feat(plugin-sdk): expose tool execution context

* fix(telegram): use session transcript for direct context

* fix(telegram): account for proof and SDK checks

* fix(telegram): address review findings

* fix(telegram): tighten session transcript context

---------

Co-authored-by: Ayaan Zaidi <hi@obviy.us>

.github/workflows/clawsweeper-dispatch.yml

@@ -81,9 +81,27 @@ jobs:
           repositories: clawsweeper
           permission-contents: write
 
+      - name: Pre-filter ClawSweeper comment
+        id: comment_filter
+        if: ${{ github.event_name == 'issue_comment' }}
+        env:
+          COMMENT_BODY: ${{ github.event.comment.body }}
+        run: |
+          set -euo pipefail
+          if grep -Eiq '(^|[[:space:]])@(clawsweeper|openclaw-clawsweeper)\b(\[bot\])?|(^|[[:space:]])/(clawsweeper|review|autoclose|auto([[:space:]]+|-)?merge)\b' <<< "$COMMENT_BODY"; then
+            echo "is_command=true" >> "$GITHUB_OUTPUT"
+          else
+            echo "is_command=false" >> "$GITHUB_OUTPUT"
+          fi
+
       - name: Create target comment token
         id: target_token
-        if: ${{ github.event_name == 'issue_comment' && env.HAS_CLAWSWEEPER_APP_PRIVATE_KEY == 'true' }}
+        if: >-
+          ${{
+            github.event_name == 'issue_comment' &&
+            steps.comment_filter.outputs.is_command == 'true' &&
+            env.HAS_CLAWSWEEPER_APP_PRIVATE_KEY == 'true'
+          }}
         uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1
         with:
           client-id: ${{ env.CLAWSWEEPER_APP_CLIENT_ID }}
@@ -213,7 +231,11 @@ jobs:
           fi
 
       - name: Acknowledge and dispatch ClawSweeper comment
-        if: ${{ github.event_name == 'issue_comment' }}
+        if: >-
+          ${{
+            github.event_name == 'issue_comment' &&
+            steps.comment_filter.outputs.is_command == 'true'
+          }}
         env:
           DISPATCH_TOKEN: ${{ steps.token.outputs.token }}
           TARGET_TOKEN: ${{ steps.target_token.outputs.token }}
@@ -232,10 +254,6 @@ jobs:
           . "$RUNNER_TEMP/github-api-backoff.sh"
           body_file="$RUNNER_TEMP/clawsweeper-comment-body.txt"
           printf '%s\n' "$COMMENT_BODY" > "$body_file"
-          if ! grep -Eiq '(^|[[:space:]])@(clawsweeper|openclaw-clawsweeper)\b(\[bot\])?|(^|[[:space:]])/(clawsweeper|review|automerge|autoclose)\b' "$body_file"; then
-            echo "No ClawSweeper command found in comment."
-            exit 0
-          fi
           if [ -n "$TARGET_TOKEN" ]; then
             err="$(mktemp)"
             if GH_TOKEN="$TARGET_TOKEN" gh_api_with_retry -X POST \

.github/workflows/workflow-sanity.yml

@@ -129,28 +129,11 @@ jobs:
           trusted_config="$RUNNER_TEMP/pre-commit-base.yaml"
           trusted_zizmor_config="$RUNNER_TEMP/zizmor-base.yml"
 
-          fetch_base_ref() {
-            local ref="$1"
-            local target="$2"
-            local fetch_status
-            for attempt in 1 2 3; do
-              timeout --signal=TERM --kill-after=10s 30s git fetch --no-tags --depth=1 origin \
-                "+${ref}:${target}" && return 0
-              fetch_status="$?"
-              if [ "$fetch_status" != "124" ] && [ "$fetch_status" != "137" ]; then
-                return "$fetch_status"
-              fi
-              if [ "$attempt" = "3" ]; then
-                return "$fetch_status"
-              fi
-              echo "::warning::trusted base fetch for '$ref' timed out on attempt $attempt; retrying"
-              sleep 5
-            done
-          }
-
           if ! git cat-file -e "${BASE_SHA}^{commit}" 2>/dev/null; then
-            fetch_base_ref "$BASE_SHA" "refs/remotes/origin/security-base" ||
-              fetch_base_ref "refs/heads/${BASE_REF}" "refs/remotes/origin/${BASE_REF}"
+            timeout --signal=TERM --kill-after=10s 30s git fetch --no-tags --depth=1 origin \
+              "+${BASE_SHA}:refs/remotes/origin/security-base" ||
+              timeout --signal=TERM --kill-after=10s 30s git fetch --no-tags --depth=1 origin \
+                "+refs/heads/${BASE_REF}:refs/remotes/origin/${BASE_REF}"
           fi
 
           if git cat-file -e "${BASE_SHA}:.pre-commit-config.yaml" 2>/dev/null; then

CHANGELOG.md

@@ -2,77 +2,38 @@
 
 Docs: https://docs.openclaw.ai
 
-## 2026.6.10
-
-### Highlights
-
-- **Automatic fast mode for talks:** OpenClaw can enable fast mode for short conversational turns, then return to normal mode for longer runs with bounded fallback and delivery behavior. (#85104) Thanks @alexph-dev and @vincentkoc.
-- **More reliable model routing:** Zai model synthesis, GLM overload failover, and native reasoning-level selection now follow the active model catalog more consistently. (#94461, #93241, #94067, #94136) Thanks @Pandah97, @chrysb, @0xghost42, @zhengli0922, @openperf, @civiltox, and @BorClaw.
-- **Safer session and channel state:** channel switches reset stale origin fields, and cron delivery awareness stays attached to the target session. (#95328, #93580) Thanks @ZengWen-DT, @jalehman, @gorkem2020, and @scotthuang.
-- **Trusted policies survive hook composition:** composed hook registries keep the trusted tool policies required by approval-sensitive flows. (#94545) Thanks @jesse-merhi.
-
-### Changes
-
-- **Agent and channel runtime:** fast-mode state now survives retries, fallback transitions, progress events, and embedded/CLI/ACP normalization; session and channel routing retain the current target and delivery context. (#85104, #93580, #95328) Thanks @alexph-dev, @vincentkoc, @scotthuang, @ZengWen-DT, @jalehman, and @gorkem2020.
-- **Provider behavior:** model catalogs now supply the correct Zai base URL, overload classification, and native reasoning controls for live-discovered models. (#94461, #93241, #94067, #94136) Thanks @Pandah97, @chrysb, @0xghost42, @zhengli0922, @openperf, @civiltox, and @BorClaw.
-
-### Fixes
-
-- **Fast-mode and policy correctness:** fallback cutoffs and reset notices are bounded, repeated progress events remain visible, Codex service-tier state is normalized, and trusted policies are not lost when hook registries are composed. (#85104, #94545) Thanks @alexph-dev, @vincentkoc, and @jesse-merhi.
-- **Model and delivery edge cases:** Zai and GLM failover paths use the right runtime metadata, while stale channel-origin state no longer leaks across session changes. (#94461, #93241, #95328) Thanks @Pandah97, @chrysb, @0xghost42, @zhengli0922, @ZengWen-DT, @jalehman, and @gorkem2020.
-- **Provider plugin onboarding:** setup refreshes provider plugin registry metadata after installing setup-selected provider plugins, so auth continuation uses the newly installed provider instead of stale registry state. (#95792) Thanks @snowzlmbot.
-
-### Complete contribution record
-
-This audited record covers the complete v2026.6.9..HEAD history: 12 merged PRs. The generation manifest also supplies direct commits as editorial input; the grouped notes above prioritize user impact.
-
-#### Pull requests
-
-- **PR #86627** Keep core doctor health in contribution order. Thanks @giodl73-repo.
-- **PR #93580** fix: preserve cron delivery awareness for target sessions. Thanks @scotthuang and @jalehman.
-- **PR #95030** refactor: add SDK transcript identity target API. Thanks @jalehman.
-- **PR #94838** refactor(copilot): complete harness lifecycle parity. Thanks @vincentkoc.
-- **PR #95328** fix(sessions): reset stale per-channel origin fields on channel switch. Related #95325. Thanks @ZengWen-DT and @jalehman and @gorkem2020.
-- **PR #94461** fix(zai): fall back to manifest baseUrl for synthesized GLM-5 models. Related #94269. Thanks @Pandah97 and @chrysb.
-- **PR #93241** fix(agents): classify Zhipu GLM overload as overloaded for failover. Related #93211. Thanks @0xghost42 and @zhengli0922.
-- **PR #94067** fix(channels): resolve native /think menu levels via runtime catalog for live-discovered models. Related #93835. Thanks @openperf and @civiltox.
-- **PR #94136** fix(zai): expose GLM-5.2 reasoning levels [AI-assisted]. Thanks @BorClaw.
-- **PR #85104** feat: fast talks auto mode. Related #85087. Thanks @alexph-dev.
-- **PR #94545** fix: keep trusted policies with hook registry. Thanks @jesse-merhi.
-- **PR #95792** fix(onboard): refresh provider plugin registry after setup installs. Related #95765. Thanks @snowzlmbot.
-
 ## 2026.6.9
 
 ### Highlights
 
-- **Richer Telegram delivery:** Telegram now sends rich HTML, preserves rich markdown and sticker paths, renders progress drafts and command output more faithfully, and keeps mentions and spooled handlers on the right delivery path. (#93286, #93164, #93124, #93364, #93130, #93088, #93281) Thanks @obviyus, @vincentkoc, @goutamadwant, @kesslerio, @NianJiuZst, @SweetSophia, @Marvinthebored, and @aaajiao.
+- **Richer Telegram delivery:** Telegram now sends rich HTML, preserves rich markdown and sticker paths, renders progress drafts and command output more faithfully, normalizes HTML tables safely, and keeps mentions and spooled handlers on the right delivery path. (#93286, #93164, #93124, #93364, #93130, #93002, #93088, #93281, #94891, #94856) Thanks @obviyus, @vincentkoc, @goutamadwant, @kesslerio, @NianJiuZst, @SweetSophia, @Marvinthebored, @aaajiao, @zhangguiping-xydt, @zhangqueping, and @jairrab.
 - **More dependable agent recovery:** retries, terminal outcomes, usage after compaction, session history repair, and reply reconciliation now keep more interrupted or partial turns moving toward a visible final result. (#92191, #93073, #93228, #93084, #93469, #93291, #90943) Thanks @ai-hpc, @lml2468, @fuller-stack-dev, @Hollychou924, @leno23, @de1tydev, @425072024, @wuwahe3, @drvoss, @yetval, @sandieman2, and @vincentkoc.
 - **A stronger Codex integration:** Codex gains automatic plugin approvals, GPT-5.3 Spark OAuth routing, remote-node `exec` as a dynamic tool, and more reliable app-server teardown and terminal outcomes. (#92625, #89133, #93654, #91767, #93287) Thanks @kevinslin, @VACInc, @vincentkoc, @JPKay-AI, and @aliahnaf2013-max.
-- **Standalone official provider plugins:** external provider packages are now first-class npm releases, externally installed channel plugins load at Gateway startup, and StepFun is intentionally npm-only because its ClawHub package name is unavailable. (#93470) Thanks @sunlit-deng, @cxdnicole, and @vincentkoc.
+- **Standalone official provider plugins:** external provider packages are now first-class npm releases, externally installed channel plugins load at Gateway startup, and StepFun is available from npm and ClawHub. (#93470) Thanks @sunlit-deng, @cxdnicole, and @vincentkoc.
 - **More capable web and native clients:** the Control UI adds a session workspace rail and extension health, iOS adds Watch controls, and Android shows chat context. (#92856, #91952, #93387, #92837) Thanks @Solvely-Colin, @jalehman, @joshavant, and @Tosko4.
 - **More useful search and skills:** Codex Hosted Search is available, key-free search providers remain deliberate opt-ins, and ClawHub skill installs retain verified source provenance. (#93446, #93616, #93283, #93506) Thanks @fuller-stack-dev, @davemorin, @momothemage, @nmccready-tars, and @vincentkoc.
 
 ### Changes
 
 - Providers and auth: add Codex Hosted Search, improve Gemini CLI OAuth behind proxies, and keep external provider onboarding on current choices and package metadata. (#93446, #92815) Thanks @fuller-stack-dev, @yetval, @EvetteYoung, and @vincentkoc.
-- Plugins and installs: externalized official providers publish as independent npm packages, Gateway discovers installed channel plugins at startup, and StepFun installs exclusively from npm. (#93470) Thanks @sunlit-deng, @cxdnicole, and @vincentkoc.
+- Plugins and installs: externalized official providers publish as independent npm packages, Gateway discovers installed channel plugins at startup, and StepFun installs from npm or ClawHub. (#93470) Thanks @sunlit-deng, @cxdnicole, and @vincentkoc.
 - Dashboard and mobile: add a session workspace rail, plugin health in status, compact cron lists, and iOS Watch controls. (#92856, #91952, #93395, #93387) Thanks @Solvely-Colin, @jalehman, @yu-xin-c, @centralpc, @joshavant, and @vincentkoc.
-- Codex and skills: add automatic plugin approvals, preserve ClawHub skill provenance, and expose remote-node execution to Codex when a node is connected. (#92625, #93283, #93654) Thanks @kevinslin, @momothemage, @nmccready-tars, @vincentkoc, and @JPKay-AI.
-- QA and release engineering: QA scenarios now use YAML, with broader profile evidence and release coverage for the plugin and channel matrix.
+- Codex, observability, and skills: add automatic plugin approvals and SecretRefs, preserve ClawHub skill provenance, add OpenTelemetry log export, and expose remote-node execution to Codex when a node is connected. (#92625, #94324, #93283, #94561, #93654) Thanks @kevinslin, @kevinlin-openai, @momothemage, @nmccready-tars, @jesse-merhi, @vincentkoc, and @JPKay-AI.
+- QA and release engineering: QA scenarios now use YAML, with broader profile evidence and release coverage for the plugin and channel matrix. Thanks @vincentkoc.
 
 ### Fixes
 
 - Security and privacy: redact secrets from debug/config output, block internal HTTP session overrides, audit open-DM tool exposure, and retain plugin write ownership checks. (#93333, #88496, #93443, #92883, #93353) Thanks @Alix-007, @jason-allen-oneal, @coygeek, @RichardCao, @yu-xin-c, @cjg20ss, @eleqtrizit, and @vincentkoc.
-- Agent and session runtime: retry thinking-only and empty post-tool turns, prevent duplicate hook execution, preserve fresh usage through compaction, and repair partial JSON/history artifacts. (#92191, #93073, #93009, #93084, #93469) Thanks @ai-hpc, @lml2468, @fuller-stack-dev, @zenglingbiao, @dertbv, @Hollychou924, @leno23, @de1tydev, @425072024, @wuwahe3, @drvoss, and @vincentkoc.
-- Channels and replies: fix Telegram rich delivery and ingress recovery, preserve WhatsApp auth and media error reporting, keep Mattermost thread replies intact, and harden Discord action handling. (#93286, #93364, #93281, #93076, #93334, #93424, #93488) Thanks @obviyus, @NianJiuZst, @mcaxtr, @rushindrasinha, @amknight, @lzyyzznl, @darealgege, and @vincentkoc.
+- Agent and session runtime: retry thinking-only and empty post-tool turns, prevent duplicate hook execution, preserve pending subagent delivery, preserve fresh usage through compaction, and repair partial JSON/history artifacts. (#92191, #93073, #93009, #93084, #93469, #94349, #92383, #94257) Thanks @ai-hpc, @lml2468, @fuller-stack-dev, @zenglingbiao, @dertbv, @Hollychou924, @leno23, @de1tydev, @425072024, @wuwahe3, @drvoss, @vincentkoc, @sallyom, @oiGaDio, @Hidetsugu55, and @Nas01010101.
+- Channels and replies: fix Telegram rich delivery, table rendering, action-error handling, progress draft cleanup before visible tool output, and ingress recovery; preserve command progress detail across channel adapters; retain WhatsApp opening text after a media failure; keep Mattermost thread replies intact; and harden Discord action handling. (#93286, #93364, #93281, #93002, #93076, #93334, #93424, #93488, #94868, #94891, #94856, #94810, #93823) Thanks @obviyus, @NianJiuZst, @mcaxtr, @zhangguiping-xydt, @rushindrasinha, @amknight, @lzyyzznl, @darealgege, @vincentkoc, @zhangqueping, @jairrab, @ZOOWH, @parveshsaini, and @yetval.
 - Storage and migrations: avoid SQLite WAL on network filesystems, clean reindex artifacts, keep setup state out of workspace dot-directories, and import default-agent auth profiles into SQLite. (#93454, #92891, #93182, #93295, #93520, #93156) Thanks @vincentkoc, @ZengWen-DT, @Zeng-wen, @potterdigital, @Alix-007, @Pick-cat, @sallyom, @1qh, and @Tazio7.
 - Provider and model behavior: fix Gemini CLI proxy OAuth, restore Codex Spark OAuth routing, correct Bedrock embedding model IDs, and preserve configured defaults in embedded runs. (#92815, #89133, #93452, #93428) Thanks @yetval, @EvetteYoung, @VACInc, @LiuwqGit, @aleck31, @zenglingbiao, @danielgerlag, and @vincentkoc.
 - CLI, TUI, and apps: accept global flags after subcommands, keep terminal output and activity indicators visible, preserve CJK IME composition, and refresh stale UI state. (#93455, #93460, #93006, #93427, #93498, #93606) Thanks @ooiuuii, @Alix-007, @ZengWen-DT, @Zeng-wen, @AlethiaQuizForge, @Zhaoqj2016, @liuhao1024, @BrianClaw1955, @vincentkoc, and @NicoBoom13.
-- Operations and updates: harden official plugin recovery, restart managed Gateways after failed update handoff, avoid Node-specific npm prefixes, and keep package validation paths reliable. (#93325, #92111, #93650) Thanks @vincentkoc, @yetval, @ofan, and @yaanfpv.
+- Operations and updates: harden official plugin recovery, restart managed Gateways after failed update handoff, keep safe cron delivery defaults, avoid Node-specific npm prefixes, and keep package validation paths reliable. (#93325, #92111, #93650, #94453, #91685) Thanks @vincentkoc, @yetval, @ofan, @yaanfpv, @jincheng-xydt, @sallyom, @davectr, and @nxmxbbd.
 
 ### Complete contribution record
 
-This audited record covers the complete v2026.6.8..HEAD~1 history: 375 merged PRs. The generation manifest also supplies direct commits as editorial input; the grouped notes above prioritize user impact.
+This audited record covers the complete v2026.6.8..HEAD history: 423 merged PRs. The generation manifest also supplies direct commits as editorial input; the grouped notes above prioritize user impact.
 
