContain("\udd16");
-  });
-
-  it("keeps Codex session-file previews on UTF-16 code point boundaries", async () => {
-    const sessionId = "019e23d1-f33d-78e3-959e-0f56f30a5248";
-    const sessionDir = path.join(tempDir, "sessions", "2026", "05", "14");
-    const sessionFile = path.join(sessionDir, `rollout-2026-05-14T00-10-22-${sessionId}.jsonl`);
-    const text = `${"b".repeat(136)}🤖tail`;
-
-    await fs.mkdir(sessionDir, { recursive: true });
-    await fs.writeFile(
-      sessionFile,
-      [
-        JSON.stringify({
-          timestamp: "2026-05-14T00:10:23.618Z",
-          type: "session_meta",
-          payload: { id: sessionId, cwd: "/tmp/codex-work" },
-        }),
-        JSON.stringify({
-          timestamp: "2026-05-14T00:10:23.619Z",
-          type: "response_item",
-          payload: {
-            type: "message",
-            role: "user",
-            content: [{ type: "input_text", text }],
-          },
-        }),
-      ].join("\n"),
-    );
-
-    const command = createCodexCliSessionNodeHostCommands().find(
-      (entry) => entry.command === CODEX_CLI_SESSIONS_LIST_COMMAND,
-    );
-    const raw = await command?.handle(JSON.stringify({ filter: "", limit: 5 }));
-    const parsed = JSON.parse(raw ?? "{}") as {
-      sessions?: Array<{ lastMessage?: string }>;
-    };
-
-    expect(parsed.sessions?.[0]?.lastMessage).toBe(`${"b".repeat(136)}...`);
-    expect(parsed.sessions?.[0]?.lastMessage).not.toContain("\ud83e");
-    expect(parsed.sessions?.[0]?.lastMessage).not.toContain("\udd16");
-  });
 });

extensions/codex/src/node-cli-sessions.ts

@@ -12,7 +12,6 @@ import type {
 import type { PluginRuntime } from "openclaw/plugin-sdk/plugin-runtime";
 import { isRecord } from "openclaw/plugin-sdk/string-coerce-runtime";
 import { resolvePreferredOpenClawTmpDir } from "openclaw/plugin-sdk/temp-path";
-import { truncateUtf16Safe } from "openclaw/plugin-sdk/text-utility-runtime";
 import {
   materializeWindowsSpawnProgram,
   resolveWindowsSpawnProgram,
@@ -692,10 +691,7 @@ function normalizeTimeoutMs(value: unknown): number {
 }
 
 function truncateText(value: string, max: number): string {
-  if (value.length <= max) {
-    return value;
-  }
-  return `${truncateUtf16Safe(value, Math.max(0, max - 3))}...`;
+  return value.length > max ? `${value.slice(0, max - 3)}...` : value;
 }
 
 function compareOptionalStringsDesc(a?: string, b?: string): number {

extensions/duckduckgo/src/ddg-client.ts

@@ -36,10 +36,6 @@ type DuckDuckGoResult = {
   snippet: string;
 };
 
-function isDecodableCodePoint(cp: number): boolean {
-  return Number.isInteger(cp) && cp >= 0 && cp <= 0x10ffff && (cp < 0xd800 || cp > 0xdfff);
-}
-
 function decodeHtmlEntities(text: string): string {
   return text.replace(
     /&(?:lt|gt|quot|apos|#39|#x27|#x2F|nbsp|ndash|mdash|hellip|amp|#\d+|#x[0-9a-f]+);/gi,
@@ -76,12 +72,10 @@ function decodeHtmlEntities(text: string): string {
         return "&";
       }
       if (normalized.startsWith("&#x")) {
-        const codePoint = Number.parseInt(normalized.slice(3, -1), 16);
-        return isDecodableCodePoint(codePoint) ? String.fromCodePoint(codePoint) : entity;
+        return String.fromCodePoint(Number.parseInt(normalized.slice(3, -1), 16));
       }
       if (normalized.startsWith("&#")) {
-        const codePoint = Number.parseInt(normalized.slice(2, -1), 10);
-        return isDecodableCodePoint(codePoint) ? String.fromCodePoint(codePoint) : entity;
+        return String.fromCodePoint(Number.parseInt(normalized.slice(2, -1), 10));
       }
       return entity;
     },

extensions/duckduckgo/src/ddg-search-provider.test.ts

@@ -205,20 +205,6 @@ describe("duckduckgo web search provider", () => {
     );
   });
 
-  it("leaves out-of-range numeric html entities intact instead of throwing", () => {
-    expect(() => ddgClientTesting.decodeHtmlEntities("Result � end")).not.toThrow();
-    expect(ddgClientTesting.decodeHtmlEntities("Result � end")).toBe(
-      "Result � end",
-    );
-    expect(ddgClientTesting.decodeHtmlEntities("Hex � tail")).toBe("Hex � tail");
-    // Surrogate-range entities would decode to lone UTF-16 surrogates; keep them intact.
-    expect(ddgClientTesting.decodeHtmlEntities("Bad � end")).toBe("Bad � end");
-    expect(ddgClientTesting.decodeHtmlEntities("Bad � end")).toBe("Bad � end");
-    expect(ddgClientTesting.decodeHtmlEntities("Bad � end")).toBe("Bad � end");
-    // A valid supplementary-plane entity still decodes.
-    expect(ddgClientTesting.decodeHtmlEntities("Smile 😀")).toBe("Smile 😀");
-  });
-
   it("does not double-decode escaped entities (decodes & last)", () => {
     // A result whose text literally shows "<" arrives double-encoded as
     // "&amp;lt;". Decoding &amp; first would re-decode it into "<", corrupting

extensions/google/media-understanding-provider.ts

@@ -11,7 +11,6 @@ import {
 import {
   assertOkOrThrowProviderError,
   postJsonRequest,
-  readProviderJsonResponse,
   type ProviderRequestTransportOverrides,
 } from "openclaw/plugin-sdk/provider-http";
 import {
@@ -98,11 +97,11 @@ async function generateGeminiInlineDataText(params: {
   try {
     await assertOkOrThrowProviderError(res, params.httpErrorLabel);
 
-    const payload = await readProviderJsonResponse<{
+    const payload = (await res.json()) as {
       candidates?: Array<{
         content?: { parts?: Array<{ text?: string }> };
       }>;
-    }>(res, params.httpErrorLabel);
+    };
     const parts = payload.candidates?.[0]?.content?.parts ?? [];
     const text = parts
       .map((part) => part?.text?.trim())

extensions/google/media-understanding-provider.video.test.ts

@@ -1,5 +1,4 @@
 // Google tests cover media understanding provider.video plugin behavior.
-import { createServer, type Server } from "node:http";
 import {
   createRequestCaptureJsonFetch,
   installPinnedHostnameTestHooks,
@@ -11,49 +10,6 @@ import { resolveGoogleGenerativeAiHttpRequestConfig } from "./runtime-api.js";
 
 installPinnedHostnameTestHooks();
 
-const LOOPBACK_RESPONSE_BYTES = 18 * 1024 * 1024;
-
-async function listenLoopbackServer(server: Server): Promise<number> {
-  return await new Promise((resolve, reject) => {
-    server.once("error", reject);
-    server.listen(0, "127.0.0.1", () => {
-      server.off("error", reject);
-      const address = server.address();
-      if (!address || typeof address === "string") {
-        reject(new Error("expected loopback TCP address"));
-        return;
-      }
-      resolve(address.port);
-    });
-  });
-}
-
-function createOversizedJsonServer(): { server: Server; closed: Promise<number> } {
-  let resolveClosed: (sentBytes: number) => void = () => {};
-  const closed = new Promise<number>((resolve) => {
-    resolveClosed = resolve;
-  });
-  const server = createServer((_req, res) => {
-    let sentBytes = 0;
-    const chunk = Buffer.alloc(64 * 1024, 0x20);
-    res.writeHead(200, { "content-type": "application/json" });
-    const timer = setInterval(() => {
-      if (sentBytes >= LOOPBACK_RESPONSE_BYTES) {
-        clearInterval(timer);
-        res.end();
-        return;
-      }
-      sentBytes += chunk.length;
-      res.write(chunk);
-    }, 1);
-    res.on("close", () => {
-      clearInterval(timer);
-      resolveClosed(sentBytes);
-    });
-  });
-  return { server, closed };
-}
-
 describe("describeGeminiVideo", () => {
   it("respects case-insensitive x-goog-api-key overrides", async () => {
     let seenKey: string | null = null;
@@ -158,29 +114,6 @@ describe("describeGeminiVideo", () => {
     );
   });
 
-  it("bounds oversized video JSON responses and closes the stream early", async () => {
-    const { server, closed } = createOversizedJsonServer();
-    const port = await listenLoopbackServer(server);
-    const fetchFn = withFetchPreconnect(async () =>
-      fetch(`http://127.0.0.1:${port}/google-video-json`),
-    );
-
-    try {
-      await expect(
-        describeGeminiVideo({
-          buffer: Buffer.from("video-bytes"),
-          fileName: "clip.mp4",
-          apiKey: "test-key",
-          timeoutMs: 1500,
-          fetchFn,
-        }),
-      ).rejects.toThrow(/JSON response exceeds 16777216 bytes/u);
-      await expect(closed).resolves.toBeLessThan(LOOPBACK_RESPONSE_BYTES);
-    } finally {
-      server.close();
-    }
-  });
-
   it("rejects non-Google video base URLs before sending authenticated requests", async () => {
     await expect(
       describeGeminiVideo({

extensions/google/speech-provider.test.ts

@@ -20,8 +20,6 @@ const {
 let buildGoogleSpeechProvider: typeof import("./speech-provider.js").buildGoogleSpeechProvider;
 let testing: typeof import("./speech-provider.js").testing;
 
-const GOOGLE_TTS_JSON_CAP_BYTES = 16 * 1024 * 1024;
-
 beforeAll(async () => {
   ({ buildGoogleSpeechProvider, testing } = await import("./speech-provider.js"));
 });
@@ -58,26 +56,6 @@ function installGoogleTtsRequestMock(pcm = Buffer.from([1, 0, 2, 0])) {
   return postJsonRequestMock;
 }
 
-function oversizedGoogleTtsJsonResponse(onCancel: () => void): Response {
-  const response = new Response(
-    new ReadableStream<Uint8Array>({
-      start(controller) {
-        controller.enqueue(new Uint8Array(GOOGLE_TTS_JSON_CAP_BYTES + 1));
-      },
-      cancel() {
-        onCancel();
-      },
-    }),
-    { headers: { "content-type": "application/json" }, status: 200 },
-  );
-  Object.defineProperty(response, "json", {
-    value: async () => {
-      throw new Error("unbounded json reader was used");
-    },
-  });
-  return response;
-}
-
 function expectRecordFields(value: unknown, expected: Record<string, unknown>) {
   if (!value || typeof value !== "object") {
     throw new Error("Expected record");
@@ -171,39 +149,6 @@ describe("Google speech provider", () => {
     expect(transcodeAudioBufferToOpusMock).not.toHaveBeenCalled();
   });
 
-  it("bounds oversized Gemini TTS success JSON responses and cancels the stream", async () => {
-    let cancelCount = 0;
-    const release = vi.fn(async () => {});
-    postJsonRequestMock
-      .mockResolvedValueOnce({
-        response: oversizedGoogleTtsJsonResponse(() => {
-          cancelCount += 1;
-        }),
-        release,
-      })
-      .mockResolvedValueOnce({
-        response: oversizedGoogleTtsJsonResponse(() => {
-          cancelCount += 1;
-        }),
-        release,
-      });
-    const provider = buildGoogleSpeechProvider();
-
-    await expect(
-      provider.synthesize({
-        text: "oversized tts response",
-        cfg: {},
-        providerConfig: {
-          apiKey: "google-test-key",
-        },
-        target: "audio-file",
-        timeoutMs: 12_000,
-      }),
-    ).rejects.toThrow("Google TTS response: JSON response exceeds 16777216 bytes");
-    expect(cancelCount).toBe(2);
-    expect(release).toHaveBeenCalledTimes(2);
-  });
-
   it("transcodes Gemini PCM to Opus for voice-note targets", async () => {
     installGoogleTtsRequestMock(Buffer.from([5, 0, 6, 0]));
     transcodeAudioBufferToOpusMock.mockResolvedValueOnce(Buffer.from("google-opus"));

extensions/google/speech-provider.ts

@@ -3,7 +3,6 @@ import { transcodeAudioBufferToOpus } from "openclaw/plugin-sdk/media-runtime";
 import {
   assertOkOrThrowProviderError,
   postJsonRequest,
-  readProviderJsonResponse,
   sanitizeConfiguredModelProviderRequest,
 } from "openclaw/plugin-sdk/provider-http";
 import type { OpenClawConfig } from "openclaw/plugin-sdk/provider-onboard";
@@ -504,11 +503,7 @@ async function synthesizeGoogleTtsPcmOnce(params: {
       }
     }
     try {
-      const payload = await readProviderJsonResponse<GoogleGenerateSpeechResponse>(
-        res,
-        "Google TTS response",
-      );
-      return extractGoogleSpeechPcm(payload);
+      return extractGoogleSpeechPcm((await res.json()) as GoogleGenerateSpeechResponse);
     } catch (err) {
       const message = err instanceof Error ? err.message : String(err);
       throw new GoogleTtsRetryableError(message);

extensions/google/transport-stream.test.ts

@@ -476,45 +476,6 @@ describe("google transport stream", () => {
     expect(result.content[2]).toHaveProperty("thoughtSignature", "Y2FsbF9zaWdfMQ==");
   });
 