 #### Pull requests
 
@@ -96,6 +57,7 @@ This audited record covers the complete v2026.6.8..HEAD~1 history: 375 merged PR
 - **PR #88792** fix(state): harden sqlite path caching. Thanks @vincentkoc.
 - **PR #93022** fix(gateway): repair usage cost aggregation across agents. Thanks @luke-skywalker-open-claw and @stablegenius49.
 - **PR #93020** fix(telegram): cool down transient sendChatAction failures. Related #56096. Thanks @Boulea7 and @sumaiazaman and @Pick-cat and @cal-rufus.
+- **PR #93002** fix(telegram): clear progress drafts before visible tool output. Thanks @zhangguiping-xydt.
 - **PR #89160** fix(agents): detect truncated API responses to prevent silent session hang. Related #89051. Thanks @joelnishanth and @ArthurusDent.
 - **PR #93009** fix(agents): make wrapToolWithBeforeToolCallHook idempotent to prevent double hook execution (fixes #92973). Thanks @zenglingbiao and @dertbv.
 - **PR #92991** fix(agents): tolerate missing attribution baseUrl. Related #92974. Thanks @samrusani and @Haderach-Ram.
@@ -214,7 +176,7 @@ This audited record covers the complete v2026.6.8..HEAD~1 history: 375 merged PR
 - **PR #90003** feat(policy): cover exec approvals artifact. Thanks @giodl73-repo.
 - **PR #93448** fix(guards): allow auth profile sqlite reader. Thanks @amknight.
 - **PR #93424** fix(mattermost): keep message tool replies in threads. Thanks @amknight and @vincentkoc.
-- **PR #93418** fix(telegram): forward Bot API 10.1 rich_message content to agent. Related #93410. Thanks @xzh-xydt and @vincentkoc and @0pen7ech.
+- **PR #93418** fix(telegram): forward Bot API 10.1 rich_message content to agent. Related #93410. Thanks @xzh-icenter and @vincentkoc and @0pen7ech.
 - **PR #93175** test(qa): taxonomy profiles: includeAllCategories for release profile, update some coverage. Thanks @RomneyDa.
 - **PR #93456** fix(agents): handle string assistant message content. Thanks @vincentkoc.
 - **PR #93441** fix(outbound): ignore schema-padded poll metadata on send. Related #43015. Thanks @weichengdeng and @charzhou.
@@ -451,6 +413,53 @@ This audited record covers the complete v2026.6.8..HEAD~1 history: 375 merged PR
 - **PR #94658** test(sqlite): use shared temp directory helper. Thanks @vincentkoc.
 - **PR #92135** fix(openai-embedding): preserve openai/ prefix for non-native base URLs. Related #92124. Thanks @xialonglee and @Kambrian.
 - **PR #93737** refactor: add session maintenance transaction seam. Thanks @jalehman.
+- **PR #93685** refactor(auto-reply): add lifecycle storage seams. Thanks @jalehman.
+- **PR #94349** fix(agents): preserve pending subagent completion announces. Related #93323. Thanks @sallyom and @oiGaDio.
+- **PR #93174** test: fold channel message flows into qa e2e. Thanks @RomneyDa.
+- **PR #94093** Prevent Codex thread rotation from losing next-step context. Thanks @VACInc.
+- **PR #53920** fix(scripts): avoid mutating tracked auth-monitor template during setup. Thanks @JackWuGlobal.
+- **PR #94702** Standardize QA coverage IDs on dotted names. Thanks @RomneyDa.
+- **PR #81825** fix(skills/1password): stop forcing tmux for desktop app auth (#52540). Thanks @koshaji and @tylerbittner.
+- **PR #94725** fix(doctor): warn on volatile SQLite state. Thanks @vincentkoc.
+- **PR #88551** fix(agents): skip auth gate for CLI-owned transport. Thanks @yu-xin-c.
+- **PR #88581** feat(commands): add /name to rename the current session from chat. Thanks @BSG2000.
+- **PR #94324** feat(codex): support app-server SecretRefs. Thanks @kevinlin-openai and @kevinslin.
+- **PR #90882** fix: add self-knowledge docs rule to system prompt. Related #90713. Thanks @SutraHsing.
+- **PR #94684** fix: #80507 show dry-run output for message send/poll. Thanks @lzyyzznl and @YB0y.
+- **PR #93823** fix(whatsapp): keep opening text chunk when first media fails on multi-chunk reply. Thanks @yetval.
+- **PR #89203** refactor: route SDK session compatibility through seam. Thanks @jalehman.
+- **PR #94453** fix: default cron runMode to "due" instead of "force" (#94270). Thanks @jincheng-xydt and @sallyom and @davectr.
+- **PR #94746** fix(note): prevent clack from re-breaking copy-sensitive tokens. Related #94730. Thanks @xzh-icenter and @berkgungor.
+- **PR #89904** refactor: route sdk session compatibility through accessor. Thanks @jalehman.
+- **PR #86719** fix(skills): retarget stale plugin skill symlinks. Related #85925. Thanks @stevenepalmer and @shakkernerd.
+- **PR #94337** fix(tui): show 0 not ? for fresh-session context tokens in footer. Thanks @mushuiyu886.
+- **PR #94539** fix(android): group settings by intent. Thanks @Tosko4.
+- **PR #92383** fix(gateway): never return an empty chat.history transcript. Thanks @Hidetsugu55.
+- **PR #92574** test(browser): cover action-input CLI request bodies. Related #83877. Thanks @yu-xin-c and @davinci282828.
+- **PR #92873** test(diffs): add viewerState, toolbar toggle, shadow root, and hydrateProps tests (fixes #83915). Thanks @liuhao1024 and @davinci282828.
+- **PR #94257** fix(sessions): preserve Media\* index alignment when reading user-turn fields. Thanks @Nas01010101.
+- **PR #94756** fix(codex): bound turn/start text when context budget is non-positive. Related #94748. Thanks @Nas01010101.
+- **PR #94729** fix(skills/trello): add curl to requires.bins to match body examples (fixes #94727). Thanks @liuhao1024 and @berkgungor.
+- **PR #94790** feat(slack): log INFO receipt for inbound app_mention events. Related #94691. Thanks @ZengWen-DT and @BryceMurray.
+- **PR #81696** fix: guard tool event callbacks (AI-assisted). Thanks @enjoylife1243.
+- **PR #94809** chore: forward-port alpha release fixes.
+- **PR #94612** fix(macos): open NSOpenPanel for embedded Control UI file inputs (#94468). Thanks @bbblending and @DINGDANGMAOUP.
+- **PR #89806** fix(feishu): avoid axios interceptor internals. Related #83913. Thanks @sweetcornna and @davinci282828.
+- **PR #91923** fix(ios): clean up notification settings state. Thanks @zats.
+- **PR #91345** fix: suggest close CLI commands. Related #83999. Thanks @glenn-agent and @HannesOberreiter.
+- **PR #94561** Add stdout diagnostics OTEL log exporter. Thanks @jesse-merhi.
+- **PR #91013** fix(gateway): ignore stale abort markers for fresh chat events. Related #91012. Thanks @nxmxbbd.
+- **PR #89279** fix(tasks): deliver ACP completions to bound Discord threads. Related #84022. Thanks @anyech and @h-mascot.
+- **PR #91656** test(cron): expand parseAbsoluteTimeMs test coverage to 39 cases. Related #91654. Thanks @SpecialLeon.
+- **PR #94810** fix(telegram): classify sendChatAction 401 by structured error_code, not bare substring match. Related #94787. Thanks @ZOOWH and @parveshsaini.
+- **PR #94737** fix(reply): clarify provider internal error copy. Thanks @snowzlmbot.
+- **PR #94868** fix(channels): preserve command progress detail. Thanks @vincentkoc.
+- **PR #94891** fix(telegram): send progress previews as html text. Thanks @obviyus.
+- **PR #94683** fix(outbound): keep direct-only targets out of group sessions. Related #92384. Thanks @scotthuang and @haiwei01.
+- **PR #92477** fix: migrate watch app to single-target app (Xcode 27+ compat). Thanks @zats and @joshavant.
+- **PR #94812** test(perf): compare saved CLI startup benchmarks. Thanks @FelixIsaac.
+- **PR #94856** fix(telegram): normalize all HTML tables before entity-escaping in rich messages. Related #94317. Thanks @zhangqueping and @jairrab.
+- **PR #91685** fix(cron): refuse keyless implicit isolated cron delivery inherited from shared agent-main bucket. Thanks @nxmxbbd.
 
 ## 2026.6.8
 

apps/android/Config/Version.properties

@@ -2,5 +2,5 @@
 # Source of truth: apps/android/version.json
 # Generated by scripts/android-sync-versioning.ts.
 
-OPENCLAW_ANDROID_VERSION_NAME=2026.6.10
-OPENCLAW_ANDROID_VERSION_CODE=2026061001
+OPENCLAW_ANDROID_VERSION_NAME=2026.6.9
+OPENCLAW_ANDROID_VERSION_CODE=2026060901

apps/android/version.json

@@ -1,4 +1,4 @@
 {
-  "version": "2026.6.10",
-  "versionCode": 2026061001
+  "version": "2026.6.9",
+  "versionCode": 2026060901
 }

apps/ios/CHANGELOG.md

@@ -1,11 +1,5 @@
 # OpenClaw iOS Changelog
 
-## 2026.6.10 - 2026-06-21
-
-Maintenance update for the current OpenClaw beta release.
-
-- Improved notification cleanup, Watch app compatibility, and native file input handling.
-
 ## 2026.6.9 - 2026-06-20
 
 Maintenance update for the current OpenClaw release.

apps/ios/Config/Version.xcconfig

@@ -2,8 +2,8 @@
 // Source of truth: apps/ios/version.json
 // Generated by scripts/ios-sync-versioning.ts.
 
-OPENCLAW_IOS_VERSION = 2026.6.10
-OPENCLAW_MARKETING_VERSION = 2026.6.10
+OPENCLAW_IOS_VERSION = 2026.6.9
+OPENCLAW_MARKETING_VERSION = 2026.6.9
 OPENCLAW_BUILD_VERSION = 1
 
 #include? "../build/Version.xcconfig"

apps/ios/Sources/Model/NodeAppModel.swift

@@ -23,6 +23,10 @@ private struct WatchChatPreview {
     var statusText: String?
 }
 
+private struct ExecApprovalGatewayEventPayload: Decodable {
+    var id: String
+}
+
 /// Ensures notification requests return promptly even if the system prompt blocks.
 private final class NotificationInvokeLatch<T: Sendable>: @unchecked Sendable {
     private let lock = NSLock()
@@ -895,26 +899,49 @@ final class NodeAppModel {
             for await evt in stream {
                 if Task.isCancelled { return }
                 guard let payload = evt.payload else { continue }
-                switch evt.event {
-                case "voicewake.changed":
-                    struct Payload: Decodable { var triggers: [String] }
-                    guard let decoded = try? GatewayPayloadDecoding.decode(payload, as: Payload.self) else { continue }
-                    let triggers = VoiceWakePreferences.sanitizeTriggerWords(decoded.triggers)
-                    VoiceWakePreferences.saveTriggerWords(triggers)
-                case "talk.mode":
-                    struct Payload: Decodable {
-                        var enabled: Bool
-                        var phase: String?
-                    }
-                    guard let decoded = try? GatewayPayloadDecoding.decode(payload, as: Payload.self) else { continue }
-                    self.applyTalkModeSync(enabled: decoded.enabled, phase: decoded.phase)
-                default:
-                    continue
-                }
+                await self.handleOperatorGatewayServerEvent(evt)
             }
         }
     }
 
+    private func handleOperatorGatewayServerEvent(_ evt: EventFrame) async {
+        guard let payload = evt.payload else { return }
+        switch evt.event {
+        case "voicewake.changed":
+            struct Payload: Decodable { var triggers: [String] }
+            guard let decoded = try? GatewayPayloadDecoding.decode(payload, as: Payload.self) else { return }
+            let triggers = VoiceWakePreferences.sanitizeTriggerWords(decoded.triggers)
+            VoiceWakePreferences.saveTriggerWords(triggers)
+        case "talk.mode":
+            struct Payload: Decodable {
+                var enabled: Bool
+                var phase: String?
+            }
+            guard let decoded = try? GatewayPayloadDecoding.decode(payload, as: Payload.self) else { return }
+            self.applyTalkModeSync(enabled: decoded.enabled, phase: decoded.phase)
+        case ExecApprovalNotificationBridge.requestedKind:
+            guard let approvalId = Self.execApprovalEventID(from: payload) else { return }
+            await self.presentExecApprovalNotificationPrompt(
+                ExecApprovalNotificationPrompt(approvalId: approvalId))
+        case ExecApprovalNotificationBridge.resolvedKind:
+            guard let approvalId = Self.execApprovalEventID(from: payload) else { return }
+            await self.handleExecApprovalResolvedRemotePush(approvalId: approvalId)
+        default:
+            return
+        }
+    }
+
+    private nonisolated static func execApprovalEventID(from payload: AnyCodable) -> String? {
+        guard let decoded = try? GatewayPayloadDecoding.decode(
+            payload,
+            as: ExecApprovalGatewayEventPayload.self)
+        else {
+            return nil
+        }
+        let approvalId = decoded.id.trimmingCharacters(in: .whitespacesAndNewlines)
+        return approvalId.isEmpty ? nil : approvalId
+    }
+
     private func applyTalkModeSync(enabled: Bool, phase: String?) {
         _ = phase
         guard self.talkMode.isEnabled != enabled else { return }
@@ -5139,6 +5166,14 @@ extension NodeAppModel {
             isBackgrounded: isBackgrounded)
     }
 
+    nonisolated static func _test_execApprovalEventID(from payload: AnyCodable) -> String? {
+        self.execApprovalEventID(from: payload)
+    }
+
+    func _test_handleOperatorGatewayServerEvent(_ event: EventFrame) async {
+        await self.handleOperatorGatewayServerEvent(event)
+    }
+
     nonisolated static func _test_watchExecApprovalIDsNeedingFetch(
         candidateIDs: [String],
         cachedApprovalIDs: [String]) -> [String]

apps/ios/Tests/NodeAppModelInvokeTests.swift

@@ -1160,6 +1160,35 @@ private final class MockBootstrapNotificationCenter: NotificationCentering, @unc
                 isBackgrounded: false))
     }
 
+    @Test func execApprovalEventIDDecodesGatewayPayload() {
+        #expect(NodeAppModel._test_execApprovalEventID(from: AnyCodable(["id": " approval-1 "])) == "approval-1")
+        #expect(NodeAppModel._test_execApprovalEventID(from: AnyCodable(["id": "   "])) == nil)
+        #expect(NodeAppModel._test_execApprovalEventID(from: AnyCodable(["other": "approval-1"])) == nil)
+    }
+
+    @Test @MainActor func operatorGatewayResolvedEventClearsPendingApprovalPrompt() async throws {
+        let appModel = NodeAppModel()
+        try appModel._test_presentExecApprovalPrompt(
+            #require(
+                NodeAppModel._test_makeExecApprovalPrompt(
+                    id: "approval-event-resolved",
+                    commandText: "echo clear",
+                    allowedDecisions: ["allow-once", "deny"],
+                    host: "gateway",
+                    nodeId: nil,
+                    agentId: nil,
+                    expiresAtMs: Int(Date().timeIntervalSince1970 * 1000) + 60000)))
+
+        await appModel._test_handleOperatorGatewayServerEvent(EventFrame(
+            type: "event",
+            event: ExecApprovalNotificationBridge.resolvedKind,
+            payload: AnyCodable(["id": "approval-event-resolved"]),
+            seq: nil,
+            stateversion: nil))
+
+        #expect(appModel._test_pendingExecApprovalPrompt() == nil)
+    }
+
     @Test func watchExecApprovalHydrateFetchesOnlyMissingIDs() {
         let idsToFetch = NodeAppModel._test_watchExecApprovalIDsNeedingFetch(
             candidateIDs: ["cached", "pending", "cached", "other", "", "  pending  "],

apps/ios/fastlane/metadata/en-US/release_notes.txt

@@ -1,3 +1,5 @@
-Maintenance update for the current OpenClaw beta release.
+Maintenance update for the current OpenClaw release.
 
-- Improved notification cleanup, Watch app compatibility, and native file input handling.
+- Added Apple Watch controls for common agent actions.
+- Improved Gateway setup, notification settings, and share-extension identity handling.
+- Updated the Watch app integration for current Xcode compatibility.

apps/ios/version.json

@@ -1,3 +1,3 @@
 {
-  "version": "2026.6.10"
+  "version": "2026.6.9"
 }

apps/macos/Sources/OpenClaw/Resources/Info.plist

@@ -15,9 +15,9 @@
     <key>CFBundlePackageType</key>
     <string>APPL</string>
     <key>CFBundleShortVersionString</key>
-    <string>2026.6.10</string>
+    <string>2026.6.9</string>
     <key>CFBundleVersion</key>
-    <string>2026061000</string>
+    <string>2026060900</string>
     <key>CFBundleIconFile</key>
     <string>OpenClaw</string>
     <key>CFBundleURLTypes</key>

apps/shared/OpenClawKit/Sources/OpenClawProtocol/GatewayModels.swift

@@ -6592,6 +6592,7 @@ public struct ExecApprovalRequestParams: Codable, Sendable {
     public let turnsourceto: AnyCodable?
     public let turnsourceaccountid: AnyCodable?
     public let turnsourcethreadid: AnyCodable?
+    public let approvalreviewerdeviceids: [String]?
     public let requiredeliveryroute: Bool?
     public let suppressdelivery: Bool?
     public let timeoutms: Int?
@@ -6618,6 +6619,7 @@ public struct ExecApprovalRequestParams: Codable, Sendable {
         turnsourceto: AnyCodable?,
         turnsourceaccountid: AnyCodable?,
         turnsourcethreadid: AnyCodable?,
+        approvalreviewerdeviceids: [String]?,
         requiredeliveryroute: Bool? = nil,
         suppressdelivery: Bool? = nil,
         timeoutms: Int?,
@@ -6643,6 +6645,7 @@ public struct ExecApprovalRequestParams: Codable, Sendable {
         self.turnsourceto = turnsourceto
         self.turnsourceaccountid = turnsourceaccountid
         self.turnsourcethreadid = turnsourcethreadid
+        self.approvalreviewerdeviceids = approvalreviewerdeviceids
         self.requiredeliveryroute = requiredeliveryroute
         self.suppressdelivery = suppressdelivery
         self.timeoutms = timeoutms
@@ -6670,6 +6673,7 @@ public struct ExecApprovalRequestParams: Codable, Sendable {
         case turnsourceto = "turnSourceTo"
         case turnsourceaccountid = "turnSourceAccountId"
         case turnsourcethreadid = "turnSourceThreadId"
+        case approvalreviewerdeviceids = "approvalReviewerDeviceIds"
         case requiredeliveryroute = "requireDeliveryRoute"
         case suppressdelivery = "suppressDelivery"
         case timeoutms = "timeoutMs"
@@ -7273,9 +7277,7 @@ public struct ChatSendParams: Codable, Sendable {
     public let sessionid: String?
     public let message: String
     public let thinking: String?
-    public let fastmodevalue: AnyCodable?
-    public var fastmode: Bool? { fastmodevalue?.value as? Bool }
-    public let fastautoonseconds: Int?
+    public let fastmode: Bool?
     public let deliver: Bool?
     public let originatingchannel: String?
     public let originatingto: String?
@@ -7288,46 +7290,6 @@ public struct ChatSendParams: Codable, Sendable {
     public let suppresscommandinterpretation: Bool?
     public let idempotencykey: String
 