-  it("preserves MAX_TOKENS when the partial response contains a function call", async () => {
-    guardedFetchMock.mockResolvedValueOnce(
-      buildSseResponse([
-        {
-          candidates: [
-            {
-              content: {
-                parts: [{ functionCall: { name: "lookup", args: { q: "hello" } } }],
-              },
-              finishReason: "MAX_TOKENS",
-            },
-          ],
-        },
-      ]),
-    );
-
-    const streamFn = createGoogleGenerativeAiTransportStreamFn();
-    const stream = await Promise.resolve(
-      streamFn(
-        buildGeminiModel(),
-        {
-          messages: [{ role: "user", content: "hello", timestamp: 0 }],
-          tools: [
-            {
-              name: "lookup",
-              description: "Look up a value",
-              parameters: { type: "object" },
-            },
-          ],
-        } as Parameters<typeof streamFn>[1],
-        { apiKey: "gemini-api-key" } as Parameters<typeof streamFn>[2],
-      ),
-    );
-    const result = await stream.result();
-
-    expect(result.stopReason).toBe("length");
-    expect(result.content).toEqual([expect.objectContaining({ type: "toolCall", name: "lookup" })]);
-  });
-
   it("strips redundant google provider prefixes from Gemini API model paths", async () => {
     guardedFetchMock.mockResolvedValueOnce(buildSseResponse([]));
 

extensions/google/transport-stream.ts

@@ -1404,12 +1404,7 @@ function createGoogleTransportStreamFn(kind: CanonicalGoogleTransportApi): Strea
           }
           if (typeof candidate?.finishReason === "string") {
             output.stopReason = mapStopReasonString(candidate.finishReason);
-            // MAX_TOKENS can leave a complete-looking partial call. Only a normal
-            // Google stop may promote parsed calls into an executable tool-use turn.
-            if (
-              output.stopReason === "stop" &&
-              output.content.some((block) => block.type === "toolCall")
-            ) {
+            if (output.content.some((block) => block.type === "toolCall")) {
               output.stopReason = "toolUse";
             }
           }

extensions/googlechat/src/api.ts

@@ -2,10 +2,6 @@
 import crypto from "node:crypto";
 import { formatErrorMessage } from "openclaw/plugin-sdk/error-runtime";
 import { parseMediaContentLength } from "openclaw/plugin-sdk/media-runtime";
-import {
-  readProviderJsonResponse,
-  readResponseTextLimited,
-} from "openclaw/plugin-sdk/provider-http";
 import { readResponseWithLimit } from "openclaw/plugin-sdk/response-limit-runtime";
 import { fetchWithSsrFGuard } from "openclaw/plugin-sdk/ssrf-runtime";
 import type { ResolvedGoogleChatAccount } from "./accounts.js";
@@ -17,7 +13,11 @@ const CHAT_API_BASE = "https://chat.googleapis.com/v1";
 const CHAT_UPLOAD_BASE = "https://chat.googleapis.com/upload/v1";
 
 async function readGoogleChatJsonResponse<T>(response: Response, label: string): Promise<T> {
-  return readProviderJsonResponse<T>(response, label);
+  try {
+    return (await response.json()) as T;
+  } catch (cause) {
+    throw new Error(`${label}: malformed JSON response`, { cause });
+  }
 }
 
 const headersToObject = (headers?: HeadersInit): Record<string, string> =>
@@ -57,7 +57,7 @@ async function withGoogleChatResponse<T>(params: {
   });
   try {
     if (!response.ok) {
-      const text = await readResponseTextLimited(response).catch(() => "");
+      const text = await response.text().catch(() => "");
       throw new Error(`${errorPrefix} ${response.status}: ${text || response.statusText}`);
     }
     return await handleResponse(response);

extensions/googlechat/src/approval-handler.runtime.test.ts

@@ -110,45 +110,6 @@ function createDeferred<T>(): {
   return { promise, reject, resolve };
 }
 
-type CardPayloadWithTextWidgets = {
-  cardsV2: Array<{
-    card: {
-      sections?: Array<{
-        header?: string;
-        widgets?: Array<{ textParagraph?: { text: string } }>;
-      }>;
-    };
-  }>;
-};
-
-function getTextParagraphText(payload: unknown, header: string): string {
-  const text = (payload as CardPayloadWithTextWidgets).cardsV2[0]?.card.sections?.find(
-    (section) => section.header === header,
-  )?.widgets?.[0]?.textParagraph?.text;
-  if (typeof text !== "string") {
-    throw new Error(`Expected ${header} text paragraph`);
-  }
-  return text;
-}
-
-function isUtf16WellFormed(value: string): boolean {
-  for (let index = 0; index < value.length; index += 1) {
-    const codeUnit = value.charCodeAt(index);
-    if (codeUnit >= 0xd800 && codeUnit <= 0xdbff) {
-      const nextCodeUnit = index + 1 < value.length ? value.charCodeAt(index + 1) : -1;
-      if (nextCodeUnit < 0xdc00 || nextCodeUnit > 0xdfff) {
-        return false;
-      }
-      index += 1;
-      continue;
-    }
-    if (codeUnit >= 0xdc00 && codeUnit <= 0xdfff) {
-      return false;
-    }
-  }
-  return true;
-}
-
 describe("googleChatApprovalNativeRuntime", () => {
   async function preparePendingDelivery(view = createPendingView()) {
     const nowMs = Date.now();
@@ -188,31 +149,6 @@ describe("googleChatApprovalNativeRuntime", () => {
     return { pendingPayload, plannedTarget, prepared, request, view };
   }
 
-  it("keeps truncated pending command card text UTF-16 well formed", async () => {
-    const view = createPendingView();
-    view.commandText = `${"a".repeat(1796)}😀${"b".repeat(100)}`;
-
-    const { pendingPayload } = await preparePendingDelivery(view);
-    const commandText = getTextParagraphText(pendingPayload, "Command");
-
-    expect(commandText.length).toBeLessThanOrEqual(1800);
-    expect(commandText.endsWith("...")).toBe(true);
-    expect(isUtf16WellFormed(commandText)).toBe(true);
-    expect(JSON.stringify(pendingPayload.cardsV2)).not.toContain("\\ud83d");
-  });
-
-  it("preserves a complete astral character when it fits before the truncation suffix", async () => {
-    const view = createPendingView();
-    view.commandText = `${"a".repeat(1795)}😀${"b".repeat(100)}`;
-
-    const { pendingPayload } = await preparePendingDelivery(view);
-    const commandText = getTextParagraphText(pendingPayload, "Command");
-
-    expect(commandText).toBe(`${"a".repeat(1795)}😀...`);
-    expect(commandText.length).toBe(1800);
-    expect(isUtf16WellFormed(commandText)).toBe(true);
-  });
-
   it("sends pending cards and updates the delivered message without buttons", async () => {
     sendGoogleChatMessage.mockResolvedValue({ messageName: "spaces/AAA/messages/msg-1" });
     updateGoogleChatMessage.mockResolvedValue({ messageName: "spaces/AAA/messages/msg-1" });

extensions/googlechat/src/approval-handler.runtime.ts

@@ -9,7 +9,6 @@ import { buildChannelApprovalNativeTargetKey } from "openclaw/plugin-sdk/approva
 import type { ExecApprovalDecision } from "openclaw/plugin-sdk/approval-runtime";
 import { createSubsystemLogger } from "openclaw/plugin-sdk/runtime-env";
 import { normalizeOptionalString } from "openclaw/plugin-sdk/string-coerce-runtime";
-import { truncateUtf16Safe } from "openclaw/plugin-sdk/text-utility-runtime";
 import { resolveGoogleChatAccount, type ResolvedGoogleChatAccount } from "./accounts.js";
 import { sendGoogleChatMessage, updateGoogleChatMessage } from "./api.js";
 import {
@@ -88,7 +87,7 @@ function escapeGoogleChatText(text: string): string {
 }
 
 function truncateText(text: string, maxChars = MAX_TEXT_PARAGRAPH_CHARS): string {
-  return text.length <= maxChars ? text : `${truncateUtf16Safe(text, maxChars - 3)}...`;
+  return text.length <= maxChars ? text : `${text.slice(0, maxChars - 3)}...`;
 }
 
 function buildMetadataText(metadata: readonly { label: string; value: string }[]): string {

extensions/googlechat/src/auth.ts

@@ -1,5 +1,4 @@
 // Googlechat plugin module implements auth behavior.
-import { readProviderJsonResponse } from "openclaw/plugin-sdk/provider-http";
 import { normalizeLowercaseStringOrEmpty } from "openclaw/plugin-sdk/string-coerce-runtime";
 import { fetchWithSsrFGuard } from "../runtime-api.js";
 import type { ResolvedGoogleChatAccount } from "./accounts.js";
@@ -18,10 +17,11 @@ const CHAT_CERTS_URL =
   "https://www.googleapis.com/service_accounts/v1/metadata/x509/chat@system.gserviceaccount.com";
 
 async function readGoogleChatCertsResponse(response: Response): Promise<Record<string, string>> {
-  return readProviderJsonResponse<Record<string, string>>(
-    response,
-    "Google Chat cert fetch failed",
-  );
+  try {
+    return (await response.json()) as Record<string, string>;
+  } catch (cause) {
+    throw new Error("Google Chat cert fetch failed: malformed JSON response", { cause });
+  }
 }
 
 // Size-capped to prevent unbounded growth in long-running deployments (#4948)

extensions/googlechat/src/targets.test.ts

@@ -568,137 +568,4 @@ describe("verifyGoogleChatRequest", () => {
     });
     expect(release).toHaveBeenCalledOnce();
   });
-
-  describe("bounded JSON read (readProviderJsonResponse delegation)", () => {
-    afterEach(() => {
-      authTesting.resetGoogleChatAuthForTests();
-      mocks.fetchWithSsrFGuard.mockClear();
-      vi.unstubAllGlobals();
-    });
-
-    it("cancels oversized cert fetch JSON body via the 16 MiB provider cap", async () => {
-      const ONE_MIB = 1024 * 1024;
-      const TOTAL_CHUNKS = 32;
-      const chunk = new Uint8Array(ONE_MIB);
-
-      let bytesPulled = 0;
-      let canceled = false;
-      const oversizedJson = new Response(
-        new ReadableStream<Uint8Array>({
-          pull(controller) {
-            if (bytesPulled >= TOTAL_CHUNKS * ONE_MIB) {
-              controller.close();
-              return;
-            }
-            bytesPulled += chunk.length;
-            controller.enqueue(chunk);
-          },
-          cancel() {
-            canceled = true;
-          },
-        }),
-        { status: 200, headers: { "Content-Type": "application/json" } },
-      );
-      const release = vi.fn(async () => {});
-      mocks.fetchWithSsrFGuard.mockResolvedValueOnce({
-        response: oversizedJson,
-        release,
-      });
-
-      const result = await verifyGoogleChatRequest({
-        bearer: "token",
-        audienceType: "project-number",
-        audience: "123456789",
-      });
-
-      expect(result.ok).toBe(false);
-      expect(result.reason).toMatch(/JSON response exceeds 16777216 bytes/);
-      expect(canceled).toBe(true);
-      expect(bytesPulled).toBeLessThan(TOTAL_CHUNKS * ONE_MIB);
-      expect(release).toHaveBeenCalledOnce();
-    });
-
-    it("rejects oversized sendMessage JSON body via the 16 MiB provider cap", async () => {
-      const ONE_MIB = 1024 * 1024;
-      const TOTAL_CHUNKS = 32;
-      const chunk = new Uint8Array(ONE_MIB);
-
-      let bytesPulled = 0;
-      let canceled = false;
-      const oversizedJson = new Response(
-        new ReadableStream<Uint8Array>({
-          pull(controller) {
-            if (bytesPulled >= TOTAL_CHUNKS * ONE_MIB) {
-              controller.close();
-              return;
-            }
-            bytesPulled += chunk.length;
-            controller.enqueue(chunk);
-          },
-          cancel() {
-            canceled = true;
-          },
-        }),
-        { status: 200, headers: { "Content-Type": "application/json" } },
-      );
-      const release = vi.fn(async () => {});
-      mocks.fetchWithSsrFGuard.mockResolvedValueOnce({
-        response: oversizedJson,
-        release,
-      });
-
-      await expect(
-        sendGoogleChatMessage({
-          account,
-          space: "spaces/AAA",
-          text: "hello",
-        }),
-      ).rejects.toThrow(/Google Chat API request failed: JSON response exceeds 16777216 bytes/);
-
-      expect(canceled).toBe(true);
-      expect(bytesPulled).toBeLessThan(TOTAL_CHUNKS * ONE_MIB);
-    });
-
-    it("caps non-OK sendMessage error bodies before formatting the API error", async () => {
-      const ONE_MIB = 1024 * 1024;
-      const TOTAL_CHUNKS = 32;
-      const chunk = new TextEncoder().encode("x".repeat(ONE_MIB));
-
-      let bytesPulled = 0;
-      let canceled = false;
-      const oversizedError = new Response(
-        new ReadableStream<Uint8Array>({
-          pull(controller) {
-            if (bytesPulled >= TOTAL_CHUNKS * ONE_MIB) {
-              controller.close();
-              return;
-            }
-            bytesPulled += chunk.length;
-            controller.enqueue(chunk);
-          },
-          cancel() {
-            canceled = true;
-          },
-        }),
-        { status: 500, statusText: "Internal Server Error" },
-      );
-      const release = vi.fn(async () => {});
-      mocks.fetchWithSsrFGuard.mockResolvedValueOnce({
-        response: oversizedError,
-        release,
-      });
-
-      await expect(
-        sendGoogleChatMessage({
-          account,
-          space: "spaces/AAA",
-          text: "hello",
-        }),
-      ).rejects.toThrow(/^Google Chat API 500: x+/);
-
-      expect(canceled).toBe(true);
-      expect(bytesPulled).toBeLessThan(TOTAL_CHUNKS * ONE_MIB);
-      expect(release).toHaveBeenCalledOnce();
-    });
-  });
 });

extensions/irc/src/channel.test.ts

@@ -15,21 +15,3 @@ describe("irc outbound chunking", () => {
     expect(ircOutboundBaseAdapter.textChunkLimit).toBe(350);
   });
 });
-
-describe("irc outbound sanitizeText", () => {
-  afterEach(() => {
-    clearIrcRuntime();
-  });
-
-  it("strips internal tool-trace banners before outbound delivery", () => {
-    const text = "Done.\n⚠️ 🛠️ `search repos (agent)` failed";
-
-    expect(ircOutboundBaseAdapter.sanitizeText({ text })).toBe("Done.");
-  });
-
-  it("preserves ordinary assistant prose while sanitizing", () => {
-    const text = "The pipeline has 3 open deals.";
-
-    expect(ircOutboundBaseAdapter.sanitizeText({ text })).toBe(text);
-  });
-});

extensions/irc/src/outbound-base.ts

@@ -1,6 +1,5 @@
 // Irc plugin module implements outbound base behavior.
 import { sanitizeForPlainText } from "openclaw/plugin-sdk/channel-outbound";
-import { sanitizeAssistantVisibleText } from "openclaw/plugin-sdk/text-chunking";
 import { chunkTextForOutbound } from "./channel-api.js";
 
 export const ircOutboundBaseAdapter = {
@@ -8,9 +7,5 @@ export const ircOutboundBaseAdapter = {
   chunker: chunkTextForOutbound,
   chunkerMode: "markdown" as const,
   textChunkLimit: 350,
-  // IRC's plain-text pass does not remove assistant scaffolding. Run the
-  // canonical delivery sanitizer first so internal tool traces are dropped
-  // before channel formatting.
-  sanitizeText: ({ text }: { text: string }) =>
-    sanitizeForPlainText(sanitizeAssistantVisibleText(text)),
+  sanitizeText: ({ text }: { text: string }) => sanitizeForPlainText(text),
 };

extensions/msteams/src/feedback-reflection-prompt.ts

@@ -1,6 +1,5 @@
 // Msteams plugin module implements feedback reflection prompt behavior.
 import { normalizeOptionalLowercaseString } from "openclaw/plugin-sdk/string-coerce-runtime";
-import { truncateUtf16Safe } from "openclaw/plugin-sdk/text-utility-runtime";
 
 /** Max chars of the thumbed-down response to include in the reflection prompt. */
 const MAX_RESPONSE_CHARS = 500;
@@ -20,7 +19,7 @@ export function buildReflectionPrompt(params: {
   if (params.thumbedDownResponse) {
     const truncated =
       params.thumbedDownResponse.length > MAX_RESPONSE_CHARS
-        ? `${truncateUtf16Safe(params.thumbedDownResponse, MAX_RESPONSE_CHARS)}...`
+        ? `${params.thumbedDownResponse.slice(0, MAX_RESPONSE_CHARS)}...`
         : params.thumbedDownResponse;
     parts.push(`\nYour response was:\n> ${truncated}`);
   }

extensions/msteams/src/feedback-reflection.test.ts

@@ -19,11 +19,6 @@ import { msteamsRuntimeStub } from "./test-support/runtime.js";
 
 const previousStateDir = process.env.OPENCLAW_STATE_DIR;
 
-// Matches an unpaired UTF-16 surrogate (lone high or lone low), without relying
-// on the ES2024 String.prototype.isWellFormed() runtime API.
-const UNPAIRED_SURROGATE_RE =
-  /[\uD800-\uDBFF](?![\uDC00-\uDFFF])|(?<![\uD800-\uDBFF])[\uDC00-\uDFFF]/;
-
 describe("buildFeedbackEvent", () => {
   it("builds a well-formed custom event", () => {
     const event = buildFeedbackEvent({
@@ -78,26 +73,6 @@ describe("buildReflectionPrompt", () => {
     expect(prompt.length).toBeLessThan(longResponse.length + 500);
   });
 
-  it("does not split UTF-16 surrogate pairs when truncating a thumbed-down response", () => {
-    const thumbedDownResponse = `${"a".repeat(499)}🦞${"b".repeat(20)}`;
-
-    const prompt = buildReflectionPrompt({ thumbedDownResponse });
-
-    expect(prompt).not.toMatch(UNPAIRED_SURROGATE_RE);
-    expect(prompt).toContain(`${"a".repeat(499)}...`);
-    expect(prompt).not.toContain("\ud83e");
-    expect(prompt).not.toContain("\udd9e");
-  });
-
-  it("keeps a boundary emoji when it fully fits before the truncation cap", () => {
-    const thumbedDownResponse = `${"a".repeat(498)}🦞${"b".repeat(20)}`;
-
-    const prompt = buildReflectionPrompt({ thumbedDownResponse });
-
-    expect(prompt).not.toMatch(UNPAIRED_SURROGATE_RE);
-    expect(prompt).toContain(`${"a".repeat(498)}🦞...`);
-  });
-
   it("includes user comment when provided", () => {
     const prompt = buildReflectionPrompt({
       thumbedDownResponse: "Some response",

extensions/msteams/src/thread-parent-context.test.ts

@@ -10,11 +10,6 @@ import {
   summarizeParentMessage,
 } from "./thread-parent-context.js";
 
-// Matches an unpaired UTF-16 surrogate (lone high or lone low), without relying
-// on the ES2024 String.prototype.isWellFormed() runtime API.
-const UNPAIRED_SURROGATE_RE =
-  /[\uD800-\uDBFF](?![\uDC00-\uDFFF])|(?<![\uD800-\uDBFF])[\uDC00-\uDFFF]/;
-
 describe("summarizeParentMessage", () => {
   it("returns undefined for missing message", () => {
     expect(summarizeParentMessage(undefined)).toBeUndefined();
@@ -86,20 +81,6 @@ describe("summarizeParentMessage", () => {
     expect(summary?.text.length).toBeLessThanOrEqual(400);
     expect(summary?.text.endsWith("…")).toBe(true);
   });
-
-  it("keeps truncated parent text well-formed when truncating surrogate pairs", () => {
-    const msg: GraphThreadMessage = {
-      id: "p1",
-      from: { user: { displayName: "Dana" } },
-      body: { content: `${"a".repeat(398)}🦞${"b".repeat(50)}`, contentType: "text" },
-    };
-
-    const summary = summarizeParentMessage(msg);
-
-    expect(summary?.text).not.toMatch(UNPAIRED_SURROGATE_RE);
-    expect(summary?.text).toBe(`${"a".repeat(398)}…`);
-    expect(summary?.text.endsWith("\ud83e…")).toBe(false);
-  });
 });
 
 describe("formatParentContextEvent", () => {

extensions/msteams/src/thread-parent-context.ts

@@ -17,7 +17,6 @@ import {
   asDateTimestampMs,
   resolveExpiresAtMsFromDurationMs,
 } from "openclaw/plugin-sdk/number-runtime";
-import { truncateUtf16Safe } from "openclaw/plugin-sdk/text-utility-runtime";
 import { fetchChannelMessage, stripHtmlFromTeamsMessage } from "./graph-thread.js";
 import type { GraphThreadMessage } from "./graph-thread.js";
 
@@ -139,9 +138,7 @@ export function summarizeParentMessage(
   return {
     sender,
     text:
-      text.length > PARENT_TEXT_MAX_CHARS
-        ? `${truncateUtf16Safe(text, PARENT_TEXT_MAX_CHARS - 1)}…`
-        : text,
+      text.length > PARENT_TEXT_MAX_CHARS ? `${text.slice(0, PARENT_TEXT_MAX_CHARS - 1)}…` : text,
   };
 }
 

extensions/nostr/src/nostr-bus.integration.test.ts

@@ -232,55 +232,6 @@ describe("SeenTracker", () => {
       tracker.stop();
       vi.useRealTimers();
     });
-
-    it.each([-1, 0])("falls back to default TTL for non-positive ttlMs %s", (ttlMs) => {
-      vi.useFakeTimers();
-      const tracker = createTracker({ ttlMs, pruneIntervalMs: 10 * 60 * 1000 });
-
-      try {
-        tracker.add("id1");
-        vi.advanceTimersByTime(1);
-        expect(tracker.peek("id1")).toBe(true);
-      } finally {
-        tracker.stop();
-        vi.useRealTimers();
-      }
-    });
-
-    it("falls back to default TTL for infinite ttlMs", () => {
-      vi.useFakeTimers();
-      const tracker = createTracker({
-        ttlMs: Number.POSITIVE_INFINITY,
-        pruneIntervalMs: 10 * 60 * 1000,
-      });
-
-      try {
-        tracker.add("id1");
-        vi.advanceTimersByTime(60 * 60 * 1000 + 1);
-        expect(tracker.peek("id1")).toBe(false);
-      } finally {
-        tracker.stop();
-        vi.useRealTimers();
-      }
-    });
-
-    it.each([-1, 0, Number.POSITIVE_INFINITY])(
-      "uses the default prune interval for unsafe pruneIntervalMs %s",
-      (pruneIntervalMs) => {
-        vi.useFakeTimers();
-        const setIntervalSpy = vi.spyOn(globalThis, "setInterval");
-        const tracker = createTracker({ pruneIntervalMs });
-
-        try {
-          expect(setIntervalSpy).toHaveBeenCalledTimes(1);
-          expect(setIntervalSpy.mock.calls[0]?.[1]).toBe(10 * 60 * 1000);
-        } finally {
-          tracker.stop();
-          setIntervalSpy.mockRestore();
-          vi.useRealTimers();
-        }
-      },
-    );
   });
 });
 

extensions/nostr/src/seen-tracker.ts

@@ -3,10 +3,7 @@
  * Prevents unbounded memory growth under high load or abuse.
  */
 
-import {
-  resolveIntegerOption,
-  resolvePositiveTimerTimeoutMs,
-} from "openclaw/plugin-sdk/number-runtime";
+import { resolveIntegerOption } from "openclaw/plugin-sdk/number-runtime";
 
 interface SeenTrackerOptions {
   /** Maximum number of entries to track (default: 100,000) */
@@ -48,8 +45,8 @@ interface Entry {
  */
 export function createSeenTracker(options?: SeenTrackerOptions): SeenTracker {
   const maxEntries = resolveIntegerOption(options?.maxEntries, 100_000, { min: 1 });
-  const ttlMs = resolvePositiveTimerTimeoutMs(options?.ttlMs, 60 * 60 * 1000);
-  const pruneIntervalMs = resolvePositiveTimerTimeoutMs(options?.pruneIntervalMs, 10 * 60 * 1000);
+  const ttlMs = options?.ttlMs ?? 60 * 60 * 1000; // 1 hour
+  const pruneIntervalMs = options?.pruneIntervalMs ?? 10 * 60 * 1000; // 10 minutes
 
   // Main storage
   const entries = new Map<string, Entry>();

extensions/ollama/src/stream.test.ts

@@ -98,13 +98,13 @@ describe("buildAssistantMessage", () => {
     expect(msg.stopReason).toBe("length");
   });
 
-  it("keeps a length stop authoritative over complete-looking tool calls", () => {
+  it("keeps tool use authoritative over a length stop", () => {
     const response = makeOllamaResponse({
       done_reason: "length",
       tool_calls: [{ function: { name: "read", arguments: { path: "README.md" } } }],
     });
     const msg = buildAssistantMessage(response, MODEL_INFO);
-    expect(msg.stopReason).toBe("length");
+    expect(msg.stopReason).toBe("toolUse");
   });
 });
 
@@ -282,32 +282,6 @@ describe("createOllamaStreamFn thinking events", () => {
     expect(done.message?.stopReason).toBe("length");
   });
 
-  it("preserves a native length stop when the partial response contains tool calls", async () => {
-    const events = await streamOllamaEvents(
-      [
-        makeOllamaResponse({
-          done_reason: "length",
-          tool_calls: [{ function: { name: "read", arguments: { path: "README.md" } } }],
-        }),
-      ],
-      {},
-      {
-        messages: [{ role: "user", content: "test" }],
-        tools: [{ name: "read", description: "Read files", parameters: { type: "object" } }],
-      } as never,
-    );
-
-    const done = events.find((event) => event.type === "done") as {
-      reason?: string;
-      message?: { content?: Array<Record<string, unknown>>; stopReason?: string };
-    };
-    expect(done.reason).toBe("length");
-    expect(done.message?.stopReason).toBe("length");
-    expect(done.message?.content).toEqual([
-      expect.objectContaining({ type: "toolCall", name: "read" }),
-    ]);
-  });
-
   it("uses generic stream timeout for Ollama request timeout", async () => {
     await streamOllamaEvents([makeOllamaResponse({ content: "ok" })], { timeoutMs: 2500 });
 

extensions/ollama/src/stream.ts

@@ -656,15 +656,10 @@ function estimateTokensFromChars(chars: number): number {
 }
 
 function resolveOllamaStopReason(response: OllamaChatResponse) {
-  // Ollama's length terminal means generation hit its token limit, even when
-  // the partial response already contains a complete-looking tool call.
-  if (response.done_reason === "length") {
-    return "length" as const;
-  }
   if (response.message.tool_calls?.length) {
     return "toolUse" as const;
   }
-  return "stop" as const;
+  return response.done_reason === "length" ? ("length" as const) : ("stop" as const);
 }
 
 function estimateOllamaPromptTokens(params: {

extensions/opencode-go/stream-termination.test.ts

@@ -713,100 +713,4 @@ describe("createOpencodeGoStalledStreamWrapper", () => {
     controller.end();
     await consumer;
   });
-
-  it("must NOT abort a live stream that keeps emitting block-boundary events between deltas", async () => {
-    // Regression for https://github.com/openclaw/openclaw/issues/96518:
-    // the idle timer must re-arm on block-boundary events (text_end,
-    // thinking_end, toolcall_start, toolcall_end), not only on token
-    // deltas. A stream that keeps producing boundary events between
-    // deltas is demonstrably alive and must not be aborted.
-    const { stream: baseStream, controller } = createFakeBaseStream();
-    let abortCalled = false;
-    const underlying = vi.fn((_model, _context, options) => {
-      if (options?.signal) {
-        options.signal.addEventListener("abort", () => {
-          abortCalled = true;
-        });
-      }
-      return baseStream;
-    });
-
-    const idleTimeoutMs = 5_000;
-    const wrapper = createOpencodeGoStalledStreamWrapper(underlying as any, {
-      provider: "opencode-go",
-      idleTimeoutMs,
-    });
-
-    const downstream = await Promise.resolve(
-      wrapper({ provider: "opencode-go", id: "glm-4.6" } as any, {} as any, {} as any),
-    );
-    expect(downstream).toBeDefined();
-      if (!downstream) {
-        return;
-      }
-
-    const received: AnyEvent[] = [];
-    const consumer = (async () => {
-      for await (const event of downstream) {
-        received.push(event);
-      }
-    })();
-
-    const partial = { role: "assistant", content: [{ type: "text", text: "x" }] };
-
-    // Provider starts producing a tool-call turn. The last *delta* arms the idle timer.
-    controller.emit({ type: "start", partial } as any);
-    controller.emit({
-      type: "toolcall_delta",
-      contentIndex: 0,
-      delta: "{",
-      partial,
-    } as any);
-    await vi.advanceTimersByTimeAsync(0);
-
-    // The model finalizes the tool call and deliberates on the next one,
-    // emitting real block-boundary events that prove the SSE socket is alive.
-    // Each gap is < idleTimeoutMs, so a liveness-aware watchdog must stay armed.
-    await vi.advanceTimersByTimeAsync(3_000);
-    controller.emit({
-      type: "toolcall_end",
-      contentIndex: 0,
-      toolCall: { name: "f", arguments: "{}" },
-      partial,
-    } as any);
-    await vi.advanceTimersByTimeAsync(3_000);
-    controller.emit({
-      type: "toolcall_start",
-      contentIndex: 1,
-      partial,
-    } as any);
-
-    // Advance to 5s after the last delta, but only 2s after the last
-    // boundary event. The idle timer should have been re-armed by the
-    // boundary events, so it must NOT fire yet.
-    await vi.advanceTimersByTimeAsync(1_000);
-
-    // The provider's completed answer arrives right after.
-    controller.emit({
-      type: "done",
-      reason: "stop",
-      message: {
-        ...partial,
-        content: [{ type: "text", text: "final answer" }],
-        stopReason: "stop",
-      },
-    } as any);
-    controller.end();
-    await vi.advanceTimersByTimeAsync(0);
-    await consumer;
-
-    const hasDone = received.some((e) => e.type === "done");
-    const hasStalledError = received.some(
-      (e) => e.type === "error" && (e as any).error?.stopReason === "error",
-    );
-
-    expect(abortCalled).toBe(false);
-    expect(hasDone).toBe(true);
-    expect(hasStalledError).toBe(false);
-  });
 });