-    public init(
-        sessionkey: String,
-        agentid: String? = nil,
-        sessionid: String?,
-        message: String,
-        thinking: String?,
-        fastmodevalue: AnyCodable?,
-        fastautoonseconds: Int?,
-        deliver: Bool?,
-        originatingchannel: String?,
-        originatingto: String?,
-        originatingaccountid: String?,
-        originatingthreadid: String?,
-        attachments: [AnyCodable]?,
-        timeoutms: Int?,
-        systeminputprovenance: [String: AnyCodable]?,
-        systemprovenancereceipt: String?,
-        suppresscommandinterpretation: Bool?,
-        idempotencykey: String)
-    {
-        self.sessionkey = sessionkey
-        self.agentid = agentid
-        self.sessionid = sessionid
-        self.message = message
-        self.thinking = thinking
-        self.fastmodevalue = fastmodevalue
-        self.fastautoonseconds = fastautoonseconds
-        self.deliver = deliver
-        self.originatingchannel = originatingchannel
-        self.originatingto = originatingto
-        self.originatingaccountid = originatingaccountid
-        self.originatingthreadid = originatingthreadid
-        self.attachments = attachments
-        self.timeoutms = timeoutms
-        self.systeminputprovenance = systeminputprovenance
-        self.systemprovenancereceipt = systemprovenancereceipt
-        self.suppresscommandinterpretation = suppresscommandinterpretation
-        self.idempotencykey = idempotencykey
-    }
-
     public init(
         sessionkey: String,
         agentid: String? = nil,
@@ -7347,25 +7309,23 @@ public struct ChatSendParams: Codable, Sendable {
         suppresscommandinterpretation: Bool?,
         idempotencykey: String)
     {
-        self.init(
-            sessionkey: sessionkey,
-            agentid: agentid,
-            sessionid: sessionid,
-            message: message,
-            thinking: thinking,
-            fastmodevalue: fastmode.map { AnyCodable($0) },
-            fastautoonseconds: nil,
-            deliver: deliver,
-            originatingchannel: originatingchannel,
-            originatingto: originatingto,
-            originatingaccountid: originatingaccountid,
-            originatingthreadid: originatingthreadid,
-            attachments: attachments,
-            timeoutms: timeoutms,
-            systeminputprovenance: systeminputprovenance,
-            systemprovenancereceipt: systemprovenancereceipt,
-            suppresscommandinterpretation: suppresscommandinterpretation,
-            idempotencykey: idempotencykey)
+        self.sessionkey = sessionkey
+        self.agentid = agentid
+        self.sessionid = sessionid
+        self.message = message
+        self.thinking = thinking
+        self.fastmode = fastmode
+        self.deliver = deliver
+        self.originatingchannel = originatingchannel
+        self.originatingto = originatingto
+        self.originatingaccountid = originatingaccountid
+        self.originatingthreadid = originatingthreadid
+        self.attachments = attachments
+        self.timeoutms = timeoutms
+        self.systeminputprovenance = systeminputprovenance
+        self.systemprovenancereceipt = systemprovenancereceipt
+        self.suppresscommandinterpretation = suppresscommandinterpretation
+        self.idempotencykey = idempotencykey
     }
 
     private enum CodingKeys: String, CodingKey {
@@ -7374,8 +7334,7 @@ public struct ChatSendParams: Codable, Sendable {
         case sessionid = "sessionId"
         case message
         case thinking
-        case fastmodevalue = "fastMode"
-        case fastautoonseconds = "fastAutoOnSeconds"
+        case fastmode = "fastMode"
         case deliver
         case originatingchannel = "originatingChannel"
         case originatingto = "originatingTo"

docs/.generated/config-baseline.sha256

@@ -1,4 +1,4 @@
-7ce9a1d8d4a69eab05d700241472db66f268f20c144692dc69d38ba22f06d741  config-baseline.json
-5d355e16324e0e68d6e034e135e487947f67397a99a6ff91949c6aa07645e982  config-baseline.core.json
+24f11880cec619997ff93d303c32431bf4fb2bfefb56c9f0ece35ff91b329a80  config-baseline.json
+2923c1120c0369aeca6646cd67f7264590c6a1f4e5bc3157a04d7661324c6868  config-baseline.core.json
 2d735389858305509528e74329b6f8c65d311e1471c3b4e91dc17aaab8e63a80  config-baseline.channel.json
 d2e2114f1cd43dc894fe1a4836677b42a2a5af825537d6c4a932da832d58a590  config-baseline.plugin.json

docs/.generated/plugin-sdk-api-baseline.sha256

@@ -1,2 +1,2 @@
-4bbf1636d7e0b410fffa3d12a366371b2f66524f7c730fdc4de789d0f482aeb2  plugin-sdk-api-baseline.json
-c5194a29911287897eee44c3579878bda552a6a7baa135bba9c719fa2ded9ab8  plugin-sdk-api-baseline.jsonl
+172fe4e143964c0a20525428ff3e6c7631856a7d51c6ad48959a35c72363a410  plugin-sdk-api-baseline.json
+a4c18ea9f0b0d2c22183bf8c082e757b7f9852b4c518c8b8cb62a21a9dd766e9  plugin-sdk-api-baseline.jsonl

docs/automation/cron-jobs.md

@@ -183,7 +183,7 @@ Model-selection precedence for isolated jobs is:
 3. User-selected stored cron session model override
 4. Agent/default model selection
 
-Fast mode follows the resolved live selection too. If the selected model config has `params.fastMode`, isolated cron uses that by default. A stored session `fastMode` override still wins over config in either direction. Auto mode uses the selected model's `params.fastAutoOnSeconds` cutoff when present, defaulting to 60 seconds.
+Fast mode follows the resolved live selection too. If the selected model config has `params.fastMode`, isolated cron uses that by default. A stored session `fastMode` override still wins over config in either direction.
 
 If an isolated run hits a live model-switch handoff, cron retries with the switched provider/model and persists that live selection for the active run before retrying. When the switch also carries a new auth profile, cron persists that auth profile override for the active run too. Retries are bounded: after the initial attempt plus 2 switch retries, cron aborts instead of looping forever.
 

docs/channels/slack.md

@@ -1,11 +1,11 @@
 ---
-summary: "Slack setup and runtime behavior (Socket Mode + HTTP Request URLs)"
+summary: "Slack setup and runtime behavior (Socket Mode, HTTP Request URLs, and relay mode)"
 read_when:
-  - Setting up Slack or debugging Slack socket/HTTP mode
+  - Setting up Slack or debugging Slack socket, HTTP, or relay mode
 title: "Slack"
 ---
 
-Production-ready for DMs and channels via Slack app integrations. Default mode is Socket Mode; HTTP Request URLs are also supported.
+Production-ready for DMs and channels via Slack app integrations. Default mode is Socket Mode; HTTP Request URLs are also supported. Relay mode is intended for managed deployments where a trusted router owns Slack ingress.
 
 <CardGroup cols={3}>
   <Card title="Pairing" icon="link" href="/channels/pairing">
@@ -41,6 +41,37 @@ Both transports are production-ready and reach feature parity for messaging, sla
 **Pick HTTP Request URLs** when running multiple Gateway replicas behind a load balancer, when outbound WSS is blocked but inbound HTTPS is allowed, or when you already terminate Slack webhooks at a reverse proxy.
 </Note>
 
+### Relay mode
+
+Relay mode separates Slack ingress from the OpenClaw gateway. A trusted router owns the
+single Slack Socket Mode connection, chooses a destination gateway, and forwards a typed
+event over an authenticated websocket. The gateway continues to use its bot token for
+outbound Slack Web API calls.
+
+```json5
+{
+  channels: {
+    slack: {
+      mode: "relay",
+      botToken: { source: "env", provider: "default", id: "SLACK_BOT_TOKEN" },
+      relay: {
+        url: "wss://router.example.com/gateway/ws",
+        authToken: { source: "env", provider: "default", id: "SLACK_RELAY_AUTH_TOKEN" },
+        gatewayId: "team-gateway",
+      },
+    },
+  },
+}
+```
+
+The relay URL must use `wss://` unless it targets localhost. Treat the bearer token and
+router route table as part of the Slack authorization boundary: routed events enter the
+normal Slack message handler as authorized activations. A router-provided `slack_identity`
+in the websocket `hello` frame can set the default outbound username and icon; an explicit
+identity supplied by the caller still wins. The relay connection reconnects with the same
+bounded backoff timing used by Socket Mode and clears the router-provided identity whenever
+it disconnects.
+
 ## Install
 
 Install Slack before configuring the channel:
@@ -863,7 +894,8 @@ The default manifest enables the Slack App Home **Home** tab and subscribes to `
 
 - `botToken` + `appToken` are required for Socket Mode.
 - HTTP mode requires `botToken` + `signingSecret`.
-- `botToken`, `appToken`, `signingSecret`, and `userToken` accept plaintext
+- Relay mode requires `botToken` plus `relay.url`, `relay.authToken`, and `relay.gatewayId`; it does not use an app token or signing secret.
+- `botToken`, `appToken`, `signingSecret`, `relay.authToken`, and `userToken` accept plaintext
   strings or SecretRef objects.
 - Config tokens override env fallback.
 - `SLACK_BOT_TOKEN` / `SLACK_APP_TOKEN` env fallback applies only to the default account.

docs/channels/telegram.md

@@ -336,7 +336,8 @@ curl "https://api.telegram.org/bot<bot_token>/getUpdates"
     Requirement:
 
     - `channels.telegram.streaming` is `off | partial | block | progress` (default: `partial`)
-    - `progress` keeps one editable status draft for tool progress, clears it at completion, and sends the final answer as a normal message
+    - short initial answer previews are debounced, then materialized after a bounded delay if the run is still active
+    - `progress` keeps one editable status draft for tool progress, shows the stable status label when answer activity arrives before tool progress, clears it at completion, and sends the final answer as a normal message
     - `streaming.preview.toolProgress` controls whether tool/progress updates reuse the same edited preview message (default: `true` when preview streaming is active)
     - `streaming.preview.commandText` controls command/exec detail inside those tool-progress lines: `raw` (default, preserves released behavior) or `status` (tool label only)
     - `streaming.progress.commentary` (default: `false`) opts into assistant commentary/preamble text in the temporary progress draft

docs/cli/cron.md

@@ -197,7 +197,7 @@ Isolated cron resolves the active model in this order:
 
 ### Fast mode
 
-Isolated cron fast mode follows the resolved live model selection. Model config `params.fastMode` applies by default, but a stored session `fastMode` override still wins over config. When the resolved mode is `auto`, the cutoff uses the selected model's `params.fastAutoOnSeconds` value, defaulting to 60 seconds.
+Isolated cron fast mode follows the resolved live model selection. Model config `params.fastMode` applies by default, but a stored session `fastMode` override still wins over config.
 
 ### Live model switch retries
 

docs/concepts/agent-runtimes.md

@@ -230,8 +230,8 @@ canonical subscription `github-copilot` provider and is **never** selected by
 The harness claims its provider, runtime, CLI session key, and auth profile
 prefix in `extensions/copilot/doctor-contract-api.ts`, which
 `openclaw doctor` auto-loads. For configuration, auth, transcript mirroring,
-compaction, the doctor probe surface, and the broader PI vs Codex vs Copilot
-SDK decision, see [GitHub Copilot agent runtime](/plugins/copilot).
+compaction, the declarative doctor contract, and the broader PI vs Codex vs
+Copilot SDK decision, see [GitHub Copilot agent runtime](/plugins/copilot).
 
 ## Compatibility contract
 

docs/concepts/qa-e2e-automation.md

@@ -302,13 +302,13 @@ Live transport runners should import the shared scenario ids, baseline
 coverage helpers, and scenario-selection helper from
 `openclaw/plugin-sdk/qa-live-transport-scenarios`.
 
-| Lane     | Canary | Mention gating | Bot-to-bot | Allowlist block | Top-level reply | Restart resume | Thread follow-up | Thread isolation | Reaction observation | Help command | Native command registration |
-| -------- | ------ | -------------- | ---------- | --------------- | --------------- | -------------- | ---------------- | ---------------- | -------------------- | ------------ | --------------------------- |
-| Matrix   | x      | x              | x          | x               | x               | x              | x                | x                | x                    |              |                             |
-| Telegram | x      | x              | x          |                 |                 |                |                  |                  |                      | x            |                             |
-| Discord  | x      | x              | x          |                 |                 |                |                  |                  |                      |              | x                           |
-| Slack    | x      | x              | x          | x               | x               | x              | x                | x                |                      |              |                             |
-| WhatsApp | x      | x              |            | x               | x               | x              |                  |                  | x                    | x            |                             |
+| Lane     | Canary | Mention gating | Bot-to-bot | Allowlist block | Top-level reply | Quote reply | Restart resume | Thread follow-up | Thread isolation | Reaction observation | Help command | Native command registration |
+| -------- | ------ | -------------- | ---------- | --------------- | --------------- | ----------- | -------------- | ---------------- | ---------------- | -------------------- | ------------ | --------------------------- |
+| Matrix   | x      | x              | x          | x               | x               |             | x              | x                | x                | x                    |              |                             |
+| Telegram | x      | x              | x          |                 |                 |             |                |                  |                  |                      | x            |                             |
+| Discord  | x      | x              | x          |                 |                 |             |                |                  |                  |                      |              | x                           |
+| Slack    | x      | x              | x          | x               | x               |             | x              | x                | x                |                      |              |                             |
+| WhatsApp | x      | x              |            | x               | x               | x           | x              |                  |                  | x                    | x            |                             |
 
 This keeps `qa-channel` as the broad product-behavior suite while Matrix,
 Telegram, and other live transports share one explicit transport-contract checklist.
@@ -731,8 +731,9 @@ Scenario catalog (`extensions/qa-lab/src/live-transports/whatsapp/whatsapp-live.
   `whatsapp-whoami-command`, `whatsapp-context-command`,
   `whatsapp-native-new-command`.
 - Reply and final-output behavior: `whatsapp-tool-only-usage-footer`,
-  `whatsapp-reply-to-message`, `whatsapp-reply-context-isolation`,
-  `whatsapp-reply-delivery-shape`, `whatsapp-stream-final-message-accounting`.
+  `whatsapp-reply-to-message`, `whatsapp-group-reply-to-message`,
+  `whatsapp-reply-context-isolation`, `whatsapp-reply-delivery-shape`,
+  `whatsapp-stream-final-message-accounting`.
 - Inbound media and structured messages: `whatsapp-inbound-image-caption`,
   `whatsapp-audio-preflight`, `whatsapp-inbound-structured-messages`,
   `whatsapp-group-audio-gating`. These send real WhatsApp image, audio,
@@ -749,9 +750,9 @@ Scenario catalog (`extensions/qa-lab/src/live-transports/whatsapp/whatsapp-live.
   `whatsapp-approval-plugin-native`.
 - Status reactions: `whatsapp-status-reactions`.
 
-The catalog currently contains 35 scenarios. The `live-frontier` default lane is
-kept small at 8 scenarios for fast smoke coverage. The `mock-openai` default
-lane runs 29 deterministic scenarios through the real WhatsApp transport while
+The catalog currently contains 36 scenarios. The `live-frontier` default lane is
+kept small at 10 scenarios for fast smoke coverage. The `mock-openai` default
+lane runs 31 deterministic scenarios through the real WhatsApp transport while
 mocking only model output. Approval scenarios and a few heavier/blocking checks
 remain explicit by scenario id.
 

docs/concepts/streaming.md

@@ -160,9 +160,10 @@ Legacy key migration:
 Telegram:
 
 - Uses `sendMessage` + `editMessageText` preview updates across DMs and group/topics.
+- Short initial previews are still debounced for push-notification UX, but Telegram now materializes them after a bounded delay so active runs do not stay visually silent.
 - Final text edits the active preview in place; long finals reuse that message for the first chunk and send only the remaining chunks.
 - `block` mode rotates the preview into a new message at `streaming.preview.chunk.maxChars` (default 800, capped at Telegram's 4096 edit limit); other modes grow one preview up to 4096 characters.
-- `progress` mode keeps tool progress in an editable status draft, clears that draft at completion, and sends the final answer through normal delivery.
+- `progress` mode keeps tool progress in an editable status draft, materializes the status label when answer streaming is active but no tool line is available yet, clears that draft at completion, and sends the final answer through normal delivery.
 - If the final edit fails before the completed text is confirmed, OpenClaw uses normal final delivery and cleans up the stale preview.
 - Preview streaming is skipped when Telegram block streaming is explicitly enabled (to avoid double-streaming).
 - `/reasoning stream` can write reasoning to a transient preview that is deleted after final delivery.

docs/gateway/config-agents.md

@@ -249,9 +249,10 @@ Shared defaults for bounded runtime context surfaces.
 - `toolResultMaxChars`: advanced live tool-result ceiling used for persisted
   results and overflow recovery. Leave unset for the model-context auto cap:
   `16000` chars below 100K tokens, `32000` chars at 100K+ tokens, and `64000`
-  chars at 200K+ tokens. The effective cap is still limited to about 30% of the
-  model context window. `openclaw doctor --deep` prints the effective cap, and
-  doctor warns only when an explicit override is stale or has no effect.
+  chars at 200K+ tokens. Explicit values up to `1000000` are accepted for
+  long-context models, but the effective cap is still limited to about 30% of
+  the model context window. `openclaw doctor --deep` prints the effective cap,
+  and doctor warns only when an explicit override is stale or has no effect.
 - `postCompactionMaxChars`: AGENTS.md excerpt cap used during post-compaction
   refresh injection.
 
@@ -1098,7 +1099,7 @@ for provider examples and precedence.
 - `skills`: optional per-agent skill allowlist. If omitted, the agent inherits `agents.defaults.skills` when set; an explicit list replaces defaults instead of merging, and `[]` means no skills.
 - `thinkingDefault`: optional per-agent default thinking level (`off | minimal | low | medium | high | xhigh | adaptive | max`). Overrides `agents.defaults.thinkingDefault` for this agent when no per-message or session override is set. The selected provider/model profile controls which values are valid; for Google Gemini, `adaptive` keeps provider-owned dynamic thinking (`thinkingLevel` omitted on Gemini 3/3.1, `thinkingBudget: -1` on Gemini 2.5).
 - `reasoningDefault`: optional per-agent default reasoning visibility (`on | off | stream`). Overrides `agents.defaults.reasoningDefault` for this agent when no per-message or session reasoning override is set.
-- `fastModeDefault`: optional per-agent default for fast mode (`"auto" | true | false`). Applies when no per-message or session fast-mode override is set.
+- `fastModeDefault`: optional per-agent default for fast mode (`true | false`). Applies when no per-message or session fast-mode override is set.
 - `models`: optional per-agent model catalog/runtime overrides keyed by full `provider/model` ids. Use `models["provider/model"].agentRuntime` for per-agent runtime exceptions.
 - `runtime`: optional per-agent runtime descriptor. Use `type: "acp"` with `runtime.acp` defaults (`agent`, `backend`, `mode`, `cwd`) when the agent should default to ACP harness sessions.
 - `identity.avatar`: workspace-relative path, `http(s)` URL, or `data:` URI.

docs/gateway/doctor.md

@@ -160,8 +160,6 @@ must be paired with `--lint`; regular doctor and repair runs reject them.
     - State integrity and permissions checks (sessions, transcripts, state dir).
     - Config file permission checks (chmod 600) when running locally.
     - Model auth health: checks OAuth expiry, can refresh expiring tokens, and reports auth-profile cooldown/disabled states.
-    - Extra workspace dir detection (`~/openclaw`).
-
   </Accordion>
   <Accordion title="Gateway, services, and supervisors">
     - Sandbox image repair when sandboxing is enabled.
@@ -469,14 +467,14 @@ That stages grounded durable candidates into the short-term dreaming store while
   <Accordion title="10. systemd linger (Linux)">
     If running as a systemd user service, doctor ensures lingering is enabled so the gateway stays alive after logout.
   </Accordion>
-  <Accordion title="11. Workspace status (skills, plugins, and legacy dirs)">
+  <Accordion title="11. Workspace status (skills, plugins, and TaskFlows)">
     Doctor prints a summary of the workspace state for the default agent:
 
     - **Skills status**: counts eligible, missing-requirements, and allowlist-blocked skills.
-    - **Legacy workspace dirs**: warns when `~/openclaw` or other legacy workspace directories exist alongside the current workspace.
     - **Plugin status**: counts enabled/disabled/errored plugins; lists plugin IDs for any errors; reports bundle plugin capabilities.
     - **Plugin compatibility warnings**: flags plugins that have compatibility issues with the current runtime.
     - **Plugin diagnostics**: surfaces any load-time warnings or errors emitted by the plugin registry.
+    - **TaskFlow recovery**: surfaces suspicious managed TaskFlows that need manual inspection or cancellation.
 