extensions/opencode-go/stream-termination.ts

@@ -55,11 +55,7 @@ function isProviderProgressEvent(event: AssistantMessageEvent): boolean {
   return (
     event.type === "text_delta" ||
     event.type === "thinking_delta" ||
-    event.type === "toolcall_delta" ||
-    event.type === "text_end" ||
-    event.type === "thinking_end" ||
-    event.type === "toolcall_start" ||
-    event.type === "toolcall_end"
+    event.type === "toolcall_delta"
   );
 }
 

extensions/qa-lab/src/live-timeout.test.ts

@@ -68,30 +68,4 @@ describe("qa live timeout policy", () => {
       ),
     ).toBe(240_000);
   });
-
-  it("uses the anthropic floor for claude-cli sonnet turns", () => {
-    expect(
-      resolveQaLiveTurnTimeoutMs(
-        {
-          providerMode: "live-frontier",
-          primaryModel: "claude-cli/claude-sonnet-4-6",
-          alternateModel: "claude-cli/claude-opus-4-8",
-        },
-        30_000,
-      ),
-    ).toBe(180_000);
-  });
-
-  it("uses the opus floor for claude-cli opus turns", () => {
-    expect(
-      resolveQaLiveTurnTimeoutMs(
-        {
-          providerMode: "live-frontier",
-          primaryModel: "claude-cli/claude-opus-4-8",
-          alternateModel: "claude-cli/claude-opus-4-8",
-        },
-        30_000,
-      ),
-    ).toBe(240_000);
-  });
 });

extensions/qa-lab/src/providers/live-frontier/index.ts

@@ -9,13 +9,6 @@ function isAnthropicModel(modelRef: string) {
   return modelRef.startsWith("anthropic/");
 }
 
-// claude-cli is an Anthropic-backed Claude runtime, so it shares the Anthropic
-// turn-timeout floors; mirror the claude-cli==anthropic precedent in the aimock
-// and mock-openai servers.
-function isAnthropicFamilyModel(modelRef: string) {
-  return isAnthropicModel(modelRef) || modelRef.startsWith("claude-cli/");
-}
-
 function isQaFastModeModelRef(modelRef: string) {
   return isOpenAiModel(modelRef);
 }
@@ -25,7 +18,7 @@ function isGptFiveModel(modelRef: string) {
 }
 
 function isClaudeOpusModel(modelRef: string) {
-  return isAnthropicFamilyModel(modelRef) && modelRef.includes("claude-opus");
+  return isAnthropicModel(modelRef) && modelRef.includes("claude-opus");
 }
 
 export const liveFrontierProviderDefinition: QaProviderDefinition = {
@@ -46,7 +39,7 @@ export const liveFrontierProviderDefinition: QaProviderDefinition = {
     if (isClaudeOpusModel(modelRef)) {
       return Math.max(fallbackMs, 240_000);
     }
-    if (isAnthropicFamilyModel(modelRef)) {
+    if (isAnthropicModel(modelRef)) {
       return Math.max(fallbackMs, 180_000);
     }
     if (isGptFiveModel(modelRef)) {

extensions/qqbot/src/engine/tools/remind-logic.test.ts

@@ -97,45 +97,11 @@ describe("engine/tools/remind-logic", () => {
       expect(generateJobName("drink water")).toBe("Reminder: drink water");
     });
 
-    it("truncates long content to a 20 UTF-16-unit budget with an ellipsis", () => {
-      expect(generateJobName("a very long reminder content")).toBe(
-        "Reminder: a very long reminder…",
-      );
-    });
-
-    it("keeps an exactly-fitting all-emoji content unchanged", () => {
-      // 10 emoji = 20 UTF-16 units, exactly at the budget, so no truncation.
-      expect(generateJobName("😀".repeat(10))).toBe(`Reminder: ${"😀".repeat(10)}`);
-    });
-
-    it("does not split surrogate pairs when truncating", () => {
-      const hasLoneSurrogate = (value: string): boolean => {
-        for (let index = 0; index < value.length; index++) {
-          const code = value.charCodeAt(index);
-          if (code >= 0xd800 && code <= 0xdbff) {
-            const next = value.charCodeAt(index + 1);
-            if (!(next >= 0xdc00 && next <= 0xdfff)) {
-              return true;
-            }
-            index++;
-          } else if (code >= 0xdc00 && code <= 0xdfff) {
-            return true;
-          }
-        }
-        return false;
-      };
-
-      // 11 emoji = 22 UTF-16 units > 20; the 11th emoji straddles the cap and is
-      // dropped whole rather than split into a lone surrogate.
-      const allEmoji = generateJobName("😀".repeat(11));
-      expect(allEmoji).toBe(`Reminder: ${"😀".repeat(10)}…`);
-      expect(hasLoneSurrogate(allEmoji)).toBe(false);
-
-      // 19 ASCII + emoji: the emoji's high surrogate would land at unit 20, so the
-      // whole pair is dropped to stay within the 20-unit budget.
-      const name = generateJobName(`${"x".repeat(19)}😀tail`);
-      expect(name).toBe(`Reminder: ${"x".repeat(19)}…`);
-      expect(hasLoneSurrogate(name)).toBe(false);
+    it("truncates long content", () => {
+      const long = "a very long reminder content that exceeds twenty characters";
+      const name = generateJobName(long);
+      expect(name.length).toBeLessThan(40);
+      expect(name).toContain("…");
     });
   });
 

extensions/qqbot/src/engine/tools/remind-logic.ts

@@ -1,6 +1,5 @@
 // Qqbot plugin module implements remind logic behavior.
 import { resolveExpiresAtMsFromDurationMs } from "openclaw/plugin-sdk/number-runtime";
-import { truncateUtf16Safe } from "openclaw/plugin-sdk/text-utility-runtime";
 
 /**
  * QQBot reminder tool core logic.
@@ -172,7 +171,7 @@ export function isCronExpression(timeStr: string): boolean {
  */
 export function generateJobName(content: string): string {
   const trimmed = content.trim();
-  const short = trimmed.length > 20 ? `${truncateUtf16Safe(trimmed, 20)}…` : trimmed;
+  const short = trimmed.length > 20 ? `${trimmed.slice(0, 20)}…` : trimmed;
   return `Reminder: ${short}`;
 }
 

extensions/qqbot/src/engine/utils/stt.test.ts

@@ -1,8 +1,8 @@
 // Qqbot tests cover stt plugin behavior.
 import * as fs from "node:fs";
 import * as path from "node:path";
-import { withTempDir } from "openclaw/plugin-sdk/test-env";
 import { afterAll, afterEach, beforeEach, describe, expect, it, vi } from "vitest";
+import { withTempDir } from "openclaw/plugin-sdk/test-env";
 
 const ssrfRuntimeMocks = vi.hoisted(() => ({
   fetchWithSsrFGuard: vi.fn(),
@@ -41,36 +41,6 @@ function cancelTrackedResponse(
   };
 }
 
-function largeTranscriptionJsonResponse(params: { chunkCount: number; chunkSize: number }): {
-  response: Response;
-  getReadCount: () => number;
-} {
-  let chunkIndex = 0;
-  const encoder = new TextEncoder();
-  const chunks = [
-    '{"text":"',
-    ...Array.from({ length: params.chunkCount }, () => "a".repeat(params.chunkSize)),
-    '"}',
-  ];
-  const stream = new ReadableStream<Uint8Array>({
-    pull(controller) {
-      if (chunkIndex >= chunks.length) {
-        controller.close();
-        return;
-      }
-      controller.enqueue(encoder.encode(chunks[chunkIndex]));
-      chunkIndex += 1;
-    },
-  });
-  return {
-    response: new Response(stream, {
-      status: 200,
-      headers: { "content-type": "application/json" },
-    }),
-    getReadCount: () => chunkIndex,
-  };
-}
-
 function requireFirstSsrfRequest(): {
   url?: unknown;
   auditContext?: unknown;
@@ -207,44 +177,6 @@ describe("engine/utils/stt", () => {
     });
   });
 
-  it("bounds successful STT JSON responses before parsing", async () => {
-    await withTempDir("openclaw-qqbot-stt-success-limit-", async (tmpDir) => {
-      const audioPath = path.join(tmpDir, "voice.wav");
-      fs.writeFileSync(audioPath, Buffer.from([1, 2, 3, 4]));
-
-      const release = vi.fn(async () => {});
-      const streamed = largeTranscriptionJsonResponse({
-        chunkCount: 18,
-        chunkSize: 1024 * 1024,
-      });
-      ssrfRuntimeMocks.fetchWithSsrFGuard.mockResolvedValueOnce({
-        response: streamed.response,
-        release,
-      });
-
-      let error: unknown;
-      try {
-        await transcribeAudio(audioPath, {
-          channels: {
-            qqbot: {
-              stt: {
-                baseUrl: "https://api.example.test/v1/",
-                apiKey: "secret",
-                model: "whisper-1",
-              },
-            },
-          },
-        });
-      } catch (caught) {
-        error = caught;
-      }
-
-      expect(String(error)).toContain("qqbot.stt: JSON response exceeds 16777216 bytes");
-      expect(streamed.getReadCount()).toBeLessThan(20);
-      expect(release).toHaveBeenCalledTimes(1);
-    });
-  });
-
   it("bounds STT error bodies without using response.text()", async () => {
     await withTempDir("openclaw-qqbot-stt-error-", async (tmpDir) => {
       const audioPath = path.join(tmpDir, "voice.wav");

extensions/qqbot/src/engine/utils/stt.ts

@@ -8,10 +8,7 @@
 import * as fs from "node:fs";
 import path from "node:path";
 import { mimeTypeFromFilePath } from "openclaw/plugin-sdk/media-mime";
-import {
-  readProviderJsonResponse,
-  readResponseTextLimited,
-} from "openclaw/plugin-sdk/provider-http";
+import { readResponseTextLimited } from "openclaw/plugin-sdk/provider-http";
 import { fetchWithSsrFGuard } from "openclaw/plugin-sdk/ssrf-runtime";
 import {
   normalizeOptionalString,
@@ -103,7 +100,7 @@ export async function transcribeAudio(
       throw new Error(`STT failed (HTTP ${resp.status}): ${detail.slice(0, 300)}`);
     }
 
-    const result = await readProviderJsonResponse<{ text?: string }>(resp, "qqbot.stt");
+    const result = (await resp.json()) as { text?: string };
     return normalizeOptionalString(result.text) ?? null;
   } finally {
     await release();

extensions/slack/src/approval-handler.runtime.test.ts

@@ -33,190 +33,11 @@ function readChatUpdatePayload(
   return payload as ChatUpdatePayload;
 }
 
-const UNPAIRED_SURROGATE_RE =
-  /[\uD800-\uDBFF](?![\uDC00-\uDFFF])|(?<![\uD800-\uDBFF])[\uDC00-\uDFFF]/;
-
-function readMrkdwnTexts(blocks: unknown): string[] {
-  if (!Array.isArray(blocks)) {
-    return [];
-  }
-
-  const texts: string[] = [];
-  for (const block of blocks) {
-    if (!block || typeof block !== "object") {
-      continue;
-    }
-
-    const text = (block as { text?: unknown }).text;
-    if (
-      text &&
-      typeof text === "object" &&
-      (text as { type?: unknown }).type === "mrkdwn" &&
-      typeof (text as { text?: unknown }).text === "string"
-    ) {
-      texts.push((text as { text: string }).text);
-    }
-
-    const elements = (block as { elements?: unknown }).elements;
-    if (!Array.isArray(elements)) {
-      continue;
-    }
-    for (const element of elements) {
-      if (
-        element &&
-        typeof element === "object" &&
-        (element as { type?: unknown }).type === "mrkdwn" &&
-        typeof (element as { text?: unknown }).text === "string"
-      ) {
-        texts.push((element as { text: string }).text);
-      }
-    }
-  }
-
-  return texts;
-}
-
-function findApprovalMrkdwn(payload: SlackPayload, prefix: string): string {
-  const text = readMrkdwnTexts(payload.blocks).find((entry) => entry.startsWith(prefix));
-  if (!text) {
-    throw new Error(`Expected Slack mrkdwn block starting with ${prefix}`);
-  }
-  return text;
-}
-
 describe("slackApprovalNativeRuntime", () => {
   it("subscribes to plugin approval events", () => {
     expect(slackApprovalNativeRuntime.eventKinds).toEqual(["exec", "plugin"]);
   });
 
-  it("does not leave dangling surrogates when truncating exec approval command mrkdwn", async () => {
-    const commandText = `${"a".repeat(2598)}😀tail`;
-    const payload = (await slackApprovalNativeRuntime.presentation.buildPendingPayload({
-      cfg: {} as never,
-      accountId: "default",
-      context: {
-        app: {} as never,
-        config: {} as never,
-      },
-      request: {
-        id: "req-surrogate",
-        request: {
-          command: commandText,
-        },
-        createdAtMs: 0,
-        expiresAtMs: 60_000,
-      },
-      approvalKind: "exec",
-      nowMs: 0,
-      view: {
-        approvalKind: "exec",
-        approvalId: "req-surrogate",
-        commandText,
-        metadata: [],
-        actions: [
-          {
-            decision: "allow-once",
-            label: "Allow Once",
-            command: "/approve req-surrogate allow-once",
-            style: "success",
-          },
-        ],
-      } as never,
-    })) as SlackPayload;
-
-    const commandMrkdwn = findApprovalMrkdwn(payload, "*Command*");
-    expect(commandMrkdwn).toMatch(/…\n```$/);
-    expect(UNPAIRED_SURROGATE_RE.test(commandMrkdwn)).toBe(false);
-  });
-
-  it("does not leave dangling surrogates when truncating plugin approval request mrkdwn", async () => {
-    const title = `${"a".repeat(2598)}😀tail`;
-    const payload = (await slackApprovalNativeRuntime.presentation.buildPendingPayload({
-      cfg: {} as never,
-      accountId: "default",
-      context: {
-        app: {} as never,
-        config: {} as never,
-      },
-      request: {
-        id: "plugin:req-surrogate",
-        request: {
-          title,
-          description: "Needs approval.",
-        },
-        createdAtMs: 0,
-        expiresAtMs: 60_000,
-      },
-      approvalKind: "plugin",
-      nowMs: 0,
-      view: {
-        approvalKind: "plugin",
-        phase: "pending",
-        approvalId: "plugin:req-surrogate",
-        title,
-        description: "Needs approval.",
-        severity: "warning",
-        pluginId: "test-plugin",
-        toolName: "test-tool",
-        metadata: [],
-        actions: [
-          {
-            decision: "deny",
-            label: "Deny",
-            command: "/approve plugin:req-surrogate deny",
-            style: "danger",
-          },
-        ],
-        expiresAtMs: 60_000,
-      } as never,
-    })) as SlackPayload;
-
-    const requestMrkdwn = findApprovalMrkdwn(payload, "*Request*");
-    expect(requestMrkdwn).toMatch(/…$/);
-    expect(UNPAIRED_SURROGATE_RE.test(requestMrkdwn)).toBe(false);
-  });
-
-  it("still truncates plain BMP approval mrkdwn at the Slack approval preview limit", async () => {
-    const commandText = "b".repeat(2700);
-    const payload = (await slackApprovalNativeRuntime.presentation.buildPendingPayload({
-      cfg: {} as never,
-      accountId: "default",
-      context: {
-        app: {} as never,
-        config: {} as never,
-      },
-      request: {
-        id: "req-bmp",
-        request: {
-          command: commandText,
-        },
-        createdAtMs: 0,
-        expiresAtMs: 60_000,
-      },
-      approvalKind: "exec",
-      nowMs: 0,
-      view: {
-        approvalKind: "exec",
-        approvalId: "req-bmp",
-        commandText,
-        metadata: [],
-        actions: [
-          {
-            decision: "allow-once",
-            label: "Allow Once",
-            command: "/approve req-bmp allow-once",
-            style: "success",
-          },
-        ],
-      } as never,
-    })) as SlackPayload;
-
-    const commandMrkdwn = findApprovalMrkdwn(payload, "*Command*");
-    expect(commandMrkdwn).toMatch(/…\n```$/);
-    expect(commandMrkdwn).toContain(`${"b".repeat(2599)}…`);
-    expect(UNPAIRED_SURROGATE_RE.test(commandMrkdwn)).toBe(false);
-  });
-
   it("renders only the allowed pending actions", async () => {
     const payload = (await slackApprovalNativeRuntime.presentation.buildPendingPayload({
       cfg: {} as never,

extensions/slack/src/approval-handler.runtime.ts

@@ -19,7 +19,6 @@ import { buildApprovalPresentationFromActionDescriptors } from "openclaw/plugin-
 import type { OpenClawConfig } from "openclaw/plugin-sdk/config-contracts";
 import { logError } from "openclaw/plugin-sdk/logging-core";
 import { normalizeOptionalString } from "openclaw/plugin-sdk/string-coerce-runtime";
-import { truncateUtf16Safe } from "openclaw/plugin-sdk/text-utility-runtime";
 import {
   isSlackAnyNativeApprovalClientEnabled,
   resolveSlackApprovalKind,
@@ -74,14 +73,7 @@ function resolveHandlerContext(params: ChannelApprovalCapabilityHandlerContext):
 }
 
 function truncateSlackMrkdwn(text: string, maxChars: number): string {
-  const limit = Math.max(0, Math.floor(maxChars));
-  if (text.length <= limit) {
-    return text;
-  }
-  if (limit <= 1) {
-    return truncateUtf16Safe(text, limit);
-  }
-  return `${truncateUtf16Safe(text, limit - 1)}…`;
+  return text.length <= maxChars ? text : `${text.slice(0, maxChars - 1)}…`;
 }
 
 function buildSlackCodeBlock(text: string): string {

extensions/synology-chat/src/core.test.ts

@@ -433,31 +433,6 @@ describe("synology-chat security helpers", () => {
     expect(result).toContain("[truncated]");
   });
 
-  it("truncates long inputs without splitting a surrogate pair", () => {
-    const loneSurrogatePattern =
-      /[\uD800-\uDBFF](?![\uDC00-\uDFFF])|(?:^|[^\uD800-\uDBFF])[\uDC00-\uDFFF]/u;
-    const input = "a".repeat(3999) + "\u{1F600}" + "b".repeat(2000);
-
-    const result = sanitizeInput(input);
-
-    expect(result).toContain("[truncated]");
-    expect(result).not.toMatch(loneSurrogatePattern);
-    expect(result).toBe(`${"a".repeat(3999)}... [truncated]`);
-  });
-
-  it("keeps complete supplementary-plane characters that fit before truncation", () => {
-    const loneSurrogatePattern =
-      /[\uD800-\uDBFF](?![\uDC00-\uDFFF])|(?:^|[^\uD800-\uDBFF])[\uDC00-\uDFFF]/u;
-    const emoji = "\u{1F600}";
-    const input = "a".repeat(3998) + emoji + "b".repeat(2000);
-
-    const result = sanitizeInput(input);
-
-    expect(result).toContain("[truncated]");
-    expect(result.startsWith(`${"a".repeat(3998)}${emoji}`)).toBe(true);
-    expect(result).not.toMatch(loneSurrogatePattern);
-  });
-
   it("rate limits per user and caps tracked state", () => {
     const limiter = new RateLimiter(3, 60);
     expect(limiter.check("user1")).toBe(true);

extensions/synology-chat/src/security.ts

@@ -5,7 +5,6 @@
 import { resolveStableChannelMessageIngress } from "openclaw/plugin-sdk/channel-ingress-runtime";
 import { finiteSecondsToTimerSafeMilliseconds } from "openclaw/plugin-sdk/number-runtime";
 import { safeEqualSecret } from "openclaw/plugin-sdk/security-runtime";
-import { truncateUtf16Safe } from "openclaw/plugin-sdk/text-utility-runtime";
 import {
   createFixedWindowRateLimiter,
   type FixedWindowRateLimiter,
@@ -65,7 +64,7 @@ export function sanitizeInput(text: string): string {
 
   const maxLength = 4000;
   if (sanitized.length > maxLength) {
-    sanitized = truncateUtf16Safe(sanitized, maxLength) + "... [truncated]";
+    sanitized = sanitized.slice(0, maxLength) + "... [truncated]";
   }
 
   return sanitized;

extensions/synology-chat/src/webhook-handler.ts

@@ -6,7 +6,6 @@
 import type { IncomingMessage, ServerResponse } from "node:http";
 import * as querystring from "node:querystring";
 import { normalizeLowercaseStringOrEmpty } from "openclaw/plugin-sdk/string-coerce-runtime";
-import { truncateUtf16Safe } from "openclaw/plugin-sdk/text-utility-runtime";
 import {
   beginWebhookRequestPipelineOrReject,
   createWebhookInFlightLimiter,
@@ -504,7 +503,7 @@ async function parseAndAuthorizeSynologyWebhook(params: {
     respondNoContent(params.res);
     return { ok: false };
   }
-  const preview = cleanText.length > 100 ? `${truncateUtf16Safe(cleanText, 100)}...` : cleanText;
+  const preview = cleanText.length > 100 ? `${cleanText.slice(0, 100)}...` : cleanText;
   return {
     ok: true,
     message: {
@@ -575,7 +574,7 @@ async function processAuthorizedSynologyWebhook(params: {
       deliveryUserId,
       params.account.allowInsecureSsl,
     );
-    const replyPreview = reply.length > 100 ? `${truncateUtf16Safe(reply, 100)}...` : reply;
+    const replyPreview = reply.length > 100 ? `${reply.slice(0, 100)}...` : reply;
     params.log?.info?.(
       `Reply sent to ${params.message.payload.username} (${deliveryUserId}): ${replyPreview}`,
     );

extensions/telegram/src/bot-message-context.prompt-context.test.ts

@@ -1,78 +0,0 @@
-import { describe, expect, it } from "vitest";
-import { buildTelegramMessageContextForTest } from "./bot-message-context.test-harness.js";
-import type { TelegramPromptContextEntry } from "./bot-message-context.types.js";
-
-const telegramChatWindowContext: TelegramPromptContextEntry = {
-  label: "Conversation context",
-  source: "telegram",
-  type: "chat_window",
-  payload: {
-    order: "chronological",
-    relation: "selected_for_current_message",
-    messages: [
-      {
-        message_id: "10",
-        sender: "Pat",
-        timestamp_ms: 1_700_000_000_000,
-        body: "Earlier DM turn already in the transcript",
-      },
-    ],
-  },
-};
-
-describe("buildTelegramMessageContext prompt context", () => {
-  it("omits Telegram chat-window context for existing unthreaded private DM sessions", async () => {
-    const ctx = await buildTelegramMessageContextForTest({
-      message: {
-        chat: { id: 1234, type: "private", first_name: "Pat" },
-        from: { id: 1234, first_name: "Pat" },
-        text: "continue",
-      },
-      promptContext: [telegramChatWindowContext],
-      sessionRuntime: {
-        readSessionUpdatedAt: ({ sessionKey }) =>
-          sessionKey === "agent:main:main" ? 1_700_000_000_000 : undefined,
-      },
-    });
-
-    expect(ctx?.ctxPayload.SessionKey).toBe("agent:main:main");
-    expect(ctx?.ctxPayload.UntrustedStructuredContext).toBeUndefined();
-  });
-
-  it("keeps Telegram chat-window context for fresh private DM sessions", async () => {
-    const ctx = await buildTelegramMessageContextForTest({
-      message: {
-        chat: { id: 1234, type: "private", first_name: "Pat" },
-        from: { id: 1234, first_name: "Pat" },
-        text: "start",
-      },
-      promptContext: [telegramChatWindowContext],
-    });
-
-    expect(ctx?.ctxPayload.UntrustedStructuredContext).toEqual([telegramChatWindowContext]);
-  });
-
-  it("keeps Telegram chat-window context for existing private DM replies", async () => {
-    const ctx = await buildTelegramMessageContextForTest({
-      message: {
-        chat: { id: 1234, type: "private", first_name: "Pat" },
-        from: { id: 1234, first_name: "Pat" },
-        text: "replying with context",
-        reply_to_message: {
-          chat: { id: 1234, type: "private", first_name: "Pat" },
-          from: { id: 1234, first_name: "Pat" },
-          text: "older referenced turn",
-          date: 1_700_000_000,
-          message_id: 10,
-        },
-      },
-      promptContext: [telegramChatWindowContext],
-      sessionRuntime: {
-        readSessionUpdatedAt: ({ sessionKey }) =>
-          sessionKey === "agent:main:main" ? 1_700_000_000_000 : undefined,
-      },
-    });
-
-    expect(ctx?.ctxPayload.UntrustedStructuredContext).toEqual([telegramChatWindowContext]);
-  });
-});

extensions/telegram/src/bot-message-context.session.ts

@@ -113,10 +113,6 @@ export async function resolveTelegramMessageContextStorePath(params: {
   });
 }
 
-function isTelegramChatWindowPromptContext(entry: TelegramPromptContextEntry): boolean {
-  return entry.source === "telegram" && entry.type === "chat_window";
-}
-
 function replyTargetToChainEntry(replyTarget: TelegramReplyTarget): TelegramReplyChainEntry {
   return {
     ...(replyTarget.id ? { messageId: replyTarget.id } : {}),
@@ -382,17 +378,6 @@ export async function buildTelegramInboundContextPayload(params: {
     storePath,
     sessionKey: route.sessionKey,
   });
-  const shouldSuppressPersistedDmChatWindowContext =
-    !isGroup &&
-    previousTimestamp !== undefined &&
-    dmThreadId == null &&
-    visibleReplyChain.length === 0 &&
-    !visibleReplyTarget;
-  // Existing plain DMs already carry their history through the persistent
-  // transcript. Keep chat windows for fresh DMs, topics, replies, and groups.
-  const visiblePromptContext = shouldSuppressPersistedDmChatWindowContext
-    ? promptContext.filter((entry) => !isTelegramChatWindowPromptContext(entry))
-    : promptContext;
   const body = formatInboundEnvelope({
     channel: "Telegram",
     from: conversationLabel,
@@ -574,7 +559,7 @@ export async function buildTelegramInboundContextPayload(params: {
           }
         : undefined,
       groupSystemPrompt: isGroup || (!isGroup && groupConfig) ? groupSystemPrompt : undefined,
-      untrustedContext: visiblePromptContext.length > 0 ? visiblePromptContext : undefined,
+      untrustedContext: promptContext.length > 0 ? promptContext : undefined,
     },
     contextVisibility: contextVisibilityMode,
     extra: {

extensions/telegram/src/bot-message-context.test-harness.ts

@@ -23,7 +23,6 @@ type BuildTelegramMessageContextForTestParams = {
   message: Record<string, unknown>;
   me?: Record<string, unknown>;
   allMedia?: TelegramMediaRef[];
-  promptContext?: BuildTelegramMessageContextParams["promptContext"];
   options?: BuildTelegramMessageContextParams["options"];
   cfg?: Record<string, unknown>;
   accountId?: string;
@@ -113,7 +112,6 @@ export async function buildTelegramMessageContextForTest(
       me: { id: 7, username: "bot", ...params.me },
     } as never,
     allMedia: params.allMedia ?? [],
-    promptContext: params.promptContext ?? [],
     storeAllowFrom: [],
     options: params.options ?? {},
     bot: {

extensions/telegram/src/fetch.test.ts

@@ -957,7 +957,7 @@ describe("resolveTelegramFetch", () => {
     expect(eighthDispatcher).toBe(firstDispatcher);
     expect(ninthDispatcher).toBe(firstDispatcher);
     expectPinnedFallbackIpDispatcher(3);
-    expectLoggerMessageContaining(loggerWarn, "fetch fallback: primary connection path failed");
+    expectLoggerMessageContaining(loggerWarn, "fetch fallback: DNS-resolved IP unreachable");
     expectLoggerMessageContaining(
       loggerDebug,
       "fetch fallback: recovered from attempt 2 to attempt 0",
@@ -1193,31 +1193,6 @@ describe("resolveTelegramFetch", () => {
     expect(undiciFetch).toHaveBeenCalledTimes(1);
   });
 