   </Accordion>
   <Accordion title="11b. Bootstrap file size">

docs/gateway/protocol.md

@@ -445,7 +445,6 @@ enumeration of `src/gateway/server-methods/*.ts`.
     - `sessions.get` returns the full stored session row.
     - Chat execution still uses `chat.history`, `chat.send`, `chat.abort`, and `chat.inject`. `chat.history` is display-normalized for UI clients: inline directive tags are stripped from visible text, plain-text tool-call XML payloads (including `<tool_call>...</tool_call>`, `<function_call>...</function_call>`, `<tool_calls>...</tool_calls>`, `<function_calls>...</function_calls>`, and truncated tool-call blocks) and leaked ASCII/full-width model control tokens are stripped, pure silent-token assistant rows such as exact `NO_REPLY` / `no_reply` are omitted, and oversized rows can be replaced with placeholders.
     - `chat.message.get` is the additive bounded full-message reader for a single visible transcript entry. Clients pass `sessionKey`, optional `agentId` when the session selection is agent-scoped, plus a transcript `messageId` previously surfaced through `chat.history`, and the Gateway returns the same display-normalized projection without the lightweight history truncation cap when the stored entry is still available and not oversized.
-    - `chat.send` accepts one-turn `fastMode: "auto"` to use fast mode for model calls started before the auto cutoff, then start later retry, fallback, tool-result, or continuation calls without fast mode. The cutoff defaults to 60 seconds and can be configured per model with `agents.defaults.models["<provider>/<model>"].params.fastAutoOnSeconds`. A `chat.send` caller can pass one-turn `fastAutoOnSeconds` to override the cutoff for that request.
 
   </Accordion>
 

docs/help/faq-models.md

@@ -174,7 +174,6 @@ troubleshooting, see the main [FAQ](/help/faq).
 
     - **Per session:** send `/fast on` while the session is using `openai/gpt-5.5`.
     - **Per model default:** set `agents.defaults.models["openai/gpt-5.5"].params.fastMode` to `true`.
-    - **Automatic cutoff:** use `/fast auto` or `params.fastMode: "auto"` to start new model calls fast until the auto cutoff, then start later retry, fallback, tool-result, or continuation calls without fast mode. The cutoff defaults to 60 seconds; set `params.fastAutoOnSeconds` on the active model to change it.
 
     Example:
 
@@ -185,8 +184,7 @@ troubleshooting, see the main [FAQ](/help/faq).
           models: {
             "openai/gpt-5.5": {
               params: {
-                fastMode: "auto",
-                fastAutoOnSeconds: 30,
+                fastMode: true,
               },
             },
           },
@@ -195,7 +193,7 @@ troubleshooting, see the main [FAQ](/help/faq).
     }
     ```
 
-    For OpenAI, fast mode maps to `service_tier = "priority"` on supported native Responses requests. Session `/fast` overrides beat config defaults. Codex app-server turns can only receive the tier at turn start, so `auto` applies on the next OpenClaw-started model turn rather than inside one already-running app-server turn.
+    For OpenAI, fast mode maps to `service_tier = "priority"` on supported native Responses requests. Session `/fast` overrides beat config defaults.
 
     See [Thinking and fast mode](/tools/thinking) and [OpenAI fast mode](/providers/openai#fast-mode).
 

docs/nodes/voicewake.md

@@ -15,15 +15,18 @@ OpenClaw treats **wake words as a single global list** owned by the **Gateway**.
 
 ## Storage (Gateway host)
 
-Wake words are stored on the gateway machine at:
+Wake words and routing rules are stored in the gateway state database:
 
-- `~/.openclaw/settings/voicewake.json`
+- `~/.openclaw/state/openclaw.sqlite`
 
-Shape:
+The active tables are:
 
-```json
-{ "triggers": ["openclaw", "claude", "computer"], "updatedAtMs": 1730000000000 }
-```
+- `voicewake_triggers`
+- `voicewake_routing_config`
+- `voicewake_routing_routes`
+
+Legacy `settings/voicewake.json` and `settings/voicewake-routing.json` files are
+doctor migration inputs only; runtime reads and writes the SQLite tables.
 
 ## Protocol
 

docs/plugins/building-plugins.md

@@ -145,6 +145,11 @@ local proof.
     Use `definePluginEntry` for non-channel plugins. Channel plugins use
     `defineChannelPluginEntry`.
 
+    Tool handlers may accept an optional fifth execution-context argument when
+    they need runtime-owned facts for the current call. The context includes the
+    active `runId`, effective `sessionKey`, ephemeral `sessionId`, owning
+    `agentId`, and ambient `deliveryContext` when those values are available.
+
   </Step>
 
   <Step title="Test the runtime">

docs/plugins/copilot.md

@@ -33,15 +33,12 @@ For the broader model/provider/runtime split, start with
 - A GitHub Copilot subscription that can drive the Copilot CLI (or a
   `gitHubToken` env / auth-profile entry for headless / cron runs).
 - A writable `copilotHome` directory. The harness defaults to
-  `~/.openclaw/agents/<agentId>/copilot` for full per-agent isolation. The
-  platform default (`%APPDATA%\copilot` on Windows, `$XDG_CONFIG_HOME/copilot`
-  or `~/.config/copilot` elsewhere) is used as the doctor probe fallback when
-  no explicit home is set.
+  `<agentDir>/copilot` when OpenClaw provides an agent directory, otherwise
+  `~/.openclaw/agents/<agentId>/copilot` for full per-agent isolation.
 
 `openclaw doctor` runs the plugin
-[doctor contract](#doctor-and-probes) for the extension; failures there are
-the canonical way to confirm the environment is ready before opting an agent
-in.
+[doctor contract](#doctor) for declarative session-state ownership and future
+compatibility migrations. It does not run Copilot CLI environment probes.
 
 ## Plugin install
 
@@ -153,10 +150,6 @@ the same directory), or `~/.openclaw/agents/<agentId>/copilot` otherwise.
 Override with `copilotHome: <path>` on the attempt input when you need a
 custom location (for example, a shared mount for migration).
 
-`probeCopilotAuthShape` (see [Doctor and probes](#doctor-and-probes)) is the
-pure shape check that validates which of the modes above will be used.
-It does not perform a live SDK handshake.
-
 ## Configuration surface
 
 The harness reads its config from per-attempt input
@@ -239,7 +232,7 @@ asserted in
 [`extensions/copilot/harness.test.ts`](https://github.com/openclaw/openclaw/blob/main/extensions/copilot/harness.test.ts)
 under `describe("runSideQuestion")`.
 
-## Doctor and probes
+## Doctor
 
 `extensions/copilot/doctor-contract-api.ts` is auto-loaded by
 `src/plugins/doctor-contract-registry.ts`. It contributes:
@@ -251,18 +244,6 @@ under `describe("runSideQuestion")`.
   runtime `copilot`; CLI session key `copilot`; auth profile
   prefix `github-copilot:`.
 
-`extensions/copilot/src/doctor-probes.ts` exports three imperative probes
-that hosts (including `openclaw doctor`) can call to verify the environment:
-
-| Probe                      | What it checks                                                                    | Reasons it can fail                                                              |
-| -------------------------- | --------------------------------------------------------------------------------- | -------------------------------------------------------------------------------- |
-| `probeCopilotCliVersion`   | `copilot --version` exits 0 with a non-empty version string                       | `non-zero-exit`, `empty-version`, `spawn-failed`, `spawn-error`, `probe-timeout` |
-| `probeCopilotHomeWritable` | `mkdir -p copilotHome` + write + rm a marker file                                 | `copilothome-not-writable` (with the underlying fs error in `details.rawError`)  |
-| `probeCopilotAuthShape`    | At least one of `useLoggedInUser`, `gitHubToken`, or `profileId`+`profileVersion` | `no-auth-source`                                                                 |
-
-Each probe accepts a DI seam (`spawnFn`, `fsApi`) so tests do not spawn the
-real Copilot CLI or touch the host fs.
-
 ## Limitations
 
 - The harness only claims the canonical `github-copilot` provider at MVP.

docs/plugins/sdk-migration.md

@@ -238,9 +238,11 @@ releases.
     `api.runtime.config.writeConfigFile(...)` directly. Prefer config that was
     already passed into the active call path. Long-lived handlers that need the
     current process snapshot can use `api.runtime.config.current()`. Long-lived
-    agent tools should use the tool context's `ctx.getRuntimeConfig()` inside
-    `execute` so a tool created before a config write still sees the refreshed
-    runtime config.
+    factory-created agent tools should use the tool factory context's
+    `ctx.getRuntimeConfig()` inside `execute` so a tool created before a config
+    write still sees the refreshed runtime config. For per-call run, session, or
+    delivery facts, use the tool execution context rather than closing over the
+    factory context.
 
     Config writes must go through the transactional helpers and choose an
     after-write policy:

docs/plugins/sdk-subpaths.md

@@ -247,7 +247,7 @@ usage endpoint failed or returned no usable usage data.
     | `plugin-sdk/reply-history` | Shared short-window reply-history helpers. New message-turn code should use `createChannelHistoryWindow`; lower-level map helpers remain deprecated compatibility exports only |
     | `plugin-sdk/reply-reference` | `createReplyReferencePlanner` |
     | `plugin-sdk/reply-chunking` | Narrow text/markdown chunking helpers |
-    | `plugin-sdk/session-store-runtime` | Session workflow helpers (`getSessionEntry`, `listSessionEntries`, `patchSessionEntry`, `upsertSessionEntry`), legacy session store path/session-key helpers, updated-at reads, and transition-only whole-store/file-path compatibility helpers |
+    | `plugin-sdk/session-store-runtime` | Session workflow helpers (`getSessionEntry`, `listSessionEntries`, `patchSessionEntry`, `upsertSessionEntry`), bounded recent user/assistant transcript text reads by session identity, legacy session store path/session-key helpers, updated-at reads, and transition-only whole-store/file-path compatibility helpers |
     | `plugin-sdk/session-transcript-runtime` | Transcript identity, scoped target/read/write helpers, update publishing, write locks, and transcript memory hit keys |
     | `plugin-sdk/sqlite-runtime` | Focused SQLite agent-schema, path, and transaction helpers for first-party runtime |
     | `plugin-sdk/cron-store-runtime` | Cron store path/load/save helpers |

docs/plugins/tool-plugins.md

@@ -151,6 +151,14 @@ Factories are still for fixed tool names. Use `definePluginEntry` directly when
 the plugin computes tool names dynamically or combines tools with hooks,
 services, providers, commands, or other runtime surfaces.
 
+Factory context is construction-time state. Use it to decide whether the tool
+exists for the run or to bind stable helpers. Per-call state belongs in the
+execution context: static tool-plugin `execute` handlers receive it as fields on
+their third `context` argument, and factory-created `AgentTool.execute`
+handlers receive it as the optional fifth argument. The execution context
+includes `runId`, effective `sessionKey`, `sessionId`, `agentId`, and
+`deliveryContext` when OpenClaw knows those values.
+
 ## Return values
 
 `defineToolPlugin` wraps plain return values into the OpenClaw tool-result

docs/providers/openai.md

@@ -915,17 +915,17 @@ the Server-side compaction accordion below.
   <Accordion title="Fast mode">
     OpenClaw exposes a shared fast-mode toggle for `openai/*`:
 
-    - **Chat/UI:** `/fast status|auto|on|off`
+    - **Chat/UI:** `/fast status|on|off`
     - **Config:** `agents.defaults.models["<provider>/<model>"].params.fastMode`
 
-    When enabled, OpenClaw maps fast mode to OpenAI priority processing (`service_tier = "priority"`). Existing `service_tier` values are preserved, and fast mode does not rewrite `reasoning` or `text.verbosity`. `fastMode: "auto"` starts new model calls fast until the auto cutoff, then starts later retry, fallback, tool-result, or continuation calls without fast mode. The cutoff defaults to 60 seconds; set `params.fastAutoOnSeconds` on the active model to change it.
+    When enabled, OpenClaw maps fast mode to OpenAI priority processing (`service_tier = "priority"`). Existing `service_tier` values are preserved, and fast mode does not rewrite `reasoning` or `text.verbosity`.
 
     ```json5
     {
       agents: {
         defaults: {
           models: {
-            "openai/gpt-5.5": { params: { fastMode: "auto", fastAutoOnSeconds: 30 } },
+            "openai/gpt-5.5": { params: { fastMode: true } },
           },
         },
       },

docs/reference/secretref-credential-surface.md

@@ -72,10 +72,12 @@ Scope intent:
 - `channels.telegram.accounts.*.webhookSecret`
 - `channels.slack.botToken`
 - `channels.slack.appToken`
+- `channels.slack.relay.authToken`
 - `channels.slack.userToken`
 - `channels.slack.signingSecret`
 - `channels.slack.accounts.*.botToken`
 - `channels.slack.accounts.*.appToken`
+- `channels.slack.accounts.*.relay.authToken`
 - `channels.slack.accounts.*.userToken`
 - `channels.slack.accounts.*.signingSecret`
 - `channels.sms.authToken`

docs/reference/secretref-user-supplied-credentials-matrix.json

@@ -295,6 +295,13 @@
       "secretShape": "secret_input",
       "optIn": true
     },
+    {
+      "id": "channels.slack.accounts.*.relay.authToken",
+      "configFile": "openclaw.json",
+      "path": "channels.slack.accounts.*.relay.authToken",
+      "secretShape": "secret_input",
+      "optIn": true
+    },
     {
       "id": "channels.slack.accounts.*.signingSecret",
       "configFile": "openclaw.json",
@@ -323,6 +330,13 @@
       "secretShape": "secret_input",
       "optIn": true
     },
+    {
+      "id": "channels.slack.relay.authToken",
+      "configFile": "openclaw.json",
+      "path": "channels.slack.relay.authToken",
+      "secretShape": "secret_input",
+      "optIn": true
+    },
     {
       "id": "channels.slack.signingSecret",
       "configFile": "openclaw.json",

docs/reference/token-use.md

@@ -54,7 +54,7 @@ for bounded runtime excerpts and injected runtime-owned blocks. They are
 separate from bootstrap limits, startup-context limits, and skills prompt
 limits.
 
-`toolResultMaxChars` is an advanced ceiling. When it is unset, OpenClaw chooses
+`toolResultMaxChars` is an advanced ceiling (up to `1000000` characters). When it is unset, OpenClaw chooses
 the live tool-result cap from the effective model context window: `16000` chars
 below 100K tokens, `32000` chars at 100K+ tokens, and `64000` chars at 200K+
 tokens, still bounded by the runtime context-share guard.

docs/tools/slash-commands.md

@@ -198,7 +198,7 @@ plugins.
     | `/think <level\|default>` | Set the thinking level or clear the session override. Aliases: `/thinking`, `/t` |
     | `/verbose on\|off\|full` | Toggle verbose output. Alias: `/v` |
     | `/trace on\|off` | Toggle plugin trace output for the current session |
-    | `/fast [status\|auto\|on\|off\|default]` | Show, set, or clear fast mode |
+    | `/fast [status\|on\|off\|default]` | Show, set, or clear fast mode |
     | `/reasoning [on\|off\|stream]` | Toggle reasoning visibility. Alias: `/reason` |
     | `/elevated [on\|off\|ask\|full]` | Toggle elevated mode. Alias: `/elev` |
     | `/exec host=<auto\|sandbox\|gateway\|node> security=<deny\|allowlist\|full> ask=<off\|on-miss\|always> node=<id>` | Show or set exec defaults |
@@ -211,7 +211,7 @@ plugins.
       <Accordion title="verbose / trace / fast / reasoning safety">
         - `/verbose` is for debugging — keep it **off** in normal use.
         - `/trace` reveals only plugin-owned trace/debug lines; normal verbose chatter stays off.
-        - `/fast auto|on|off` persists a session override; use the Sessions UI `inherit` option to clear it.
+        - `/fast on|off` persists a session override; use the Sessions UI `inherit` option to clear it.
         - `/fast` is provider-specific: OpenAI/Codex map it to `service_tier=priority`; direct Anthropic requests map it to `service_tier=auto` or `standard_only`.
         - `/reasoning`, `/verbose`, and `/trace` are risky in group settings — they may reveal internal reasoning or plugin diagnostics. Keep them off in group chats.
 

docs/tools/thinking.md

@@ -60,22 +60,21 @@ title: "Thinking levels"
 
 ## Fast mode (/fast)
 
-- Levels: `auto|on|off|default`.
-- Directive-only message toggles a session fast-mode override and replies `Fast mode set to auto.`, `Fast mode enabled.`, or `Fast mode disabled.`. Use `/fast default` to clear the session override and inherit the configured default; aliases include `inherit`, `clear`, `reset`, and `unpin`.
+- Levels: `on|off|default`.
+- Directive-only message toggles a session fast-mode override and replies `Fast mode enabled.` / `Fast mode disabled.`. Use `/fast default` to clear the session override and inherit the configured default; aliases include `inherit`, `clear`, `reset`, and `unpin`.
 - Send `/fast` (or `/fast status`) with no mode to see the current effective fast-mode state.
 - OpenClaw resolves fast mode in this order:
-  1. Inline/directive-only `/fast auto|on|off` override (`/fast default` clears this layer)
+  1. Inline/directive-only `/fast on|off` override (`/fast default` clears this layer)
   2. Session override
   3. Per-agent default (`agents.list[].fastModeDefault`)
   4. Per-model config: `agents.defaults.models["<provider>/<model>"].params.fastMode`
   5. Fallback: `off`
-- `auto` keeps the session/config mode as auto but resolves each new model call independently. Calls that start before the auto cutoff have fast mode enabled; later retry, fallback, tool-result, or continuation calls start with fast mode disabled. The cutoff defaults to 60 seconds; set `agents.defaults.models["<provider>/<model>"].params.fastAutoOnSeconds` on the active model to change it.
 - For `openai/*`, fast mode maps to OpenAI priority processing by sending `service_tier=priority` on supported Responses requests.
-- For Codex-backed `openai/*` / `openai-codex/*` models, fast mode sends the same `service_tier=priority` flag on Codex Responses. Native Codex app-server turns receive the tier only on `turn/start` or thread start/resume, so `auto` cannot retier one already-running app-server turn; it applies to the next model turn OpenClaw starts.
+- For Codex-backed `openai/*` models, fast mode sends the same `service_tier=priority` flag on Codex Responses. OpenClaw keeps one shared `/fast` toggle across both auth paths.
 - For direct public `anthropic/*` requests, including OAuth-authenticated traffic sent to `api.anthropic.com`, fast mode maps to Anthropic service tiers: `/fast on` sets `service_tier=auto`, `/fast off` sets `service_tier=standard_only`.
 - For `minimax/*` on the Anthropic-compatible path, `/fast on` (or `params.fastMode: true`) rewrites `MiniMax-M2.7` to `MiniMax-M2.7-highspeed`.
 - Explicit Anthropic `serviceTier` / `service_tier` model params override the fast-mode default when both are set. OpenClaw still skips Anthropic service-tier injection for non-Anthropic proxy base URLs.
-- `/status` shows `Fast` when fast mode is enabled and `Fast:auto` when the configured mode is auto.
+- `/status` shows `Fast` only when fast mode is enabled.
 
 ## Verbose directives (/verbose or /v)
 

extensions/acpx/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/acpx",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/acpx",
-      "version": "2026.6.10",
+      "version": "2026.6.9",
       "dependencies": {
         "@agentclientprotocol/claude-agent-acp": "0.39.0",
         "@zed-industries/codex-acp": "0.15.0",
@@ -701,7 +701,6 @@
       "version": "0.15.0",
       "resolved": "https://registry.npmjs.org/@zed-industries/codex-acp/-/codex-acp-0.15.0.tgz",
       "integrity": "sha512-eAv7sGBeiYrYkOulF729nrM51szS7WIhBtugRj5wWq6csRKZUhAZfoUZlF8xUWdHPtOIzd/eT6MNG6gMHu6z0w==",
-      "deprecated": "This package has been replaced by @agentclientprotocol/codex-acp. Please migrate to continue receiving updates.",
       "license": "Apache-2.0",
       "bin": {
         "codex-acp": "bin/codex-acp.js"
@@ -722,7 +721,6 @@
       "cpu": [
         "arm64"
       ],
-      "deprecated": "This package has been replaced by @agentclientprotocol/codex-acp. Please migrate to continue receiving updates.",
       "license": "Apache-2.0",
       "optional": true,
       "os": [
@@ -739,7 +737,6 @@
       "cpu": [
         "x64"
       ],
-      "deprecated": "This package has been replaced by @agentclientprotocol/codex-acp. Please migrate to continue receiving updates.",
       "license": "Apache-2.0",
       "optional": true,
       "os": [
@@ -756,7 +753,6 @@
       "cpu": [
         "arm64"
       ],
-      "deprecated": "This package has been replaced by @agentclientprotocol/codex-acp. Please migrate to continue receiving updates.",
       "license": "Apache-2.0",
       "optional": true,
       "os": [
@@ -773,7 +769,6 @@
       "cpu": [
         "x64"
       ],
-      "deprecated": "This package has been replaced by @agentclientprotocol/codex-acp. Please migrate to continue receiving updates.",
       "license": "Apache-2.0",
       "optional": true,
       "os": [
@@ -790,7 +785,6 @@
       "cpu": [
         "arm64"
       ],
-      "deprecated": "This package has been replaced by @agentclientprotocol/codex-acp. Please migrate to continue receiving updates.",
       "license": "Apache-2.0",
       "optional": true,
       "os": [
@@ -807,7 +801,6 @@
       "cpu": [
         "x64"
       ],
-      "deprecated": "This package has been replaced by @agentclientprotocol/codex-acp. Please migrate to continue receiving updates.",
       "license": "Apache-2.0",
       "optional": true,
       "os": [

extensions/acpx/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/acpx",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "description": "OpenClaw ACP runtime backend with plugin-owned session and transport management.",
   "repository": {
     "type": "git",
@@ -26,10 +26,10 @@
       "minHostVersion": ">=2026.4.25"
     },
     "compat": {
-      "pluginApi": ">=2026.6.10"
+      "pluginApi": ">=2026.6.9"
     },
     "build": {
-      "openclawVersion": "2026.6.10",
+      "openclawVersion": "2026.6.9",
       "staticAssets": [
         {
           "source": "./src/runtime-internals/mcp-proxy.mjs",

extensions/admin-http-rpc/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/admin-http-rpc",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "private": true,
   "description": "OpenClaw admin HTTP RPC endpoint",
   "type": "module",

extensions/alibaba/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/alibaba-provider",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "private": true,
   "description": "OpenClaw Alibaba Model Studio video provider plugin",
   "type": "module",

extensions/amazon-bedrock-mantle/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/amazon-bedrock-mantle-provider",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/amazon-bedrock-mantle-provider",
-      "version": "2026.6.10",
+      "version": "2026.6.9",
       "dependencies": {
         "@anthropic-ai/sdk": "0.100.1",
         "@aws/bedrock-token-generator": "1.1.0"

extensions/amazon-bedrock-mantle/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/amazon-bedrock-mantle-provider",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "description": "OpenClaw Amazon Bedrock Mantle provider plugin for OpenAI-compatible model routing.",
   "repository": {
     "type": "git",
@@ -24,10 +24,10 @@
       "minHostVersion": ">=2026.5.12-beta.1"
     },
     "compat": {
-      "pluginApi": ">=2026.6.10"
+      "pluginApi": ">=2026.6.9"
     },
     "build": {
-      "openclawVersion": "2026.6.10",
+      "openclawVersion": "2026.6.9",
       "bundledDist": false
     },
     "release": {

extensions/amazon-bedrock/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/amazon-bedrock-provider",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/amazon-bedrock-provider",
-      "version": "2026.6.10",
+      "version": "2026.6.9",
       "dependencies": {
         "@aws-sdk/client-bedrock": "3.1056.0",
         "@aws-sdk/client-bedrock-runtime": "3.1056.0",

extensions/amazon-bedrock/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/amazon-bedrock-provider",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "description": "OpenClaw Amazon Bedrock provider plugin with model discovery, embeddings, and guardrail support.",
   "repository": {
     "type": "git",
@@ -28,10 +28,10 @@
       "minHostVersion": ">=2026.5.12-beta.1"
     },
     "compat": {
-      "pluginApi": ">=2026.6.10"
+      "pluginApi": ">=2026.6.9"
     },
     "build": {
-      "openclawVersion": "2026.6.10",
+      "openclawVersion": "2026.6.9",
       "bundledDist": false
     },
     "release": {

extensions/anthropic-vertex/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/anthropic-vertex-provider",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/anthropic-vertex-provider",
-      "version": "2026.6.10",
+      "version": "2026.6.9",
       "dependencies": {
         "@anthropic-ai/vertex-sdk": "0.16.1"
       }

extensions/anthropic-vertex/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/anthropic-vertex-provider",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "description": "OpenClaw Anthropic Vertex provider plugin for Claude models on Google Vertex AI.",
   "repository": {
     "type": "git",
@@ -23,10 +23,10 @@
       "minHostVersion": ">=2026.5.12-beta.1"
     },
     "compat": {
-      "pluginApi": ">=2026.6.10"
+      "pluginApi": ">=2026.6.9"
     },
     "build": {
-      "openclawVersion": "2026.6.10",
+      "openclawVersion": "2026.6.9",
       "bundledDist": false
     },
     "release": {

extensions/anthropic/cli-shared.test.ts

@@ -10,6 +10,12 @@ import {
   resolveClaudeCliExecutionArgs,
 } from "./cli-shared.js";
 
+function expectDefaultDisallowedTools(args: readonly string[] | undefined) {
+  const disallowedIndex = args?.indexOf("--disallowedTools") ?? -1;
+  expect(disallowedIndex).toBeGreaterThanOrEqual(0);
+  expect(args?.[disallowedIndex + 1]).toBe("ScheduleWakeup,CronCreate");
+}
+
 describe("normalizeClaudePermissionArgs", () => {
   it("leaves args alone when they omit permission flags", () => {
     expect(
@@ -356,8 +362,10 @@ describe("normalizeClaudeBackendConfig", () => {
     expect(backend.config.input).toBe("stdin");
     expect(backend.config.args).toContain("--setting-sources");
     expect(backend.config.args).toContain("user");
+    expectDefaultDisallowedTools(backend.config.args);
     expect(backend.config.resumeArgs).toContain("--setting-sources");
     expect(backend.config.resumeArgs).toContain("user");
+    expectDefaultDisallowedTools(backend.config.resumeArgs);
     expect(backend.config.clearEnv).toEqual([...CLAUDE_CLI_CLEAR_ENV]);
     expect(backend.config.clearEnv).toContain("ANTHROPIC_API_TOKEN");
     expect(backend.config.clearEnv).toContain("ANTHROPIC_BASE_URL");

extensions/anthropic/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/anthropic-provider",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "private": true,
   "description": "OpenClaw Anthropic provider plugin",
   "type": "module",

extensions/anthropic/stream-wrappers.test.ts

@@ -8,7 +8,6 @@ import {
   createAnthropicServiceTierWrapper,
   createAnthropicThinkingPrefillWrapper,
   resolveAnthropicBetas,
-  resolveAnthropicFastMode,
   wrapAnthropicProviderStream,
 } from "./stream-wrappers.js";
 
@@ -173,10 +172,6 @@ describe("anthropic stream wrappers", () => {
     expect(captured.headers?.["anthropic-beta"]).toContain(OAUTH_BETA);
     expect(captured.headers?.["anthropic-beta"]).not.toContain(CONTEXT_1M_BETA);
   });
-
-  it("ignores unresolved auto fast mode at the provider boundary", () => {
-    expect(resolveAnthropicFastMode({ fastMode: "auto" })).toBeUndefined();
-  });
 });
 
 describe("createAnthropicThinkingPrefillWrapper", () => {
@@ -287,19 +282,6 @@ describe("Anthropic service_tier payload wrappers", () => {
     expect(payload?.service_tier).toBe("standard_only");
   });
 
-  it("fast mode resolves dynamic service_tier for each stream call", () => {
-    let enabled = true;
-    const first = runPayloadWrapper({ apiKey: "sk-ant-api03-test-key" }, (base) =>
-      createAnthropicFastModeWrapper(base, () => enabled),
-    );
-    enabled = false;
-    const second = runPayloadWrapper({ apiKey: "sk-ant-api03-test-key" }, (base) =>
-      createAnthropicFastModeWrapper(base, () => enabled),
-    );
-    expect(first?.service_tier).toBe("auto");
-    expect(second?.service_tier).toBe("standard_only");
-  });
-
   it("explicit service tier injects service_tier=standard_only for regular API keys", () => {
     const payload = serviceTierWrapperCases[1].run({
       apiKey: "sk-ant-api03-test-key",

extensions/anthropic/stream-wrappers.ts

@@ -44,7 +44,6 @@ const OPENCLAW_OAUTH_ANTHROPIC_BETAS = [
 ] as const;
 
 type AnthropicServiceTier = "auto" | "standard_only";
-type DynamicFastMode = boolean | (() => boolean | undefined);
 
 function isAnthropic1MModel(modelId: string): boolean {
   const normalized = normalizeLowercaseStringOrEmpty(modelId);
@@ -158,20 +157,9 @@ export function createAnthropicBetaHeadersWrapper(
 /** Wrap a stream function with the Anthropic fast-mode service tier. */
 export function createAnthropicFastModeWrapper(
   baseStreamFn: StreamFn | undefined,
-  enabled: DynamicFastMode,
+  enabled: boolean,
 ): StreamFn {
-  const underlying = baseStreamFn ?? streamSimple;
-  return (model, context, options) => {
-    const resolved = typeof enabled === "function" ? enabled() : enabled;
-    if (resolved === undefined) {
-      return underlying(model, context, options);
-    }
-    return createAnthropicServiceTierWrapper(underlying, resolveAnthropicFastServiceTier(resolved))(
-      model,
-      context,
-      options,
-    );
-  };
+  return createAnthropicServiceTierWrapper(baseStreamFn, resolveAnthropicFastServiceTier(enabled));
 }
 
 /** Wrap a stream function with an explicit Anthropic service tier when allowed. */
@@ -216,12 +204,9 @@ export function createAnthropicThinkingPrefillWrapper(
 export function resolveAnthropicFastMode(
   extraParams: Record<string, unknown> | undefined,
 ): boolean | undefined {
-  const raw = extraParams?.fastMode ?? extraParams?.fast_mode;
-  const fastMode =
-    typeof raw === "function"
-      ? normalizeFastMode((raw as () => unknown)() as string | boolean | null | undefined)
-      : normalizeFastMode(raw as string | boolean | null | undefined);
-  return fastMode === "auto" ? undefined : fastMode;
+  return normalizeFastMode(
+    (extraParams?.fastMode ?? extraParams?.fast_mode) as string | boolean | null | undefined,
+  );
 }
 
 /** Resolve Anthropic service tier from model extra params. */
@@ -247,9 +232,7 @@ export function wrapAnthropicProviderStream(
     hasConfiguredAnthropicBeta(ctx.extraParams) ||
     (ctx.extraParams?.context1m === true && isAnthropic1MModel(ctx.modelId));
   const serviceTier = resolveAnthropicServiceTier(ctx.extraParams);
-  const hasFastModeParam =
-    ctx.extraParams !== undefined &&
-    (Object.hasOwn(ctx.extraParams, "fastMode") || Object.hasOwn(ctx.extraParams, "fast_mode"));
+  const fastMode = resolveAnthropicFastMode(ctx.extraParams);
   return composeProviderStreamWrappers(
     ctx.streamFn,
     needsAnthropicBetaWrapper
@@ -258,9 +241,8 @@ export function wrapAnthropicProviderStream(
     serviceTier
       ? (streamFn) => createAnthropicServiceTierWrapper(streamFn, serviceTier)
       : undefined,
-    hasFastModeParam
-      ? (streamFn) =>
-          createAnthropicFastModeWrapper(streamFn, () => resolveAnthropicFastMode(ctx.extraParams))
+    fastMode !== undefined
+      ? (streamFn) => createAnthropicFastModeWrapper(streamFn, fastMode)
       : undefined,
     (streamFn) => createAnthropicThinkingPrefillWrapper(streamFn),
   );

extensions/arcee/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/arcee-provider",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/arcee-provider",
-      "version": "2026.6.10"
+      "version": "2026.6.9"
     }
   }
 }

extensions/arcee/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/arcee-provider",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "description": "OpenClaw Arcee provider plugin.",
   "repository": {
     "type": "git",
@@ -21,10 +21,10 @@
       "minHostVersion": ">=2026.6.8"
     },
     "compat": {
-      "pluginApi": ">=2026.6.10"
+      "pluginApi": ">=2026.6.9"
     },
     "build": {
-      "openclawVersion": "2026.6.10",
+      "openclawVersion": "2026.6.9",
       "bundledDist": false
     },
     "release": {

extensions/azure-speech/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/azure-speech",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "private": true,
   "description": "OpenClaw Azure Speech plugin",
   "type": "module",

extensions/bonjour/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/bonjour",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "description": "OpenClaw Bonjour/mDNS gateway discovery",
   "type": "module",
   "dependencies": {

extensions/brave/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/brave-plugin",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/brave-plugin",
-      "version": "2026.6.10"
+      "version": "2026.6.9"
     }
   }
 }

extensions/brave/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/brave-plugin",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "description": "OpenClaw Brave Search provider plugin for web search.",
   "repository": {
     "type": "git",
@@ -21,10 +21,10 @@
       "allowInvalidConfigRecovery": true
     },
     "compat": {
-      "pluginApi": ">=2026.6.10"
+      "pluginApi": ">=2026.6.9"
     },
     "build": {
-      "openclawVersion": "2026.6.10"
+      "openclawVersion": "2026.6.9"
     },
     "release": {
       "publishToClawHub": true,

extensions/browser/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/browser-plugin",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "private": true,
   "description": "OpenClaw browser tool plugin",
   "type": "module",

extensions/browser/src/browser/cdp-proxy-bypass.test.ts

@@ -9,6 +9,23 @@ const { registerManagedProxyBrowserCdpBypassMock } = vi.hoisted(() => ({
   ),
 }));
 
+function createDeferred<T = void>(): {
+  promise: Promise<T>;
+  resolve: (value: T | PromiseLike<T>) => void;
+  reject: (reason?: unknown) => void;
+} {
+  let resolve: ((value: T | PromiseLike<T>) => void) | undefined;
+  let reject: ((reason?: unknown) => void) | undefined;
+  const promise = new Promise<T>((resolvePromise, rejectPromise) => {
+    resolve = resolvePromise;
+    reject = rejectPromise;
+  });
+  if (!resolve || !reject) {
+    throw new Error("Expected deferred callbacks to be initialized");
+  }
+  return { promise, resolve, reject };
+}
+
 vi.mock("openclaw/plugin-sdk/ssrf-runtime-internal", () => ({
   registerManagedProxyBrowserCdpBypass: registerManagedProxyBrowserCdpBypassMock,
 }));
@@ -29,19 +46,6 @@ beforeEach(() => {
   registerManagedProxyBrowserCdpBypassMock.mockImplementation(() => undefined);
 });
 
-function createDeferred<T = void>() {
-  let resolve: ((value: T | PromiseLike<T>) => void) | undefined;
-  let reject: ((reason?: unknown) => void) | undefined;
-  const promise = new Promise<T>((res, rej) => {
-    resolve = res;
-    reject = rej;
-  });
-  if (!resolve || !reject) {
-    throw new Error("Expected deferred callbacks to be initialized");
-  }
-  return { promise, resolve, reject };
-}
-
 async function withIsolatedNoProxyEnv(fn: () => Promise<void>) {
   const origNoProxy = process.env.NO_PROXY;
   const origNoProxyLower = process.env.no_proxy;

extensions/browser/src/browser/runtime-lifecycle.ts

@@ -1,12 +1,11 @@
 /**
- * Browser plugin runtime lifecycle helpers for startup relay setup and shutdown
- * cleanup.
+ * Browser plugin runtime lifecycle helpers for startup and shutdown cleanup.
  */
 import type { Server } from "node:http";
 import { getPwAiModule } from "./pw-ai-module.js";
 import { isPwAiLoaded } from "./pw-ai-state.js";
 import type { BrowserServerState } from "./server-context.js";
-import { ensureExtensionRelayForProfiles, stopKnownBrowserProfiles } from "./server-lifecycle.js";
+import { stopKnownBrowserProfiles } from "./server-lifecycle.js";
 import { startTrackedBrowserTabCleanupTimer } from "./session-tab-cleanup.js";
 import { registerBrowserUnhandledRejectionHandler } from "./unhandled-rejections.js";
 
@@ -27,10 +26,6 @@ export async function createBrowserRuntimeState(params: {
     onWarn: params.onWarn,
   });
 
-  await ensureExtensionRelayForProfiles({
-    resolved: params.resolved,
-    onWarn: params.onWarn,
-  });
   state.stopUnhandledRejectionHandler = registerBrowserUnhandledRejectionHandler();
 
   return state;

extensions/browser/src/browser/runtime-lifecycle.unhandled-rejections.test.ts

@@ -19,7 +19,6 @@ const { getUnhandledRejectionHandlers, registerUnhandledRejectionHandlerMock, re
   });
 
 const {
-  ensureExtensionRelayForProfilesMock,
   getPwAiModuleMock,
   isPwAiLoadedMock,
   startTrackedBrowserTabCleanupTimerMock,
@@ -28,7 +27,6 @@ const {
 } = vi.hoisted(() => {
   const trackedTabCleanupMockLocal = vi.fn();
   return {
-    ensureExtensionRelayForProfilesMock: vi.fn(async () => {}),
     getPwAiModuleMock: vi.fn(),
     isPwAiLoadedMock: vi.fn(() => false),
     startTrackedBrowserTabCleanupTimerMock: vi.fn(() => trackedTabCleanupMockLocal),
@@ -42,7 +40,6 @@ vi.mock("openclaw/plugin-sdk/runtime-env", () => ({
 }));
 
 vi.mock("./server-lifecycle.js", () => ({
-  ensureExtensionRelayForProfiles: ensureExtensionRelayForProfilesMock,
   stopKnownBrowserProfiles: stopKnownBrowserProfilesMock,
 }));
 
@@ -64,7 +61,6 @@ const { isPlaywrightDialogRaceUnhandledRejection } = await import("./unhandled-r
 beforeEach(() => {
   resetHandlers();
   registerUnhandledRejectionHandlerMock.mockClear();
-  ensureExtensionRelayForProfilesMock.mockClear();
   getPwAiModuleMock.mockClear();
   isPwAiLoadedMock.mockReset().mockReturnValue(false);
   startTrackedBrowserTabCleanupTimerMock.mockClear();

extensions/browser/src/browser/server-lifecycle.test.ts

@@ -19,8 +19,7 @@ vi.mock("./server-context.js", () => ({
   listKnownProfileNames: listKnownProfileNamesMock,
 }));
 