-  it("does not automatically retry structured EADDRNOTAVAIL fetch failures", async () => {
-    const fetchError = buildFetchFallbackError("EADDRNOTAVAIL");
-    undiciFetch.mockRejectedValue(fetchError);
-
-    const resolved = resolveTelegramFetchOrThrow(undefined, STICKY_IPV4_FALLBACK_NETWORK);
-
-    await expect(resolved("https://api.telegram.org/botx/sendMessage")).rejects.toThrow(
-      "fetch failed",
-    );
-
-    expect(undiciFetch).toHaveBeenCalledTimes(1);
-  });
-
-  it("preserves EADDRNOTAVAIL in forced fallback diagnostics", () => {
-    const transport = resolveTelegramTransport(undefined, STICKY_IPV4_FALLBACK_NETWORK);
-    const fetchError = buildFetchFallbackError("EADDRNOTAVAIL");
-
-    expect(transport.forceFallback?.("probe timeout/network error", fetchError)).toBe(true);
-    expect(transport.forceFallback?.("probe timeout/network error", fetchError)).toBe(true);
-
-    expectLoggerMessageContaining(loggerWarn, "primary connection path failed");
-    expectLoggerMessageContaining(loggerWarn, "codes=EADDRNOTAVAIL");
-    expectNoLoggerMessageContaining(loggerWarn, "DNS-resolved IP unreachable");
-  });
-
   it("retries sticky fallback when the local network is down during connect", async () => {
     undiciFetch
       .mockRejectedValueOnce(buildFetchFallbackError("ENETDOWN"))

extensions/telegram/src/fetch.ts

@@ -488,10 +488,9 @@ export type TelegramTransport = {
   dispatcherAttempts?: TelegramDispatcherAttempt[];
   /**
    * Promote this transport to its next fallback dispatcher before the next
-   * request. The original error, when available, is retained in diagnostics.
-   * Returns false when no fallback path exists.
+   * request. Returns false when no fallback path exists.
    */
-  forceFallback?: (reason: string, err?: unknown) => boolean;
+  forceFallback?: (reason: string) => boolean;
   /**
    * Release all dispatchers owned by this transport and the TCP sockets they
    * hold. Safe to call multiple times; subsequent calls resolve immediately.
@@ -564,8 +563,7 @@ function createTelegramTransportAttempts(params: {
     },
     exportAttempt: { dispatcherPolicy: fallbackIpPolicy },
     logLevel: "warn",
-    logMessage:
-      "fetch fallback: primary connection path failed; trying alternative Telegram API IP",
+    logMessage: "fetch fallback: DNS-resolved IP unreachable; trying alternative Telegram API IP",
   });
 
   return attempts;
@@ -866,8 +864,8 @@ export function resolveTelegramTransport(
     fetch: resolvedFetch,
     sourceFetch,
     dispatcherAttempts: transportAttempts.map((attempt) => attempt.exportAttempt),
-    forceFallback: (reason: string, err?: unknown) =>
-      promoteStickyAttempt(stickyAttemptIndex + 1, err ?? new Error("forced fallback"), reason),
+    forceFallback: (reason: string) =>
+      promoteStickyAttempt(stickyAttemptIndex + 1, new Error("forced fallback"), reason),
     close,
   };
 }

extensions/telegram/src/lane-delivery-text-deliverer.ts

@@ -364,11 +364,7 @@ export function createLaneTextDeliverer(params: CreateLaneTextDelivererParams) {
     };
 
     const candidateTexts = [stream.lastDeliveredText?.(), lane.lastPartialText];
-    if (
-      useFinalTextRecovery &&
-      remainingChunks.length === 0 &&
-      isPotentialTruncatedFinal(activeFullText)
-    ) {
+    if (useFinalTextRecovery && remainingChunks.length === 0 && isPotentialTruncatedFinal(activeFullText)) {
       const resolvedFullCandidate = await params.resolveFinalTextCandidate?.({
         finalText: text,
         laneName,
@@ -383,9 +379,7 @@ export function createLaneTextDeliverer(params: CreateLaneTextDelivererParams) {
     }
 
     const retainedPreview =
-      useFinalTextRecovery &&
-      remainingChunks.length === 0 &&
-      isPotentialTruncatedFinal(activeFullText)
+      useFinalTextRecovery && remainingChunks.length === 0 && isPotentialTruncatedFinal(activeFullText)
         ? selectLongerFinalText({
             finalText: activeFullText,
             candidateTexts,
@@ -449,20 +443,9 @@ export function createLaneTextDeliverer(params: CreateLaneTextDelivererParams) {
     } else {
       await params.flushDraftLane(lane);
     }
-    const activeChunkIndexAfterStop = useFinalTextRecovery
-      ? clampActiveChunkIndex()
-      : activeChunkIndex;
-    const deliveredStreamTextAfterStop = stream.lastDeliveredText?.();
-    const retainedOriginalActiveChunkAfterStop =
-      activeChunkIndexAfterStop > activeChunkIndex &&
-      deliveredStreamTextAfterStop === activeChunk.trimEnd();
-    // `activeChunkIndex` is advanced by retained preview callbacks. If callbacks
-    // outrun the stream's delivered text, trust the delivered text and replay the gap.
-    const effectiveActiveChunkIndexAfterStop = retainedOriginalActiveChunkAfterStop
-      ? activeChunkIndex
-      : activeChunkIndexAfterStop;
-    const activeChunkAfterStop = chunks[effectiveActiveChunkIndexAfterStop] ?? activeChunk;
-    const remainingChunksAfterStop = chunks.slice(effectiveActiveChunkIndexAfterStop + 1);
+    const activeChunkIndexAfterStop = useFinalTextRecovery ? clampActiveChunkIndex() : activeChunkIndex;
+    const activeChunkAfterStop = chunks[activeChunkIndexAfterStop] ?? activeChunk;
+    const remainingChunksAfterStop = chunks.slice(activeChunkIndexAfterStop + 1);
 
     const messageId = stream.messageId();
     if (typeof messageId !== "number") {
@@ -477,12 +460,16 @@ export function createLaneTextDeliverer(params: CreateLaneTextDelivererParams) {
       return undefined;
     }
 
+    const deliveredStreamTextAfterStop = stream.lastDeliveredText?.();
     const activeChunkTextAfterStop = activeChunkAfterStop.trimEnd();
+    const retainedActiveChunkAfterStop =
+      activeChunkIndexAfterStop !== activeChunkIndex &&
+      deliveredStreamTextAfterStop === activeChunk.trimEnd();
     if (
       finalizePreview &&
       deliveredStreamTextAfterStop !== undefined &&
       deliveredStreamTextAfterStop !== activeChunkTextAfterStop &&
-      !retainedOriginalActiveChunkAfterStop
+      !retainedActiveChunkAfterStop
     ) {
       if (
         useFinalTextRecovery &&

extensions/telegram/src/lane-delivery.test.ts

@@ -228,7 +228,10 @@ describe("createLaneTextDeliverer", () => {
     expect(answer.update).toHaveBeenCalledWith(previousBlock);
     expect(answer.update).not.toHaveBeenCalledWith(nextAssistantBlock);
     expect(harness.clearDraftLane).toHaveBeenCalledTimes(1);
-    expect(harness.sendPayload).toHaveBeenCalledWith({ text: previousBlock }, { durable: false });
+    expect(harness.sendPayload).toHaveBeenCalledWith(
+      { text: previousBlock },
+      { durable: false },
+    );
     expect(harness.sendPayload).not.toHaveBeenCalledWith(
       { text: nextAssistantBlock },
       expect.anything(),
@@ -921,7 +924,7 @@ describe("createLaneTextDeliverer", () => {
     expect(harness.markDelivered).toHaveBeenCalledTimes(1);
   });
 
-  it("sends chunks after the reported delivered text when stop advances the retained index", async () => {
+  it("does not resend chunks retained while stopping a long streamed final", async () => {
     const answer = createTestDraftStream({ messageId: 999 });
     const harness = createHarness({
       answerStream: answer,
@@ -937,35 +940,11 @@ describe("createLaneTextDeliverer", () => {
 
     const delivery = expectPreviewFinalized(result);
     expect(delivery.content).toBe("Hello world again");
-    expect(delivery.promptContextContent).toBe("Hello");
-    expect(harness.sendPayload).toHaveBeenCalledTimes(2);
-    expect(harness.sendPayload).toHaveBeenNthCalledWith(1, { text: " world" });
-    expect(harness.sendPayload).toHaveBeenNthCalledWith(2, { text: " again" });
+    expect(harness.sendPayload).toHaveBeenCalledTimes(1);
+    expect(harness.sendPayload).toHaveBeenCalledWith({ text: " again" });
     expect(harness.markDelivered).toHaveBeenCalledTimes(1);
   });
 
-  it("does not skip middle chunks when stop advances past the reported delivered chunk", async () => {
-    const answer = createTestDraftStream({ messageId: 999 });
-    const harness = createHarness({
-      answerStream: answer,
-      draftMaxChars: 6,
-      splitFinalTextForStream: () => ["chunk0", "chunk1", "chunk2", "chunk3"],
-    });
-    harness.lanes.answer.hasStreamedMessage = true;
-    answer.stop.mockImplementation(async () => {
-      harness.lanes.answer.activeChunkIndex = 2;
-    });
-
-    const result = await deliverFinalAnswer(harness, "chunk0chunk1chunk2chunk3");
-
-    const delivery = expectPreviewFinalized(result);
-    expect(delivery.promptContextContent).toBe("chunk0");
-    expect(harness.sendPayload).toHaveBeenCalledTimes(3);
-    expect(harness.sendPayload).toHaveBeenNthCalledWith(1, { text: "chunk1" });
-    expect(harness.sendPayload).toHaveBeenNthCalledWith(2, { text: "chunk2" });
-    expect(harness.sendPayload).toHaveBeenNthCalledWith(3, { text: "chunk3" });
-  });
-
   it("compares retained delivered prefixes against the full final text", async () => {
     let deliveredText = "Hello";
     const answer = createTestDraftStream({ messageId: 999 });
@@ -1016,15 +995,11 @@ describe("createLaneTextDeliverer", () => {
     expect(harness.editStreamMessage).toHaveBeenCalledWith({
       laneName: "answer",
       messageId: 999,
-      text: "Hello",
+      text: " world",
       buttons,
     });
-    expect(harness.sendPayload).toHaveBeenCalledTimes(2);
-    expect(harness.sendPayload).toHaveBeenNthCalledWith(1, {
-      text: " world",
-      channelData: { telegram: { buttons } },
-    });
-    expect(harness.sendPayload).toHaveBeenNthCalledWith(2, {
+    expect(harness.sendPayload).toHaveBeenCalledTimes(1);
+    expect(harness.sendPayload).toHaveBeenCalledWith({
       text: " again",
       channelData: { telegram: { buttons } },
     });

extensions/telegram/src/network-errors.test.ts

@@ -139,16 +139,6 @@ describe("isRecoverableTelegramNetworkError", () => {
     expect(isRecoverableTelegramNetworkError(undiciSnippetErr, { context: "polling" })).toBe(true);
   });
 
-  it("treats delete/react (idempotent) contexts like polling, not send", () => {
-    const undiciSnippetErr = new Error("Undici: socket failure");
-    // delete and react are idempotent Telegram operations; a transient
-    // snippet-only error must be retried (allowMessageMatch defaults true),
-    // matching polling/webhook. send stays strict as the regression guard.
-    expect(isRecoverableTelegramNetworkError(undiciSnippetErr, { context: "delete" })).toBe(true);
-    expect(isRecoverableTelegramNetworkError(undiciSnippetErr, { context: "react" })).toBe(true);
-    expect(isRecoverableTelegramNetworkError(undiciSnippetErr, { context: "send" })).toBe(false);
-  });
-
   it("treats grammY failed-after envelope errors as recoverable in send context", () => {
     expect(
       isRecoverableTelegramNetworkError(

extensions/telegram/src/network-errors.ts

@@ -141,13 +141,7 @@ export function isTelegramMisdirectedRequestError(err: unknown): boolean {
   return false;
 }
 
-export type TelegramNetworkErrorContext =
-  | "polling"
-  | "send"
-  | "webhook"
-  | "delete"
-  | "react"
-  | "unknown";
+export type TelegramNetworkErrorContext = "polling" | "send" | "webhook" | "unknown";
 export type TelegramNetworkErrorOrigin = {
   method?: string | null;
   url?: string | null;

extensions/telegram/src/polling-session.test.ts

@@ -72,7 +72,6 @@ let isTelegramSpooledUpdateClaimOwnedByOtherLiveProcess: typeof import("./telegr
 let listTelegramSpooledUpdateClaims: typeof import("./telegram-ingress-spool.js").listTelegramSpooledUpdateClaims;
 let listTelegramSpooledUpdates: typeof import("./telegram-ingress-spool.js").listTelegramSpooledUpdates;
 let recoverStaleTelegramSpooledUpdateClaims: typeof import("./telegram-ingress-spool.js").recoverStaleTelegramSpooledUpdateClaims;
-let telegramSpooledUpdateClaimLeaseMs: typeof import("./telegram-ingress-spool.js").TELEGRAM_SPOOLED_UPDATE_CLAIM_LEASE_MS;
 let writeTelegramSpooledUpdate: typeof import("./telegram-ingress-spool.js").writeTelegramSpooledUpdate;
 let createTelegramSpooledReplayDeferredParticipant: typeof import("./bot-processing-outcome.js").createTelegramSpooledReplayDeferredParticipant;
 let TelegramMessageDispatchReplayForgetError: typeof import("./message-dispatch-dedupe.js").TelegramMessageDispatchReplayForgetError;
@@ -686,7 +685,6 @@ describe("TelegramPollingSession", () => {
       listTelegramSpooledUpdateClaims,
       listTelegramSpooledUpdates,
       recoverStaleTelegramSpooledUpdateClaims,
-      TELEGRAM_SPOOLED_UPDATE_CLAIM_LEASE_MS: telegramSpooledUpdateClaimLeaseMs,
       writeTelegramSpooledUpdate,
     } = await import("./telegram-ingress-spool.js"));
     ({ createTelegramSpooledReplayDeferredParticipant } =
@@ -1069,13 +1067,13 @@ describe("TelegramPollingSession", () => {
           const queue = createChannelIngressQueue({ ...options, channelId: "telegram" });
           return {
             ...queue,
-            claimNext: async (...args: Parameters<typeof queue.claimNext>) => {
-              if (!blockedFirstClaim) {
+            claim: async (...args: Parameters<typeof queue.claim>) => {
+              if (args[0] === "0000000000000001" && !blockedFirstClaim) {
                 blockedFirstClaim = true;
                 firstClaimStarted?.();
                 await firstClaimGate;
               }
-              return queue.claimNext(...args);
+              return queue.claim(...args);
             },
           };
         },
@@ -1663,86 +1661,6 @@ describe("TelegramPollingSession", () => {
     });
   });
 
-  it("stops refreshing a claim when the drain loop is stalled", async () => {
-    vi.useFakeTimers({ now: 1_000 });
-    const refreshHarness = installSpooledClaimRefreshHarness();
-    await withTempSpool(async (tempDir) => {
-      let blockedSecondClaim = false;
-      let releaseSecondClaim: (() => void) | undefined;
-      const secondClaimStarted = new Promise<void>((resolve) => {
-        const gate = new Promise<void>((release) => {
-          releaseSecondClaim = release;
-        });
-        setTelegramRuntime({
-          state: {
-            resolveStateDir: () => tempDir,
-            openChannelIngressQueue: (
-              options?: Omit<Parameters<typeof createChannelIngressQueue>[0], "channelId">,
-            ) => {
-              const queue = createChannelIngressQueue({ ...options, channelId: "telegram" });
-              return {
-                ...queue,
-                claimNext: async (...args: Parameters<typeof queue.claimNext>) => {
-                  const claimOptions = args[0];
-                  const blockedLaneKeys = claimOptions?.blockedLaneKeys
-                    ? Array.from(claimOptions.blockedLaneKeys)
-                    : [];
-                  const candidateIds = claimOptions?.candidateIds
-                    ? Array.from(claimOptions.candidateIds)
-                    : [];
-                  if (
-                    candidateIds.includes("0000000000000043") &&
-                    blockedLaneKeys.length > 0 &&
-                    !blockedSecondClaim
-                  ) {
-                    blockedSecondClaim = true;
-                    resolve();
-                    await gate;
-                  }
-                  return queue.claimNext(...args);
-                },
-              };
-            },
-          },
-        } as TelegramRuntime);
-      });
-      const abort = new AbortController();
-      let releaseHandler: (() => void) | undefined;
-      const handlerDone = new Promise<void>((resolve) => {
-        releaseHandler = resolve;
-      });
-      await writeSpooledTestUpdates(tempDir, [
-        topicUpdate(42, 10, "first topic 10 turn"),
-        topicUpdate(43, 11, "blocked topic 11 turn"),
-      ]);
-
-      const { runPromise, stopWorker } = startIsolatedIngressSession({
-        abort,
-        spoolDir: tempDir,
-        handleUpdate: async () => {
-          await handlerDone;
-        },
-      });
-
-      try {
-        await secondClaimStarted;
-        const before = await claimedAtForUpdate(tempDir, 42);
-        vi.setSystemTime(1_000 + pollingSessionTesting.spooledClaimRefreshIntervalMs * 2 + 1);
-        refreshHarness.triggerRefresh();
-        await Promise.resolve();
-        expect(await claimedAtForUpdate(tempDir, 42)).toBe(before);
-      } finally {
-        releaseSecondClaim?.();
-        releaseHandler?.();
-        abort.abort();
-        stopWorker();
-        refreshHarness.restore();
-        vi.useRealTimers();
-        await runPromise;
-      }
-    });
-  });
-
   it("holds buffered spooled claims until deferred processing settles without blocking same-lane buffering", async () => {
     await withTempSpool(async (tempDir) => {
       const abort = new AbortController();
@@ -2262,11 +2180,10 @@ describe("TelegramPollingSession", () => {
       if (!claimed) {
         throw new Error("Expected claimed update");
       }
-      const liveOwnerPid = process.ppid > 0 ? process.ppid : 1;
       await adoptClaimOwner({
         spoolDir: tempDir,
         updateId: 42,
-        ownerId: `${liveOwnerPid}:other-process`,
+        ownerId: `${process.pid}:other-process`,
         claimedAt: Date.now(),
       });
 
@@ -2286,9 +2203,10 @@ describe("TelegramPollingSession", () => {
     });
   });
 
-  it("releases pid-reused claims before draining later same-lane updates", async () => {
+  it("fails timed-out current-process claims before draining later same-lane updates", async () => {
     await withTempSpool(async (tempDir) => {
       const abort = new AbortController();
+      const log = vi.fn();
       const events: string[] = [];
       await writeSpooledTestUpdates(tempDir, [
         topicUpdate(42, 10, "wedged topic 10 turn"),
@@ -2314,6 +2232,7 @@ describe("TelegramPollingSession", () => {
       const { runPromise, stopWorker } = startIsolatedIngressSession({
         abort,
         spoolDir: tempDir,
+        log,
         spooledUpdateHandlerTimeoutMs: 100,
         handleUpdate: async (update) => {
           events.push(`handled:${update.update_id}`);
@@ -2321,55 +2240,18 @@ describe("TelegramPollingSession", () => {
         },
       });
 
-      await vi.waitFor(() => expect(events).toEqual(["handled:42"]));
+      await vi.waitFor(() => expect(events).toEqual(["handled:43"]));
       await runPromise;
-      expect(await failedUpdateReasons(tempDir)).toEqual([]);
-      expect(await pendingUpdateIds(tempDir, "all")).toEqual([43]);
-      expect(await listTelegramSpooledUpdateClaims({ spoolDir: tempDir })).toEqual([]);
-      stopWorker();
-    });
-  });
-
-  it("reclaims an expired foreign claim so the lane can drain", async () => {
-    await withTempSpool(async (tempDir) => {
-      const abort = new AbortController();
-      const events: number[] = [];
-      await writeSpooledTestUpdates(tempDir, [
-        topicUpdate(42, 10, "expired foreign claim"),
-        topicUpdate(43, 10, "later topic 10 turn"),
+      expect(await failedUpdateReasons(tempDir)).toEqual([
+        { id: 42, reason: "lane-released-on-stuck" },
       ]);
-      const interrupted = (await listTelegramSpooledUpdates({ spoolDir: tempDir })).find(
-        (update) => update.updateId === 42,
+      expect(await pendingUpdateIds(tempDir, "all")).toEqual([]);
+      expect(await listTelegramSpooledUpdateClaims({ spoolDir: tempDir })).toEqual([]);
+      expectLogIncludes(
+        log,
+        "spooled update 42 Telegram spooled update claim owned by this process",
       );
-      if (!interrupted) {
-        throw new Error("Expected interrupted update");
-      }
-      const claimed = await claimTelegramSpooledUpdate(interrupted);
-      if (!claimed) {
-        throw new Error("Expected claimed update");
-      }
-      await adoptClaimOwner({
-        spoolDir: tempDir,
-        updateId: 42,
-        ownerId: "1:other-process",
-        claimedAt: Date.now() - telegramSpooledUpdateClaimLeaseMs - 1,
-      });
-
-      const { runPromise, stopWorker } = startIsolatedIngressSession({
-        abort,
-        spoolDir: tempDir,
-        spooledUpdateHandlerTimeoutMs: 100,
-        handleUpdate: async (update) => {
-          events.push(update.update_id ?? -1);
-          if (events.length === 2) {
-            abort.abort();
-          }
-        },
-      });
-
-      await vi.waitFor(() => expect(events).toEqual([42, 43]));
       stopWorker();
-      await runPromise;
     });
   });
 

extensions/telegram/src/polling-session.ts

@@ -34,7 +34,7 @@ import { TelegramPollingTransportState } from "./polling-transport-state.js";
 import { TELEGRAM_GET_UPDATES_REQUEST_TIMEOUT_MS } from "./request-timeouts.js";
 import { getTelegramSequentialKey } from "./sequential-key.js";
 import {
-  claimNextTelegramSpooledUpdate,
+  claimTelegramSpooledUpdate,
   deleteTelegramSpooledUpdate,
   failTelegramSpooledUpdateClaim,
   isTelegramSpooledUpdateClaimOwnedByOtherLiveProcess,
@@ -44,7 +44,6 @@ import {
   refreshTelegramSpooledUpdateClaim,
   releaseTelegramSpooledUpdateClaim,
   resolveTelegramIngressSpoolDir,
-  TELEGRAM_SPOOLED_UPDATE_CLAIM_LEASE_MS,
   writeTelegramSpooledUpdate,
   type ClaimedTelegramSpooledUpdate,
   type TelegramSpooledUpdate,
@@ -134,7 +133,6 @@ const TELEGRAM_SPOOLED_HANDLER_TIMEOUT_ENV = "OPENCLAW_TELEGRAM_SPOOLED_HANDLER_
 const TELEGRAM_SPOOLED_DRAIN_START_LIMIT = 100;
 const TELEGRAM_SPOOLED_DRAIN_SCAN_LIMIT = TELEGRAM_SPOOLED_DRAIN_START_LIMIT * 10;
 const TELEGRAM_SPOOLED_CLAIM_REFRESH_INTERVAL_MS = 5 * 60 * 1000;
-const TELEGRAM_SPOOLED_CLAIM_HEALTH_GRACE_MS = 2 * TELEGRAM_SPOOLED_CLAIM_REFRESH_INTERVAL_MS;
 const TELEGRAM_SPOOLED_SESSION_INIT_CONFLICT_RETRY_BASE_MS = 5_000;
 const TELEGRAM_SPOOLED_SESSION_INIT_CONFLICT_RETRY_MAX_MS = 60_000;
 const TELEGRAM_POLLING_CLIENT_TIMEOUT_FLOOR_SECONDS = Math.ceil(
@@ -326,21 +324,6 @@ type SpooledUpdateDrainResult = {
 // Account health restarts create a new session in the same process while an old
 // spooled handler may still be running after shutdown grace.
 const activeSpooledUpdateHandlersByLane = new Map<string, SpooledUpdateHandlerState>();
-type SpooledUpdateDrainHealth = {
-  lastCompletedAt: number;
-};
-
-const spooledUpdateDrainHealthBySpool = new Map<string, SpooledUpdateDrainHealth>();
-
-function getSpooledUpdateDrainHealth(spoolDir: string): SpooledUpdateDrainHealth {
-  const existing = spooledUpdateDrainHealthBySpool.get(spoolDir);
-  if (existing) {
-    return existing;
-  }
-  const created = { lastCompletedAt: Date.now() };
-  spooledUpdateDrainHealthBySpool.set(spoolDir, created);
-  return created;
-}
 
 function resolveSpooledUpdateHandlerTimeoutMs(params: {
   configured?: number;
@@ -581,51 +564,32 @@ export class TelegramPollingSession {
     }
   }
 
-  async #claimNextSpooledUpdate(params: {
-    blockedLaneKeys: Set<string>;
-    candidateUpdateIds: readonly number[];
-    spoolDir: string;
-  }): Promise<ClaimedTelegramSpooledUpdate | null> {
+  async #claimSpooledUpdate(
+    update: TelegramSpooledUpdate,
+  ): Promise<ClaimedTelegramSpooledUpdate | null> {
     try {
-      return await claimNextTelegramSpooledUpdate({
-        spoolDir: params.spoolDir,
-        blockedLaneKeys: params.blockedLaneKeys,
-        botInfo: this.opts.botInfo,
-        candidateUpdateIds: params.candidateUpdateIds,
-        scanLimit: TELEGRAM_SPOOLED_DRAIN_SCAN_LIMIT,
-      });
+      return await claimTelegramSpooledUpdate(update);
     } catch (err) {
       this.opts.log(
-        `[telegram][diag] spooled update claim failed; keeping pending updates for retry: ${formatErrorMessage(err)}`,
+        `[telegram][diag] spooled update ${update.updateId} claim failed; keeping for retry: ${formatErrorMessage(err)}`,
       );
       return null;
     }
   }
 