-const { ensureExtensionRelayForProfiles, stopKnownBrowserProfiles } =
-  await import("./server-lifecycle.js");
+const { stopKnownBrowserProfiles } = await import("./server-lifecycle.js");
 
 beforeEach(() => {
   createBrowserRouteContextMock.mockClear();
@@ -28,17 +27,6 @@ beforeEach(() => {
   stopOpenClawChromeMock.mockClear();
 });
 
-describe("ensureExtensionRelayForProfiles", () => {
-  it("is a no-op after removing the Chrome extension relay path", async () => {
-    await expect(
-      ensureExtensionRelayForProfiles({
-        resolved: { profiles: {} } as never,
-        onWarn: vi.fn(),
-      }),
-    ).resolves.toBeUndefined();
-  });
-});
-
 describe("stopKnownBrowserProfiles", () => {
   it("stops all known profiles and ignores per-profile failures", async () => {
     listKnownProfileNamesMock.mockReturnValue(["openclaw", "user"]);

extensions/browser/src/browser/server-lifecycle.ts

@@ -1,24 +1,13 @@
 /**
- * Browser server lifecycle helpers for relay setup and profile shutdown.
+ * Browser server lifecycle helpers for profile shutdown.
  */
 import { stopOpenClawChrome } from "./chrome.js";
-import type { ResolvedBrowserConfig } from "./config.js";
 import {
   type BrowserServerState,
   createBrowserRouteContext,
   listKnownProfileNames,
 } from "./server-context.js";
 
-/** Ensures extension relay compatibility hooks for configured profiles. */
-export async function ensureExtensionRelayForProfiles(_params: {
-  resolved: ResolvedBrowserConfig;
-  onWarn: (message: string) => void;
-}) {
-  // Intentional no-op: the Chrome extension relay path has been removed.
-  // runtime-lifecycle still calls this helper, so keep the stub until the next
-  // breaking cleanup rather than changing the call graph in a patch release.
-}
-
 /** Stops every known Browser profile during runtime shutdown. */
 export async function stopKnownBrowserProfiles(params: {
   getState: () => BrowserServerState | null;

extensions/browser/src/browser/server.auth-fail-closed.test.ts

@@ -20,7 +20,6 @@ const mocks = vi.hoisted(() => ({
   }),
   resolveBrowserControlAuth: vi.fn(() => ({})),
   shouldAutoGenerateBrowserAuth: vi.fn(() => true),
-  ensureExtensionRelayForProfiles: vi.fn(async () => {}),
 }));
 
 vi.mock("../config/config.js", async () => {
@@ -69,7 +68,6 @@ vi.mock("./server-context.js", () => ({
 }));
 
 vi.mock("./server-lifecycle.js", () => ({
-  ensureExtensionRelayForProfiles: mocks.ensureExtensionRelayForProfiles,
   stopKnownBrowserProfiles: vi.fn(async () => {}),
 }));
 
@@ -85,7 +83,6 @@ describe("browser control auth bootstrap failures", () => {
     mocks.ensureBrowserControlAuth.mockClear();
     mocks.resolveBrowserControlAuth.mockClear();
     mocks.shouldAutoGenerateBrowserAuth.mockClear();
-    mocks.ensureExtensionRelayForProfiles.mockClear();
   });
 
   afterEach(async () => {
@@ -98,7 +95,6 @@ describe("browser control auth bootstrap failures", () => {
     expect(started).toBeNull();
     expect(mocks.ensureBrowserControlAuth).toHaveBeenCalledTimes(1);
     expect(mocks.resolveBrowserControlAuth).toHaveBeenCalledTimes(1);
-    expect(mocks.ensureExtensionRelayForProfiles).not.toHaveBeenCalled();
   });
 
   it("fails closed when auth bootstrap resolves empty auth in production-like mode", async () => {
@@ -111,7 +107,6 @@ describe("browser control auth bootstrap failures", () => {
     expect(started).toBeNull();
     expect(mocks.ensureBrowserControlAuth).toHaveBeenCalledTimes(1);
     expect(mocks.resolveBrowserControlAuth).toHaveBeenCalledTimes(1);
-    expect(mocks.ensureExtensionRelayForProfiles).not.toHaveBeenCalled();
   });
 
   it("fails closed when password mode has no resolved password", async () => {
@@ -123,7 +118,6 @@ describe("browser control auth bootstrap failures", () => {
     const started = await startBrowserControlServerFromConfig();
 
     expect(started).toBeNull();
-    expect(mocks.ensureExtensionRelayForProfiles).not.toHaveBeenCalled();
   });
 
   it("fails closed when password mode drops an inactive token but has no password", async () => {
@@ -136,6 +130,5 @@ describe("browser control auth bootstrap failures", () => {
     const started = await startBrowserControlServerFromConfig();
 
     expect(started).toBeNull();
-    expect(mocks.ensureExtensionRelayForProfiles).not.toHaveBeenCalled();
   });
 });

extensions/browser/src/gateway/browser-request.shared-control-state.test.ts

@@ -9,7 +9,6 @@ const mocks = vi.hoisted(() => ({
   ensureBrowserControlAuth: vi.fn(async () => ({ auth: {} })),
   resolveBrowserControlAuth: vi.fn(() => ({})),
   shouldAutoGenerateBrowserAuth: vi.fn(() => false),
-  ensureExtensionRelayForProfiles: vi.fn(async () => {}),
   stopKnownBrowserProfiles: vi.fn(async () => {}),
   isChromeReachable: vi.fn(async () => false),
   isChromeCdpReady: vi.fn(async () => false),
@@ -32,7 +31,6 @@ vi.mock("../browser/control-auth.js", () => ({
 }));
 
 vi.mock("../browser/server-lifecycle.js", () => ({
-  ensureExtensionRelayForProfiles: mocks.ensureExtensionRelayForProfiles,
   stopKnownBrowserProfiles: mocks.stopKnownBrowserProfiles,
 }));
 

extensions/byteplus/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/byteplus-provider",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "private": true,
   "description": "OpenClaw BytePlus provider plugin",
   "type": "module",

extensions/canvas/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/canvas-plugin",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "private": true,
   "description": "OpenClaw Canvas plugin",
   "type": "module",

extensions/cerebras/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/cerebras-provider",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/cerebras-provider",
-      "version": "2026.6.10"
+      "version": "2026.6.9"
     }
   }
 }

extensions/cerebras/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/cerebras-provider",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "description": "OpenClaw Cerebras provider plugin.",
   "repository": {
     "type": "git",
@@ -21,10 +21,10 @@
       "minHostVersion": ">=2026.6.8"
     },
     "compat": {
-      "pluginApi": ">=2026.6.10"
+      "pluginApi": ">=2026.6.9"
     },
     "build": {
-      "openclawVersion": "2026.6.10",
+      "openclawVersion": "2026.6.9",
       "bundledDist": false
     },
     "release": {

extensions/chutes/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/chutes-provider",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/chutes-provider",
-      "version": "2026.6.10"
+      "version": "2026.6.9"
     }
   }
 }

extensions/chutes/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/chutes-provider",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "description": "OpenClaw Chutes.ai provider plugin.",
   "repository": {
     "type": "git",
@@ -21,10 +21,10 @@
       "minHostVersion": ">=2026.6.8"
     },
     "compat": {
-      "pluginApi": ">=2026.6.10"
+      "pluginApi": ">=2026.6.9"
     },
     "build": {
-      "openclawVersion": "2026.6.10",
+      "openclawVersion": "2026.6.9",
       "bundledDist": false
     },
     "release": {

extensions/clickclack/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/clickclack",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "private": true,
   "description": "OpenClaw ClickClack channel plugin",
   "type": "module",
@@ -18,7 +18,7 @@
     "openclaw": "2026.5.28"
   },
   "peerDependencies": {
-    "openclaw": ">=2026.6.10"
+    "openclaw": ">=2026.6.9"
   },
   "peerDependenciesMeta": {
     "openclaw": {

extensions/cloudflare-ai-gateway/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/cloudflare-ai-gateway-provider",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/cloudflare-ai-gateway-provider",
-      "version": "2026.6.10"
+      "version": "2026.6.9"
     }
   }
 }

extensions/cloudflare-ai-gateway/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/cloudflare-ai-gateway-provider",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "description": "OpenClaw Cloudflare AI Gateway provider plugin.",
   "repository": {
     "type": "git",
@@ -21,10 +21,10 @@
       "minHostVersion": ">=2026.6.8"
     },
     "compat": {
-      "pluginApi": ">=2026.6.10"
+      "pluginApi": ">=2026.6.9"
     },
     "build": {
-      "openclawVersion": "2026.6.10",
+      "openclawVersion": "2026.6.9",
       "bundledDist": false
     },
     "release": {

extensions/codex-supervisor/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/codex-supervisor",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "private": true,
   "description": "OpenClaw Codex app-server fleet supervision plugin.",
   "type": "module",

extensions/codex/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/codex",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/codex",
-      "version": "2026.6.10",
+      "version": "2026.6.9",
       "dependencies": {
         "@openai/codex": "0.139.0",
         "typebox": "1.1.39",

extensions/codex/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/codex",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "description": "OpenClaw Codex app-server harness and model provider plugin with a Codex-managed GPT catalog.",
   "repository": {
     "type": "git",
@@ -34,10 +34,10 @@
       ]
     },
     "compat": {
-      "pluginApi": ">=2026.6.10"
+      "pluginApi": ">=2026.6.9"
     },
     "build": {
-      "openclawVersion": "2026.6.10"
+      "openclawVersion": "2026.6.9"
     },
     "release": {
       "publishToClawHub": true,

extensions/codex/src/app-server/attempt-notifications.ts

@@ -189,23 +189,7 @@ export function isRawToolOutputCompletionNotification(
     return false;
   }
   const item = isJsonObject(notification.params.item) ? notification.params.item : undefined;
-  switch (item ? readString(item, "type") : undefined) {
-    case "custom_tool_call_output":
-    case "function_call_output":
-      return true;
-    default:
-      return false;
-  }
-}
-
-export function isRawFunctionToolOutputCompletionNotification(
-  notification: CodexServerNotification,
-): boolean {
-  if (notification.method !== "rawResponseItem/completed" || !isJsonObject(notification.params)) {
-    return false;
-  }
-  const item = isJsonObject(notification.params.item) ? notification.params.item : undefined;
-  return item ? readString(item, "type") === "function_call_output" : false;
+  return item ? readString(item, "type") === "custom_tool_call_output" : false;
 }
 
 /** Returns true for progress on Codex-native tool item types. */

extensions/codex/src/app-server/config.ts

@@ -188,7 +188,7 @@ export type CodexAppServerRuntimeOptions = {
   approvalPolicySource?: CodexAppServerApprovalPolicySource;
   sandbox: CodexAppServerSandboxMode;
   approvalsReviewer: CodexAppServerApprovalsReviewer;
-  serviceTier?: CodexServiceTier | null;
+  serviceTier?: CodexServiceTier;
   networkProxy?: ResolvedCodexAppServerNetworkProxyConfig;
 };
 

extensions/codex/src/app-server/dynamic-tool-build.test.ts

@@ -961,6 +961,26 @@ describe("Codex app-server dynamic tool build", () => {
     });
   });
 
+  it("passes the approval reviewer device into Codex dynamic tools", async () => {
+    const sessionFile = path.join(tempDir, "session.jsonl");
+    const workspaceDir = path.join(tempDir, "workspace");
+    const params = createParams(sessionFile, workspaceDir);
+    params.disableTools = false;
+    params.approvalReviewerDeviceId = "device-ios-reviewer";
+    params.runtimePlan = createCodexRuntimePlanFixture();
+    const factoryOptions: unknown[] = [];
+    setOpenClawCodingToolsFactoryForTests((options) => {
+      factoryOptions.push(options);
+      return [];
+    });
+
+    await buildDynamicToolsForTest(params, workspaceDir, { sandbox: null as never });
+
+    expect(factoryOptions[0]).toMatchObject({
+      approvalReviewerDeviceId: "device-ios-reviewer",
+    });
+  });
+
   it("forwards tool outcome ordering into Codex dynamic tools", async () => {
     const sessionFile = path.join(tempDir, "session.jsonl");
     const workspaceDir = path.join(tempDir, "workspace");

extensions/codex/src/app-server/dynamic-tool-build.ts

@@ -19,10 +19,7 @@ import {
 } from "openclaw/plugin-sdk/agent-harness-runtime";
 import { resolveAgentDir } from "openclaw/plugin-sdk/agent-runtime";
 import { isToolAllowed } from "openclaw/plugin-sdk/sandbox";
-import {
-  readCodexPluginConfig,
-  type CodexPluginConfig,
-} from "./config.js";
+import { readCodexPluginConfig, type CodexPluginConfig } from "./config.js";
 import {
   filterCodexDynamicTools,
   isForcedPrivateQaCodexRuntime,
@@ -260,6 +257,7 @@ export async function buildDynamicTools(input: DynamicToolBuildParams) {
     ...sessionKeys,
     sessionId: params.sessionId,
     runId: params.runId,
+    approvalReviewerDeviceId: params.approvalReviewerDeviceId,
     agentDir,
     cwd: input.effectiveCwd ?? input.effectiveWorkspace,
     workspaceDir: input.effectiveWorkspace,
@@ -593,9 +591,10 @@ export function resolveCodexAppServerExecutionCwd(params: {
   nativeToolSurfaceEnabled: boolean;
   remoteWorkspaceRoot?: string;
 }): string {
-  const cwd = params.environment && params.nativeToolSurfaceEnabled
-    ? params.environment.cwd
-    : params.effectiveCwd;
+  const cwd =
+    params.environment && params.nativeToolSurfaceEnabled
+      ? params.environment.cwd
+      : params.effectiveCwd;
   return mapCodexAppServerRemoteWorkspacePath({
     value: cwd,
     localWorkspaceRoot: params.localWorkspaceRoot,

extensions/codex/src/app-server/event-projector.ts

@@ -65,7 +65,6 @@ export type CodexAppServerToolTelemetry = {
 
 export type CodexAppServerEventProjectorOptions = {
   nativePostToolUseRelayEnabled?: boolean;
-  onNativeToolResultRecorded?: () => void | Promise<void>;
   trajectoryRecorder?: CodexTrajectoryRecorder | null;
 };
 
@@ -633,7 +632,7 @@ export class CodexAppServerEventProjector {
     }
     this.recordToolMeta(item);
     this.emitStandardItemEvent({ phase: "start", item });
-    await this.emitNormalizedToolItemEvent({ phase: "start", item });
+    this.emitNormalizedToolItemEvent({ phase: "start", item });
     this.recordNativeToolTranscriptCall(item);
     this.emitToolResultSummary(item);
     this.emitAgentEvent({
@@ -697,7 +696,7 @@ export class CodexAppServerEventProjector {
     }
     this.recordToolMeta(item);
     this.emitStandardItemEvent({ phase: "end", item });
-    await this.emitNormalizedToolItemEvent({ phase: "result", item });
+    this.emitNormalizedToolItemEvent({ phase: "result", item });
     this.recordNativeToolTranscriptCall(item);
     this.recordNativeToolTranscriptResult(item);
     this.emitToolResultSummary(item);
@@ -817,7 +816,7 @@ export class CodexAppServerEventProjector {
         this.emitPlanUpdate({ explanation: undefined, steps: splitPlanText(item.text) });
       }
       this.recordToolMeta(item);
-      await this.emitSnapshotOnlyNativeToolProgress(item);
+      this.emitSnapshotOnlyNativeToolProgress(item);
       this.recordNativeToolTranscriptCall(item);
       this.recordNativeToolTranscriptResult(item);
       this.emitAfterToolCallObservation(item);
@@ -828,7 +827,7 @@ export class CodexAppServerEventProjector {
     await this.maybeEndReasoning();
   }
 
-  private async emitSnapshotOnlyNativeToolProgress(item: CodexThreadItem): Promise<void> {
+  private emitSnapshotOnlyNativeToolProgress(item: CodexThreadItem): void {
     if (
       !shouldSynthesizeToolProgressForItem(item) ||
       !this.isCurrentTurnSnapshotItem(item) ||
@@ -840,11 +839,11 @@ export class CodexAppServerEventProjector {
     const wasStarted = this.activeItemIds.has(item.id);
     if (!wasStarted) {
       this.emitStandardItemEvent({ phase: "start", item });
-      await this.emitNormalizedToolItemEvent({ phase: "start", item });
+      this.emitNormalizedToolItemEvent({ phase: "start", item });
     }
     this.activeItemIds.delete(item.id);
     this.emitStandardItemEvent({ phase: "end", item });
-    await this.emitNormalizedToolItemEvent({ phase: "result", item });
+    this.emitNormalizedToolItemEvent({ phase: "result", item });
     this.completedItemIds.add(item.id);
   }
 
@@ -1117,10 +1116,10 @@ export class CodexAppServerEventProjector {
     });
   }
 
-  private async emitNormalizedToolItemEvent(params: {
+  private emitNormalizedToolItemEvent(params: {
     phase: "start" | "result";
     item: CodexThreadItem | undefined;
-  }): Promise<void> {
+  }): void {
     const { item } = params;
     if (!item || !shouldSynthesizeToolProgressForItem(item)) {
       return;
@@ -1140,7 +1139,6 @@ export class CodexAppServerEventProjector {
     if (!shouldEmitTranscriptToolProgress(name, args)) {
       if (params.phase === "result") {
         this.emitAfterToolCallObservation(item);
-        await this.options.onNativeToolResultRecorded?.();
       }
       return;
     }
@@ -1164,7 +1162,6 @@ export class CodexAppServerEventProjector {
     });
     if (params.phase === "result") {
       this.emitAfterToolCallObservation(item);
-      await this.options.onNativeToolResultRecorded?.();
     }
   }
 

extensions/codex/src/app-server/run-attempt.test.ts

@@ -5617,50 +5617,6 @@ describe("runCodexAppServerAttempt", () => {
     expect(resumeRequestParams?.approvalsReviewer).toBe("guardian_subagent");
   });
 
-  it.each([
-    { name: "fast on", fastMode: true, expectedServiceTier: "priority" },
-    {
-      name: "fast off",
-      fastMode: false,
-      configuredServiceTier: "priority",
-      expectedServiceTier: null,
-    },
-    {
-      name: "fast auto active",
-      fastMode: () => true,
-      expectedServiceTier: "priority",
-    },
-  ] satisfies Array<{
-    name: string;
-    fastMode: EmbeddedRunAttemptParams["fastMode"];
-    configuredServiceTier?: "priority";
-    expectedServiceTier?: "priority" | null;
-  }>)(
-    "maps $name to app-server resume and turn service tier",
-    async ({ fastMode, configuredServiceTier, expectedServiceTier }) => {
-      const sessionFile = path.join(tempDir, "session.jsonl");
-      const workspaceDir = path.join(tempDir, "workspace");
-      await writeExistingBinding(sessionFile, workspaceDir, { model: "gpt-5.2" });
-      const { requests, waitForMethod, completeTurn } = createResumeHarness();
-      const params = createParams(sessionFile, workspaceDir);
-      params.fastMode = fastMode;
-
-      const options = configuredServiceTier
-        ? { pluginConfig: { appServer: { serviceTier: configuredServiceTier } } }
-        : {};
-      const run = runCodexAppServerAttempt(params, options);
-      await waitForMethod("turn/start");
-      await completeTurn({ threadId: "thread-existing", turnId: "turn-1" });
-      await run;
-
-      for (const method of ["thread/resume", "turn/start"]) {
-        const request = requests.find((entry) => entry.method === method);
-        const requestParams = request?.params as Record<string, unknown> | undefined;
-        expect(requestParams?.serviceTier).toBe(expectedServiceTier);
-      }
-    },
-  );
-
   it("reuses the bound auth profile for app-server startup when params omit it", async () => {
     const sessionFile = path.join(tempDir, "session.jsonl");
     const workspaceDir = path.join(tempDir, "workspace");
@@ -5706,314 +5662,4 @@ describe("runCodexAppServerAttempt", () => {
     expect(seenAgentDirs).toEqual([path.join(tempDir, "agent")]);
     expect(requests.map((entry) => entry.method)).toContain("turn/start");
   });
-
-  it("announces Codex app-server fast auto progress after the crossing tool result", async () => {
-    const now = vi.spyOn(Date, "now").mockReturnValue(1_000);
-    const onToolResult = vi.fn();
-    const onAgentEvent = vi.fn();
-    const sessionFile = path.join(tempDir, "session.jsonl");
-    const workspaceDir = path.join(tempDir, "workspace");
-    const harness = createStartedThreadHarness();
-    const params = createParams(sessionFile, workspaceDir);
-    params.verboseLevel = "full";
-    params.fastModeAuto = true;
-    params.fastModeStartedAtMs = 1_000;
-    params.fastModeAutoOnSeconds = 30;
-    params.onToolResult = onToolResult;
-    params.onAgentEvent = onAgentEvent;
-
-    const run = runCodexAppServerAttempt(params);
-    await harness.waitForMethod("turn/start");
-
-    const notifyCommand = async (id: string, output: string, nowMs: number) => {
-      await harness.notify({
-        method: "item/started",
-        params: {
-          threadId: "thread-1",
-          turnId: "turn-1",
-          item: {
-            type: "commandExecution",
-            id,
-            command: `echo ${id}`,
-            cwd: workspaceDir,
-            status: "inProgress",
-          },
-        },
-      });
-      now.mockReturnValue(nowMs);
-      await harness.notify({
-        method: "item/completed",
-        params: {
-          threadId: "thread-1",
-          turnId: "turn-1",
-          item: {
-            type: "commandExecution",
-            id,
-            command: `echo ${id}`,
-            cwd: workspaceDir,
-            status: "completed",
-            aggregatedOutput: output,
-            exitCode: 0,
-            durationMs: 1,
-          },
-        },
-      });
-    };
-
-    await notifyCommand("tool-before", "before", 20_000);
-    await notifyCommand("tool-crossing", "crossing", 35_500);
-    await notifyCommand("tool-after", "after", 42_000);
-    await harness.completeTurn({ threadId: "thread-1", turnId: "turn-1" });
-    await run;
-
-    const payloads = onToolResult.mock.calls.map(([payload]) => payload) as Array<{
-      channelData?: Record<string, unknown>;
-      text?: string;
-    }>;
-    const texts = payloads.map((payload) => payload.text ?? "");
-    expect(texts.filter((text) => text.startsWith("💨Fast: auto-off"))).toEqual([
-      "💨Fast: auto-off(34s>=30s)",
-    ]);
-    expect(texts.filter((text) => text === "💨Fast: auto-on")).toHaveLength(1);
-    const offIndex = texts.indexOf("💨Fast: auto-off(34s>=30s)");
-    const onIndex = texts.indexOf("💨Fast: auto-on");
-    expect(offIndex).toBeGreaterThan(0);
-    expect(onIndex).toBeGreaterThan(offIndex + 1);
-    expect(texts.slice(offIndex + 1, onIndex).some((text) => !text.startsWith("💨Fast:"))).toBe(
-      true,
-    );
-    expect(payloads[offIndex]?.channelData).toEqual({
-      openclawProgressKind: "fast-mode-auto",
-    });
-    expect(payloads[onIndex]?.channelData).toEqual({
-      openclawProgressKind: "fast-mode-auto",
-    });
-    const fastEvents = onAgentEvent.mock.calls
-      .map(([event]) => event)
-      .filter((event) => event.stream === "item" && event.data?.title === "Fast");
-    expect(fastEvents.map((event) => event.data?.summary)).toEqual([
-      "💨Fast: auto-off(34s>=30s)",
-      "💨Fast: auto-on",
-    ]);
-  });
-
-  it("does not announce Codex fast auto progress for explicit fast mode", async () => {
-    const now = vi.spyOn(Date, "now").mockReturnValue(1_000);
-    const onToolResult = vi.fn();
-    const sessionFile = path.join(tempDir, "session.jsonl");
-    const workspaceDir = path.join(tempDir, "workspace");
-    const harness = createStartedThreadHarness();
-    const params = createParams(sessionFile, workspaceDir);
-    params.fastModeAuto = false;
-    params.fastModeStartedAtMs = 1_000;
-    params.fastModeAutoOnSeconds = 30;
-    params.onToolResult = onToolResult;
-
-    const run = runCodexAppServerAttempt(params);
-    await harness.waitForMethod("turn/start");
-    now.mockReturnValue(35_500);
-    await harness.notify({
-      method: "rawResponseItem/completed",
-      params: {
-        threadId: "thread-1",
-        turnId: "turn-1",
-        item: {
-          type: "function_call_output",
-          id: "call-raw-output",
-          call_id: "call-raw-output",
-          output: "tool output",
-        },
-      },
-    });
-    await harness.completeTurn({ threadId: "thread-1", turnId: "turn-1" });
-    await run;
-
-    const texts = onToolResult.mock.calls.map(([payload]) => payload.text ?? "");
-    expect(texts.filter((text) => text.startsWith("💨Fast:"))).toEqual([]);
-  });
-
-  it("announces Codex app-server fast auto progress for snapshot-only tool results", async () => {
-    const now = vi.spyOn(Date, "now").mockReturnValue(1_000);
-    const onToolResult = vi.fn();
-    const onAgentEvent = vi.fn();
-    const sessionFile = path.join(tempDir, "session.jsonl");
-    const workspaceDir = path.join(tempDir, "workspace");
-    const harness = createStartedThreadHarness();
-    const params = createParams(sessionFile, workspaceDir);
-    params.verboseLevel = "full";
-    params.fastModeAuto = true;
-    params.fastModeStartedAtMs = 1_000;
-    params.fastModeAutoOnSeconds = 30;
-    params.onToolResult = onToolResult;
-    params.onAgentEvent = onAgentEvent;
-
-    const run = runCodexAppServerAttempt(params);
-    await harness.waitForMethod("turn/start");
-    await new Promise<void>((resolve) => {
-      setImmediate(resolve);
-    });
-
-    now.mockReturnValue(35_500);
-    await harness.notify({
-      method: "turn/completed",
-      params: {
-        threadId: "thread-1",
-        turnId: "turn-1",
-        turn: {
-          id: "turn-1",
-          status: "completed",
-          items: [
-            {
-              type: "commandExecution",
-              id: "tool-crossing",
-              command: "echo crossing",
-              commandActions: [],
-              cwd: workspaceDir,
-              processId: null,
-              source: "agent",
-              status: "completed",
-              aggregatedOutput: "crossing",
-              exitCode: 0,
-              durationMs: 1,
-            },
-          ],
-        },
-      },
-    });
-    await run;
-
-    const texts = onToolResult.mock.calls.map(([payload]) => payload.text ?? "");
-    expect(texts.filter((text) => text.startsWith("💨Fast: auto-off"))).toEqual([
-      "💨Fast: auto-off(34s>=30s)",
-    ]);
-    expect(texts.filter((text) => text === "💨Fast: auto-on")).toHaveLength(1);
-    const fastEvents = onAgentEvent.mock.calls
-      .map(([event]) => event)
-      .filter((event) => event.stream === "item" && event.data?.title === "Fast");
-    expect(fastEvents.map((event) => event.data?.summary)).toEqual([
-      "💨Fast: auto-off(34s>=30s)",
-      "💨Fast: auto-on",
-    ]);
-  });
-
-  it("announces Codex app-server fast auto progress for raw function call outputs", async () => {
-    const now = vi.spyOn(Date, "now").mockReturnValue(1_000);
-    const onToolResult = vi.fn();
-    const onAgentEvent = vi.fn();
-    const sessionFile = path.join(tempDir, "session.jsonl");
-    const workspaceDir = path.join(tempDir, "workspace");
-    const harness = createStartedThreadHarness();
-    const params = createParams(sessionFile, workspaceDir);
-    params.verboseLevel = "full";
-    params.fastModeAuto = true;
-    params.fastModeStartedAtMs = 1_000;
-    params.fastModeAutoOnSeconds = 30;
-    params.onToolResult = onToolResult;
-    params.onAgentEvent = onAgentEvent;
-
-    const run = runCodexAppServerAttempt(params);
-    await harness.waitForMethod("turn/start");
-    await new Promise<void>((resolve) => {
-      setImmediate(resolve);
-    });
-
-    now.mockReturnValue(35_500);
-    await harness.notify({
-      method: "rawResponseItem/completed",
-      params: {
-        threadId: "thread-1",
-        turnId: "turn-1",
-        item: {
-          type: "function_call_output",
-          id: "call-raw-output",
-          call_id: "call-raw-output",
-          output: "tool output",
-        },
-      },
-    });
-    await harness.completeTurn({ threadId: "thread-1", turnId: "turn-1" });
-    await run;
-
-    const texts = onToolResult.mock.calls.map(([payload]) => payload.text ?? "");
-    expect(texts.filter((text) => text.startsWith("💨Fast: auto-off"))).toEqual([
-      "💨Fast: auto-off(34s>=30s)",
-    ]);
-    expect(texts.filter((text) => text === "💨Fast: auto-on")).toHaveLength(1);
-    const fastEvents = onAgentEvent.mock.calls
-      .map(([event]) => event)
-      .filter((event) => event.stream === "item" && event.data?.title === "Fast");
-    expect(fastEvents.map((event) => event.data?.summary)).toEqual([
-      "💨Fast: auto-off(34s>=30s)",
-      "💨Fast: auto-on",
-    ]);
-  });
-
-  it("does not duplicate Codex app-server fast auto progress already announced by the outer runner", async () => {
-    const now = vi.spyOn(Date, "now").mockReturnValue(1_000);
-    const onToolResult = vi.fn();
-    const onAgentEvent = vi.fn();
-    const sessionFile = path.join(tempDir, "session.jsonl");
-    const workspaceDir = path.join(tempDir, "workspace");
-    const harness = createStartedThreadHarness();
-    const params = createParams(sessionFile, workspaceDir);
-    params.verboseLevel = "full";
-    params.fastModeAuto = true;
-    params.fastModeStartedAtMs = 1_000;
-    params.fastModeAutoOnSeconds = 30;
-    params.fastModeAutoProgressState = {
-      offAnnounced: true,
-      resetAnnounced: false,
-    };
-    params.onToolResult = onToolResult;
-    params.onAgentEvent = onAgentEvent;
-
-    const run = runCodexAppServerAttempt(params);
-    await harness.waitForMethod("turn/start");
-    await harness.notify({
-      method: "item/started",
-      params: {
-        threadId: "thread-1",
-        turnId: "turn-1",
-        item: {
-          type: "commandExecution",
-          id: "tool-1",
-          command: "echo tool-1",
-          cwd: workspaceDir,
-          status: "inProgress",
-        },
-      },
-    });
-    now.mockReturnValue(35_500);
-    await harness.notify({
-      method: "item/completed",
-      params: {
-        threadId: "thread-1",
-        turnId: "turn-1",
-        item: {
-          type: "commandExecution",
-          id: "tool-1",
-          command: "echo tool-1",
-          cwd: workspaceDir,
-          status: "completed",
-          aggregatedOutput: "tool output",
-          exitCode: 0,
-          durationMs: 1,
-        },
-      },
-    });
-    await harness.completeTurn({ threadId: "thread-1", turnId: "turn-1" });
-    await run;
-
-    const texts = onToolResult.mock.calls.map(([payload]) => payload.text ?? "");
-    expect(texts.filter((text) => text.startsWith("💨Fast: auto-off"))).toEqual([]);
-    expect(texts.filter((text) => text === "💨Fast: auto-on")).toHaveLength(1);
-    expect(params.fastModeAutoProgressState).toEqual({
-      offAnnounced: true,
-      resetAnnounced: true,
-    });
-    const fastEvents = onAgentEvent.mock.calls
-      .map(([event]) => event)
-      .filter((event) => event.stream === "item" && event.data?.title === "Fast");
-    expect(fastEvents.map((event) => event.data?.summary)).toEqual(["💨Fast: auto-on"]);
-  });
 });

extensions/codex/src/app-server/run-attempt.ts

@@ -12,8 +12,6 @@ import {
   embeddedAgentLog,
   emitAgentEvent as emitGlobalAgentEvent,
   finalizeHarnessContextEngineTurn,
-  FAST_MODE_AUTO_PROGRESS_KIND,
-  formatFastModeAutoProgressText,
   formatErrorMessage,
   getAgentHarnessHookRunner,
   getBeforeToolCallPolicyDiagnosticState,
@@ -29,11 +27,9 @@ import {
   runAgentHarnessLlmInputHook,
   runAgentHarnessLlmOutputHook,
   runHarnessContextEngineMaintenance,
-  resolveFastModeForElapsed,
   setActiveEmbeddedRun,
   supportsModelTools,
   runAgentCleanupStep,
-  type FastModeAutoProgressState,
   type EmbeddedRunAttemptParams,
   type EmbeddedRunAttemptResult,
   type NativeHookRelayEvent,
@@ -89,7 +85,6 @@ import {
   isCurrentThreadOptionalTurnRequestParams,
   isCurrentThreadTurnRequestParams,
   isNativeResponseStreamDeltaNotification,
-  isRawFunctionToolOutputCompletionNotification,
   isTerminalTurnStatus,
   readCodexNotificationItem,
   readRawResponseToolCallId,
@@ -279,22 +274,6 @@ const CODEX_APP_SERVER_PROJECTED_CHARS_PER_TOKEN = 4;
 const CODEX_APP_SERVER_ACTIVE_NATIVE_TURN_WAIT_TIMEOUT_MS = 30_000;
 const ensuredCodexWorkspaceDirs = new Set<string>();
 
-function withCodexAppServerFastModeServiceTier(
-  appServer: CodexAppServerRuntimeOptions,
-  params: EmbeddedRunAttemptParams,
-): CodexAppServerRuntimeOptions {
-  const fastMode = typeof params.fastMode === "function" ? params.fastMode() : params.fastMode;
-  const serviceTier =
-    fastMode === undefined ? appServer.serviceTier : fastMode ? "priority" : undefined;
-  if (serviceTier === appServer.serviceTier) {
-    return appServer;
-  }
-  if (serviceTier) {
-    return { ...appServer, serviceTier };
-  }
-  return { ...appServer, serviceTier: null };
-}
-
 function estimateCodexAppServerProjectedTurnTokens(params: {
   prompt: string;
   developerInstructions?: string;
@@ -327,10 +306,10 @@ async function ensureCodexWorkspaceDirOnce(workspaceDir: string): Promise<void>
   ensuredCodexWorkspaceDirs.add(normalized);
 }
 
-async function emitCodexAppServerEvent(
+function emitCodexAppServerEvent(
   params: EmbeddedRunAttemptParams,
   event: Parameters<NonNullable<EmbeddedRunAttemptParams["onAgentEvent"]>>[0],
-): Promise<void> {
+): void {
   try {
     emitGlobalAgentEvent({
       runId: params.runId,
@@ -342,7 +321,10 @@ async function emitCodexAppServerEvent(
     embeddedAgentLog.debug("codex app-server global agent event emit failed", { error });
   }
   try {
-    await params.onAgentEvent?.(event);
+    const maybePromise = params.onAgentEvent?.(event);
+    void Promise.resolve(maybePromise).catch((error: unknown) => {
+      embeddedAgentLog.debug("codex app-server agent event handler rejected", { error });
+    });
   } catch (error) {
     // Event consumers are observational; they must not abort or strand the
     // canonical app-server turn lifecycle.
@@ -434,14 +416,6 @@ export async function runCodexAppServerAttempt(
   );
   const codexModelContentCapture = resolveDiagnosticModelContentCapturePolicy(params.config);
   const codexModelCallId = `${params.runId}:codex-model:1`;
-  const fastModeAutoStartedAtMs =
-    typeof params.fastModeStartedAtMs === "number" && Number.isFinite(params.fastModeStartedAtMs)
-      ? params.fastModeStartedAtMs
-      : undefined;
-  const fastModeAutoProgressState: FastModeAutoProgressState = params.fastModeAutoProgressState ?? {
-    offAnnounced: false,
-    resetAnnounced: false,
-  };
   // Startup phase timings are profiler-gated because this function runs before
   // every Codex turn; normal production should not do timing bookkeeping here.
   const preDynamicStartupStages = createCodexDynamicToolBuildStageTracker({
@@ -790,9 +764,7 @@ export async function runCodexAppServerAttempt(
     onYieldDetected: () => {
       yieldDetected = true;
     },
-    onCodexAppServerEvent: (event) => {
-      void emitCodexAppServerEvent(params, event);
-    },
+    onCodexAppServerEvent: (event) => emitCodexAppServerEvent(params, event),
     onPersistentWebSearchPolicyResolved: (allowed) => {
       persistentWebSearchAllowed = allowed;
     },
@@ -819,9 +791,7 @@ export async function runCodexAppServerAttempt(
     onYieldDetected: () => {
       yieldDetected = true;
     },
-    onCodexAppServerEvent: (event) => {
-      void emitCodexAppServerEvent(params, event);
-    },
+    onCodexAppServerEvent: (event) => emitCodexAppServerEvent(params, event),
   });
   const toolBridge = createCodexDynamicToolBridge({
     tools,
@@ -1454,15 +1424,13 @@ export async function runCodexAppServerAttempt(
     };
   };
   try {
-    void emitCodexAppServerEvent(params, {
+    emitCodexAppServerEvent(params, {
       stream: "codex_app_server.lifecycle",
       data: { phase: "startup" },
     });
-    const attemptAppServer = withCodexAppServerFastModeServiceTier(appServer, params);
-    pluginAppServer = attemptAppServer;
     const startupResult = await startCodexAttemptThread({
       attemptClientFactory,
-      appServer: attemptAppServer,
+      appServer,
       pluginConfig,
       computerUseConfig,
       startupAuthProfileId,
@@ -1501,7 +1469,7 @@ export async function runCodexAppServerAttempt(
     codexSandboxPolicy = startupResult.sandboxPolicy;
     releaseSharedClientLease = startupResult.releaseSharedClientLease;
     restartContextEngineCodexThread = startupResult.restartContextEngineCodexThread;
-    void emitCodexAppServerEvent(params, {
+    emitCodexAppServerEvent(params, {
       stream: "codex_app_server.lifecycle",
       data: { phase: "thread_ready", threadId: thread.threadId },
     });
@@ -1745,7 +1713,7 @@ export async function runCodexAppServerAttempt(
   };
 