-  #startSpooledUpdateClaimRefresh(
-    update: ClaimedTelegramSpooledUpdate,
-    isDrainHealthy: () => boolean,
-    onDrainUnhealthy: () => void,
-  ): () => void {
-    // Refresh only while this process owns useful work and its drain loop is making progress.
-    // Stopping the lease on a stalled drain lets another process recover the lane.
+  #startSpooledUpdateClaimRefresh(update: ClaimedTelegramSpooledUpdate): () => void {
+    // Refresh only while this process still owns useful work for this claim token.
+    // Stopping before release/fail/delete lets stale recovery take over if work stalls.
     let stopped = false;
     let refreshing = false;
     const refresh = async (): Promise<void> => {
       if (stopped || refreshing) {
         return;
       }
-      if (!isDrainHealthy()) {
-        onDrainUnhealthy();
-        stopped = true;
-        clearInterval(timer);
-        return;
-      }
       refreshing = true;
       try {
         const refreshed = await refreshTelegramSpooledUpdateClaim(update);
         if (!refreshed && !stopped) {
-          onDrainUnhealthy();
           stopped = true;
           clearInterval(timer);
         }
@@ -633,11 +597,6 @@ export class TelegramPollingSession {
         this.opts.log(
           `[telegram][diag] spooled update ${update.updateId} claim refresh failed: ${formatErrorMessage(err)}`,
         );
-        if (!stopped) {
-          onDrainUnhealthy();
-          stopped = true;
-          clearInterval(timer);
-        }
       } finally {
         refreshing = false;
       }
@@ -771,6 +730,58 @@ export class TelegramPollingSession {
     return deferredSpooledUpdateClaimsByKey.has(buildDeferredSpooledUpdateClaimKey(update));
   }
 
+  async #failTimedOutCurrentProcessSpooledUpdateClaims(params: {
+    activeLaneKeys: Set<string>;
+    spoolDir: string;
+  }): Promise<void> {
+    const claims = await listTelegramSpooledUpdateClaims({ spoolDir: params.spoolDir });
+    const now = Date.now();
+    for (const claim of claims) {
+      const claimOwner = claim.claim;
+      if (!claimOwner) {
+        continue;
+      }
+      if (this.#isDeferredSpooledUpdateClaim(claim)) {
+        continue;
+      }
+      if (params.activeLaneKeys.has(this.#spooledUpdateLaneKey(claim))) {
+        continue;
+      }
+      if (now - claimOwner.claimedAt < this.#spooledUpdateHandlerTimeoutMs) {
+        continue;
+      }
+      if (!isTelegramSpooledUpdateClaimOwnedByOtherLiveProcess(claim)) {
+        continue;
+      }
+      // Same PID with a stale owner id means this process orphaned a previous
+      // local handler state; different live PIDs may still be processing.
+      if (claimOwner.processPid !== process.pid) {
+        continue;
+      }
+      const claimedForMs = now - claimOwner.claimedAt;
+      const message = `Telegram spooled update claim owned by this process for ${formatDurationPrecise(claimedForMs)} without active handler state; marking failed so the lane can continue.`;
+      try {
+        const failed = await failTelegramSpooledUpdateClaim({
+          update: claim,
+          reason: "lane-released-on-stuck",
+          message,
+        });
+        if (!failed) {
+          this.opts.log(
+            `[telegram][diag] spooled update ${claim.updateId} current-process claim no longer had a processing marker to fail.`,
+          );
+          continue;
+        }
+      } catch (err) {
+        this.opts.log(
+          `[telegram][diag] spooled update ${claim.updateId} current-process claim could not be marked failed: ${formatErrorMessage(err)}`,
+        );
+        continue;
+      }
+      this.opts.log(`[telegram][diag] spooled update ${claim.updateId} ${message}`);
+    }
+  }
+
   async #failTimedOutDeferredSpooledUpdate(state: DeferredSpooledUpdateClaimState): Promise<void> {
     const message =
       state.timedOutMessage ??
@@ -864,12 +875,8 @@ export class TelegramPollingSession {
   }
 
   #spooledUpdateLaneKey(update: TelegramSpooledUpdate): string {
-    return this.#rawSpooledUpdateLaneKey(update.update);
-  }
-
-  #rawSpooledUpdateLaneKey(update: unknown): string {
     return getTelegramSequentialKey({
-      update: update as Parameters<typeof getTelegramSequentialKey>[0]["update"],
+      update: update.update as Parameters<typeof getTelegramSequentialKey>[0]["update"],
       ...(this.opts.botInfo ? { me: this.opts.botInfo } : {}),
     });
   }
@@ -897,19 +904,20 @@ export class TelegramPollingSession {
 
   async #drainSpooledUpdates(params: {
     bot: TelegramBot;
-    isDrainHealthy: () => boolean;
     spoolDir: string;
   }): Promise<SpooledUpdateDrainResult> {
     const activeLaneKeys = this.#activeSpooledUpdateLaneKeysForSpool(params.spoolDir);
+    await this.#failTimedOutCurrentProcessSpooledUpdateClaims({
+      activeLaneKeys,
+      spoolDir: params.spoolDir,
+    });
     await recoverStaleTelegramSpooledUpdateClaims({
       spoolDir: params.spoolDir,
       staleMs: 0,
       shouldRecover: (claim) =>
         !this.#isDeferredSpooledUpdateClaim(claim) &&
         !activeLaneKeys.has(this.#spooledUpdateLaneKey(claim)) &&
-        !isTelegramSpooledUpdateClaimOwnedByOtherLiveProcess(claim, {
-          maxAgeMs: TELEGRAM_SPOOLED_UPDATE_CLAIM_LEASE_MS,
-        }),
+        !isTelegramSpooledUpdateClaimOwnedByOtherLiveProcess(claim),
     });
     const claimedLaneKeys = new Set(
       (
@@ -924,63 +932,31 @@ export class TelegramPollingSession {
       spoolDir: params.spoolDir,
       limit: TELEGRAM_SPOOLED_DRAIN_SCAN_LIMIT,
     });
-    const candidateUpdateIds = updates.map((update) => update.updateId);
     const blockedByLane = new Set<string>();
-    const retryDelayedLaneKeys = new Set<string>();
+    let started = 0;
     for (const update of updates) {
       const laneKey = this.#spooledUpdateLaneKey(update);
-      const handlerKey = buildSpooledUpdateHandlerKey({ spoolDir: params.spoolDir, laneKey });
-      if (activeSpooledUpdateHandlersByLane.has(handlerKey)) {
-        blockedByLane.add(handlerKey);
-      }
-      if (resolveSpooledUpdateRetryDelayMs(update) > 0) {
-        retryDelayedLaneKeys.add(laneKey);
-      }
-    }
-    const blockedLaneKeys = new Set([
-      ...activeLaneKeys,
-      ...claimedLaneKeys,
-      ...retryDelayedLaneKeys,
-    ]);
-    let started = 0;
-    while (started < TELEGRAM_SPOOLED_DRAIN_START_LIMIT) {
       if (this.opts.abortSignal?.aborted) {
         break;
       }
-      const claimedUpdate = await this.#claimNextSpooledUpdate({
-        blockedLaneKeys,
-        candidateUpdateIds,
-        spoolDir: params.spoolDir,
-      });
-      if (!claimedUpdate) {
-        break;
+      if (resolveSpooledUpdateRetryDelayMs(update) > 0) {
+        claimedLaneKeys.add(laneKey);
+        continue;
       }
-      const laneKey = this.#spooledUpdateLaneKey(claimedUpdate);
       const handlerKey = buildSpooledUpdateHandlerKey({ spoolDir: params.spoolDir, laneKey });
       if (activeSpooledUpdateHandlersByLane.has(handlerKey)) {
         blockedByLane.add(handlerKey);
-        await releaseTelegramSpooledUpdateClaim(claimedUpdate, {
-          lastError: "active Telegram spool handler already owns this lane",
-        });
-        blockedLaneKeys.add(laneKey);
         continue;
       }
-      const stopClaimRefresh = this.#startSpooledUpdateClaimRefresh(
-        claimedUpdate,
-        params.isDrainHealthy,
-        () => {
-          const scopedReplyFenceLaneKey = buildTelegramReplyFenceLaneKey({
-            accountId: this.opts.accountId,
-            sequentialKey: laneKey,
-          });
-          const abortedReplyWork = supersedeTelegramReplyFenceLane(scopedReplyFenceLaneKey);
-          if (!abortedReplyWork) {
-            this.opts.log(
-              `[telegram][diag] spooled update ${claimedUpdate.updateId} drain heartbeat expired without an active reply fence on lane ${laneKey}; stopping claim refresh.`,
-            );
-          }
-        },
-      );
+      if (claimedLaneKeys.has(laneKey)) {
+        continue;
+      }
+      const claimedUpdate = await this.#claimSpooledUpdate(update);
+      if (!claimedUpdate) {
+        claimedLaneKeys.add(laneKey);
+        continue;
+      }
+      const stopClaimRefresh = this.#startSpooledUpdateClaimRefresh(claimedUpdate);
       const handler = this.#handleClaimedSpooledUpdate({
         bot: params.bot,
         stopClaimRefresh,
@@ -991,13 +967,13 @@ export class TelegramPollingSession {
         laneKey,
         task: handler,
         update: claimedUpdate,
-        updateId: claimedUpdate.updateId,
+        updateId: update.updateId,
         startedAt: Date.now(),
         stopClaimRefresh,
       };
       activeSpooledUpdateHandlersByLane.set(handlerKey, state);
       this.#spooledUpdateHandlerKeys.add(handlerKey);
-      blockedLaneKeys.add(laneKey);
+      claimedLaneKeys.add(laneKey);
       void handler.finally(() => {
         if (
           !deferredSpooledUpdateClaimsByKey.has(buildDeferredSpooledUpdateClaimKey(claimedUpdate))
@@ -1010,6 +986,9 @@ export class TelegramPollingSession {
         this.#spooledUpdateHandlerKeys.delete(handlerKey);
       });
       started += 1;
+      if (started >= TELEGRAM_SPOOLED_DRAIN_START_LIMIT) {
+        break;
+      }
     }
     return { blockedByLane, started };
   }
@@ -1237,7 +1216,6 @@ export class TelegramPollingSession {
         void writeTelegramSpooledUpdate({
           spoolDir,
           update: message.update,
-          laneKey: this.#rawSpooledUpdateLaneKey(message.update),
         }).then(
           (updateId) => {
             ackSpooledUpdate(message.requestId, { ok: true, updateId });
@@ -1263,11 +1241,6 @@ export class TelegramPollingSession {
     this.opts.abortSignal?.addEventListener("abort", stopOnAbort, { once: true });
     const drainIntervalMs = Math.max(100, Math.floor(ingress.drainIntervalMs ?? 500));
     let drainActive = false;
-    const drainHealth = getSpooledUpdateDrainHealth(spoolDir);
-    // Fail closed when the spool stops making progress: keeping any claim live would
-    // prevent a healthy process from recovering a wedged drain.
-    const isDrainHealthy = () =>
-      Date.now() - drainHealth.lastCompletedAt <= TELEGRAM_SPOOLED_CLAIM_HEALTH_GRACE_MS;
     const stopBot = () => {
       return Promise.resolve(bot.stop())
         .then(() => undefined)
@@ -1309,13 +1282,8 @@ export class TelegramPollingSession {
       }
       drainActive = true;
       drainRequested = false;
-      let drainCompleted = false;
       try {
-        const drain = await this.#drainSpooledUpdates({
-          bot,
-          isDrainHealthy,
-          spoolDir,
-        });
+        const drain = await this.#drainSpooledUpdates({ bot, spoolDir });
         consecutiveDrainFailures = 0;
         for (const handlerKey of stalledBacklogKeys) {
           if (
@@ -1352,16 +1320,12 @@ export class TelegramPollingSession {
         } else if (timedOutRecovery) {
           stalledBacklogKeys.add(timedOutRecovery.handlerKey);
         }
-        drainCompleted = true;
       } catch (err) {
         consecutiveDrainFailures += 1;
         this.opts.log(
           `[telegram][diag] isolated polling spool drain failed (${consecutiveDrainFailures}): ${formatErrorMessage(err)}`,
         );
       } finally {
-        if (drainCompleted) {
-          drainHealth.lastCompletedAt = Date.now();
-        }
         drainActive = false;
         if (drainRequested && !restartRequested && !this.opts.abortSignal?.aborted) {
           drainRequested = false;
@@ -1676,7 +1640,6 @@ const isGetUpdatesConflict = (err: unknown) => {
 export const testing = {
   resetActiveSpooledUpdateHandlersForTests: (): void => {
     activeSpooledUpdateHandlersByLane.clear();
-    spooledUpdateDrainHealthBySpool.clear();
   },
   createTelegramRestartBackoffState,
   resetTelegramRestartBackoffState,

extensions/telegram/src/probe.test.ts

@@ -362,7 +362,7 @@ describe("probeTelegram retry logic", () => {
 
       const result = await probePromise;
       expect(result.ok).toBe(true);
-      expect(localForceFallback).toHaveBeenCalledWith("probe timeout/network error", timeoutError);
+      expect(localForceFallback).toHaveBeenCalledWith("probe timeout/network error");
       expect(fetchMock).toHaveBeenCalledTimes(3); // 1 failed + 1 getMe success + 1 webhook
     } finally {
       vi.useRealTimers();

extensions/telegram/src/probe.ts

@@ -162,8 +162,7 @@ export async function probeTelegram(
         // On timeout or network error, promote the transport to its IPv4
         // fallback dispatcher so the next retry (and all future probes
         // sharing this cached transport) skip the stalled IPv6 path.
-        // Keep the original socket code in transport fallback diagnostics.
-        transport.forceFallback?.("probe timeout/network error", err);
+        transport.forceFallback?.("probe timeout/network error");
         if (i < 2) {
           const remainingAfterAttemptMs = resolveRemainingBudgetMs();
           if (remainingAfterAttemptMs <= 0) {

extensions/telegram/src/send.ts

@@ -1219,7 +1219,7 @@ export async function reactMessageTelegram(
     account,
     retry: opts.retry,
     verbose: opts.verbose,
-    shouldRetry: (err) => isRecoverableTelegramNetworkError(err, { context: "react" }),
+    shouldRetry: (err) => isRecoverableTelegramNetworkError(err, { context: "send" }),
   });
   const remove = opts.remove === true;
   const trimmedEmoji = emoji.trim();
@@ -1276,7 +1276,7 @@ export async function deleteMessageTelegram(
     account,
     retry: opts.retry,
     verbose: opts.verbose,
-    shouldRetry: (err) => isRecoverableTelegramNetworkError(err, { context: "delete" }),
+    shouldRetry: (err) => isRecoverableTelegramNetworkError(err, { context: "send" }),
   });
   try {
     await requestWithDiag(() => api.deleteMessage(chatId, messageId), "deleteMessage", {