   const emitLifecycleStart = () => {
-    void emitCodexAppServerEvent(params, {
+    emitCodexAppServerEvent(params, {
       stream: "lifecycle",
       data: { phase: "start", startedAt: attemptStartedAt },
     });
@@ -1756,7 +1724,7 @@ export async function runCodexAppServerAttempt(
     if (!lifecycleStarted || lifecycleTerminalEmitted) {
       return;
     }
-    void emitCodexAppServerEvent(params, {
+    emitCodexAppServerEvent(params, {
       stream: "lifecycle",
       data: {
         startedAt: attemptStartedAt,
@@ -1792,75 +1760,6 @@ export async function runCodexAppServerAttempt(
       emitExecutionPhaseOnce,
     });
   };
-  const emitFastModeAutoProgress = async (payload: {
-    enabled: boolean;
-    elapsedSeconds: number;
-    fastAutoOnSeconds?: number;
-  }): Promise<void> => {
-    const summary = formatFastModeAutoProgressText(payload);
-    await emitCodexAppServerEvent(params, {
-      stream: "item",
-      data: {
-        kind: "status",
-        title: "Fast",
-        phase: "update",
-        summary,
-      },
-    });
-    try {
-      await params.onToolResult?.({
-        text: summary,
-        channelData: { openclawProgressKind: FAST_MODE_AUTO_PROGRESS_KIND },
-      });
-    } catch (error) {
-      embeddedAgentLog.debug("codex app-server fast mode auto progress delivery failed", {
-        error,
-      });
-    }
-  };
-  const maybeAnnounceFastModeAutoOff = async (): Promise<void> => {
-    if (
-      params.fastModeAuto !== true ||
-      fastModeAutoStartedAtMs === undefined ||
-      fastModeAutoProgressState.offAnnounced
-    ) {
-      return;
-    }
-    const next = resolveFastModeForElapsed({
-      mode: "auto",
-      startedAtMs: fastModeAutoStartedAtMs,
-      fastAutoOnSeconds: params.fastModeAutoOnSeconds,
-    });
-    if (next.enabled) {
-      return;
-    }
-    fastModeAutoProgressState.offAnnounced = true;
-    await emitFastModeAutoProgress(next);
-  };
-  const maybeEmitFastModeAutoReset = async (): Promise<void> => {
-    if (
-      params.fastModeAuto !== true ||
-      !fastModeAutoProgressState.offAnnounced ||
-      fastModeAutoProgressState.resetAnnounced
-    ) {
-      return;
-    }
-    fastModeAutoProgressState.resetAnnounced = true;
-    await emitFastModeAutoProgress({
-      enabled: true,
-      elapsedSeconds: 0,
-      fastAutoOnSeconds: params.fastModeAutoOnSeconds,
-    });
-  };
-  const maybeEmitFastModeAutoResetBestEffort = async (): Promise<void> => {
-    try {
-      await maybeEmitFastModeAutoReset();
-    } catch (error) {
-      embeddedAgentLog.warn(
-        `codex app-server fast mode auto reset progress failed: ${formatErrorMessage(error)}`,
-      );
-    }
-  };
 
   const isTerminalTurnNotificationForTurn = (
     notification: CodexServerNotification,
@@ -1907,13 +1806,6 @@ export async function runCodexAppServerAttempt(
     try {
       await waitForCodexNotificationDispatchTurn();
       await projector.handleNotification(notification);
-      if (
-        notificationState.isCurrentTurnNotification &&
-        activeTurnItemIds.size === 0 &&
-        isRawFunctionToolOutputCompletionNotification(notification)
-      ) {
-        await maybeAnnounceFastModeAutoOff();
-      }
     } catch (error) {
       embeddedAgentLog.debug("codex app-server projector notification threw", {
         method: notification.method,
@@ -2190,7 +2082,7 @@ export async function runCodexAppServerAttempt(
       const toolArgs = sanitizeCodexToolArguments(call.arguments);
       const shouldEmitDynamicToolProgress = shouldEmitTranscriptToolProgress(call.tool, toolArgs);
       if (shouldEmitDynamicToolProgress) {
-        void emitCodexAppServerEvent(params, {
+        emitCodexAppServerEvent(params, {
           stream: "tool",
           data: {
             phase: "start",
@@ -2280,7 +2172,7 @@ export async function runCodexAppServerAttempt(
         });
         if (shouldEmitDynamicToolProgress) {
           const progressResponse = toCodexDynamicToolProgressResponse(response, protocolResponse);
-          void emitCodexAppServerEvent(params, {
+          emitCodexAppServerEvent(params, {
             stream: "tool",
             data: {
               phase: "result",
@@ -2430,12 +2322,10 @@ export async function runCodexAppServerAttempt(
     throw error;
   };
   const startCodexTurn = async (): Promise<CodexTurnStartResponse> => {
-    const turnAppServer = withCodexAppServerFastModeServiceTier(pluginAppServer, params);
-    pluginAppServer = turnAppServer;
     const turnStartParams = buildTurnStartParams(params, {
       threadId: thread.threadId,
       cwd: codexExecutionCwd,
-      appServer: turnAppServer,
+      appServer: pluginAppServer,
       promptText: codexTurnPromptText,
       sandboxPolicy: codexSandboxPolicy,
       environmentSelection: codexEnvironmentSelection,
@@ -2467,7 +2357,7 @@ export async function runCodexAppServerAttempt(
       "codex app-server resumed thread has active native turn; waiting before turn/start",
       { threadId: thread.threadId, activeTurnIds: activeNativeTurnIds },
     );
-    void emitCodexAppServerEvent(params, {
+    emitCodexAppServerEvent(params, {
       stream: "codex_app_server.lifecycle",
       data: {
         phase: "turn_start_waiting_for_native_turn",
@@ -2490,7 +2380,7 @@ export async function runCodexAppServerAttempt(
       ctx: hookContext,
       hookRunner,
     });
-    void emitCodexAppServerEvent(params, {
+    emitCodexAppServerEvent(params, {
       stream: "codex_app_server.lifecycle",
       data: { phase: "turn_starting", threadId: thread.threadId },
     });
@@ -2507,7 +2397,7 @@ export async function runCodexAppServerAttempt(
       );
       const compactTurnCompleted = await waitForActiveNativeTurnCompletion();
       if (compactTurnCompleted && !runAbortController.signal.aborted) {
-        void emitCodexAppServerEvent(params, {
+        emitCodexAppServerEvent(params, {
           stream: "codex_app_server.lifecycle",
           data: { phase: "turn_start_retry_after_compact", threadId: thread.threadId },
         });
@@ -2589,7 +2479,7 @@ export async function runCodexAppServerAttempt(
               );
             }
           }
-          void emitCodexAppServerEvent(params, {
+          emitCodexAppServerEvent(params, {
             stream: "codex_app_server.lifecycle",
             data: { phase: "thread_ready_retry", threadId: thread.threadId },
           });
@@ -2619,7 +2509,7 @@ export async function runCodexAppServerAttempt(
           error: turnStartErrorMessage,
         });
       }
-      void emitCodexAppServerEvent(params, {
+      emitCodexAppServerEvent(params, {
         stream: "codex_app_server.lifecycle",
         data: { phase: "turn_start_failed", error: turnStartErrorMessage },
       });
@@ -2742,7 +2632,6 @@ export async function runCodexAppServerAttempt(
         nativeHookRelay?.allowedEvents.includes("post_tool_use") === true &&
         nativeHookRelay.shouldRelayEvent("post_tool_use"),
       trajectoryRecorder,
-      onNativeToolResultRecorded: maybeAnnounceFastModeAutoOff,
     },
   );
   if (
@@ -3003,7 +2892,7 @@ export async function runCodexAppServerAttempt(
     });
     const terminalAssistantText = collectTerminalAssistantText(result);
     if (terminalAssistantText && !finalAborted && !finalPromptError) {
-      void emitCodexAppServerEvent(params, {
+      emitCodexAppServerEvent(params, {
         stream: "assistant",
         data: { text: terminalAssistantText },
       });
@@ -3135,9 +3024,6 @@ export async function runCodexAppServerAttempt(
       systemPromptReport,
     };
   } finally {
-    if (params.isFinalFallbackAttempt !== false) {
-      await maybeEmitFastModeAutoResetBestEffort();
-    }
     codexModelCallDiagnostics.emitError(
       "codex app-server run completed without model-call terminal event",
     );

extensions/codex/src/app-server/thread-lifecycle.ts

@@ -1113,9 +1113,7 @@ export function buildThreadStartParams(
     approvalPolicy: options.appServer.approvalPolicy,
     approvalsReviewer: options.appServer.approvalsReviewer,
     ...codexThreadSandboxOrPermissions(options.appServer),
-    ...(options.appServer.serviceTier !== undefined
-      ? { serviceTier: options.appServer.serviceTier }
-      : {}),
+    ...(options.appServer.serviceTier ? { serviceTier: options.appServer.serviceTier } : {}),
     personality: CODEX_NATIVE_PERSONALITY_NONE,
     serviceName: "OpenClaw",
     config: buildCodexRuntimeThreadConfigForRun(params, options.config, {
@@ -1195,9 +1193,7 @@ export function buildThreadResumeParams(
     approvalPolicy: options.appServer.approvalPolicy,
     approvalsReviewer: options.appServer.approvalsReviewer,
     ...codexThreadSandboxOrPermissions(options.appServer),
-    ...(options.appServer.serviceTier !== undefined
-      ? { serviceTier: options.appServer.serviceTier }
-      : {}),
+    ...(options.appServer.serviceTier ? { serviceTier: options.appServer.serviceTier } : {}),
     personality: CODEX_NATIVE_PERSONALITY_NONE,
     config: buildCodexRuntimeThreadConfigForRun(params, options.config, {
       nativeCodeModeEnabled: options.nativeCodeModeEnabled,
@@ -1432,9 +1428,7 @@ export function buildTurnStartParams(
         }),
     model: modelSelection.model,
     personality: CODEX_NATIVE_PERSONALITY_NONE,
-    ...(options.appServer.serviceTier !== undefined
-      ? { serviceTier: options.appServer.serviceTier }
-      : {}),
+    ...(options.appServer.serviceTier ? { serviceTier: options.appServer.serviceTier } : {}),
     effort: resolveReasoningEffort(params.thinkLevel, modelSelection.model),
     ...(options.environmentSelection ? { environments: options.environmentSelection } : {}),
     collaborationMode: buildTurnCollaborationMode(params, {

extensions/codex/src/conversation-binding.ts

@@ -511,7 +511,7 @@ async function writeThreadBindingFromResponse(
       sandbox: resolved.execPolicy?.touched
         ? resolved.runtime.sandbox
         : (params.sandbox ?? resolved.runtime.sandbox),
-      serviceTier: params.serviceTier ?? resolved.runtime.serviceTier ?? undefined,
+      serviceTier: params.serviceTier ?? resolved.runtime.serviceTier,
       networkProxyProfileName: resolved.runtime.networkProxy?.profileName,
       networkProxyConfigFingerprint: resolved.runtime.networkProxy?.configFingerprint,
     },
@@ -689,7 +689,7 @@ async function runBoundTurn(params: {
           }),
           approvalPolicy: typeof approvalPolicy === "string" ? approvalPolicy : undefined,
           sandbox,
-          serviceTier: serviceTier ?? undefined,
+          serviceTier,
           networkProxyProfileName: modelScopedRuntime.networkProxy?.profileName,
           networkProxyConfigFingerprint: modelScopedRuntime.networkProxy?.configFingerprint,
         },

extensions/codex/src/conversation-control.ts

@@ -192,7 +192,7 @@ export async function setCodexConversationModel(params: {
       modelProvider: response.modelProvider ?? modelSelection.modelProvider,
       approvalPolicy: binding.approvalPolicy,
       sandbox: binding.sandbox,
-      serviceTier: binding.serviceTier ?? runtime.serviceTier ?? undefined,
+      serviceTier: binding.serviceTier ?? runtime.serviceTier,
     },
     lookup,
   );

extensions/cohere/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/cohere-provider",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/cohere-provider",
-      "version": "2026.6.10"
+      "version": "2026.6.9"
     }
   }
 }

extensions/cohere/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/cohere-provider",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "description": "OpenClaw Cohere provider plugin.",
   "repository": {
     "type": "git",
@@ -21,10 +21,10 @@
       "minHostVersion": ">=2026.6.8"
     },
     "compat": {
-      "pluginApi": ">=2026.6.10"
+      "pluginApi": ">=2026.6.9"
     },
     "build": {
-      "openclawVersion": "2026.6.10",
+      "openclawVersion": "2026.6.9",
       "bundledDist": true
     },
     "release": {

extensions/comfy/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/comfy-provider",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "private": true,
   "description": "OpenClaw ComfyUI provider plugin",
   "type": "module",

extensions/copilot-proxy/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/copilot-proxy",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "private": true,
   "description": "OpenClaw Copilot Proxy provider plugin",
   "type": "module",

extensions/copilot/README.md

@@ -16,7 +16,7 @@ on a model or provider entry; `auto` never picks it. PI remains the default
 embedded runtime.
 
 See [GitHub Copilot agent runtime](../../docs/plugins/copilot.md) for
-configuration, doctor probes, transcript mirroring, compaction, side
+configuration, the doctor contract, transcript mirroring, compaction, side
 questions, replay, and the supported-surface contract.
 See [qa/copilot-capabilities.md](../../qa/copilot-capabilities.md)
 for the SDK capability inventory the harness is pinned to.

extensions/copilot/doctor-contract-api.ts

@@ -11,14 +11,6 @@
  *     fields exist for copilot yet; the array is empty by design
  *     and normalizeCompatibilityConfig is a structural no-op so
  *     future retirements have a stable in-tree home.
- *
- * The deeper runtime probes (copilot CLI version, copilot auth,
- * copilotHome writability) live in {@link ./src/doctor-probes.ts}
- * because they have side effects (subprocess spawn, fs touch) and
- * need to be invoked imperatively, not declaratively, from the
- * doctor command. They are exported separately so callers can opt
- * in. Auto-discovery of doctor-contract-api.ts at the plugin root
- * keeps this file purely declarative.
  */
 
 import type { OpenClawConfig } from "openclaw/plugin-sdk/config-contracts";

extensions/copilot/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/copilot",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/copilot",
-      "version": "2026.6.10",
+      "version": "2026.6.9",
       "dependencies": {
         "@github/copilot-sdk": "1.0.0-beta.9"
       }

extensions/copilot/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/copilot",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "description": "OpenClaw GitHub Copilot agent runtime plugin (registers a `github-copilot` AgentHarness backed by @github/copilot-sdk over JSON-RPC to the GitHub Copilot CLI)",
   "repository": {
     "type": "git",
@@ -25,10 +25,10 @@
       "minHostVersion": ">=2026.5.28"
     },
     "compat": {
-      "pluginApi": ">=2026.6.10"
+      "pluginApi": ">=2026.6.9"
     },
     "build": {
-      "openclawVersion": "2026.6.10",
+      "openclawVersion": "2026.6.9",
       "bundledDist": false
     },
     "release": {

extensions/copilot/src/doctor-probes.test.ts

@@ -1,284 +0,0 @@
-// Copilot tests cover doctor probes plugin behavior.
-import { EventEmitter } from "node:events";
-import fs from "node:fs/promises";
-import os from "node:os";
-import path from "node:path";
-import { afterEach, describe, expect, it, vi } from "vitest";
-import {
-  probeCopilotAuthShape,
-  probeCopilotCliVersion,
-  probeCopilotHomeWritable,
-} from "./doctor-probes.js";
-
-type FakeChildOptions = {
-  exitCode?: number | null;
-  signal?: NodeJS.Signals | null;
-  stdout?: string;
-  stderr?: string;
-  emitErrorMessage?: string;
-  /** When true, never emits close; useful for timeout tests. */
-  hang?: boolean;
-};
-
-function makeFakeChild(opts: FakeChildOptions = {}) {
-  const emitter = new EventEmitter() as EventEmitter & {
-    stdout: EventEmitter;
-    stderr: EventEmitter;
-    kill: () => void;
-  };
-  emitter.stdout = new EventEmitter();
-  emitter.stderr = new EventEmitter();
-  emitter.kill = vi.fn();
-
-  queueMicrotask(() => {
-    if (opts.stdout) {
-      emitter.stdout.emit("data", Buffer.from(opts.stdout, "utf8"));
-    }
-    if (opts.stderr) {
-      emitter.stderr.emit("data", Buffer.from(opts.stderr, "utf8"));
-    }
-    if (opts.emitErrorMessage) {
-      emitter.emit("error", new Error(opts.emitErrorMessage));
-      return;
-    }
-    if (!opts.hang) {
-      emitter.emit("close", opts.exitCode ?? 0, opts.signal ?? null);
-    }
-  });
-
-  return emitter;
-}
-
-const tempDirs: string[] = [];
-
-afterEach(async () => {
-  for (const dir of tempDirs.splice(0)) {
-    await fs.rm(dir, { recursive: true, force: true });
-  }
-});
-
-async function makeTempHome(): Promise<string> {
-  const dir = await fs.mkdtemp(path.join(os.tmpdir(), "openclaw-copilot-doctor-"));
-  tempDirs.push(dir);
-  return dir;
-}
-
-describe("probeCopilotCliVersion", () => {
-  it("reports ok with trimmed version on exit 0 with stdout", async () => {
-    const result = await probeCopilotCliVersion({
-      spawnFn: () => makeFakeChild({ stdout: "  1.2.3  \n" }) as never,
-    });
-    expect(result.ok).toBe(true);
-    if (result.ok) {
-      expect(result.version).toBe("1.2.3");
-      expect(result.command).toBe("copilot");
-    }
-  });
-
-  it("uses custom command and args when provided", async () => {
-    const calls: Array<{ cmd: string; args: string[] }> = [];
-    const result = await probeCopilotCliVersion({
-      command: "my-copilot",
-      args: ["-V"],
-      spawnFn: ((cmd: string, args: readonly string[]) => {
-        calls.push({ cmd, args: [...args] });
-        return makeFakeChild({ stdout: "9.9.9" }) as never;
-      }) as never,
-    });
-    expect(calls).toEqual([{ cmd: "my-copilot", args: ["-V"] }]);
-    expect(result.ok).toBe(true);
-    if (result.ok) {
-      expect(result.command).toBe("my-copilot");
-    }
-  });
-
-  it("reports non-zero-exit with stderr details", async () => {
-    const result = await probeCopilotCliVersion({
-      spawnFn: () => makeFakeChild({ exitCode: 2, stderr: "boom: not installed" }) as never,
-    });
-    expect(result.ok).toBe(false);
-    if (!result.ok) {
-      expect(result.reason).toBe("non-zero-exit");
-      expect(result.details?.exitCode).toBe(2);
-      expect(result.details?.stderr).toBe("boom: not installed");
-    }
-  });
-
-  it("reports empty-version when exit 0 produces no stdout", async () => {
-    const result = await probeCopilotCliVersion({
-      spawnFn: () => makeFakeChild({ stdout: "   \n" }) as never,
-    });
-    expect(result.ok).toBe(false);
-    if (!result.ok) {
-      expect(result.reason).toBe("empty-version");
-    }
-  });
-
-  it("reports spawn-failed when spawnFn throws synchronously (e.g. ENOENT)", async () => {
-    const result = await probeCopilotCliVersion({
-      spawnFn: (() => {
-        throw new Error("ENOENT: copilot not found");
-      }) as never,
-    });
-    expect(result.ok).toBe(false);
-    if (!result.ok) {
-      expect(result.reason).toBe("spawn-failed");
-      expect(result.details?.rawError).toContain("ENOENT");
-    }
-  });
-
-  it("reports spawn-error when child emits 'error'", async () => {
-    const result = await probeCopilotCliVersion({
-      spawnFn: () => makeFakeChild({ emitErrorMessage: "spawn ENOEXEC" }) as never,
-    });
-    expect(result.ok).toBe(false);
-    if (!result.ok) {
-      expect(result.reason).toBe("spawn-error");
-      expect(result.details?.rawError).toBe("spawn ENOEXEC");
-    }
-  });
-
-  it("reports probe-timeout when child hangs past timeoutMs and kills the child", async () => {
-    const fakeChild = makeFakeChild({ hang: true });
-    const result = await probeCopilotCliVersion({
-      timeoutMs: 10,
-      spawnFn: () => fakeChild as never,
-    });
-    expect(result.ok).toBe(false);
-    if (!result.ok) {
-      expect(result.reason).toBe("probe-timeout");
-      expect(result.details?.timeoutMs).toBe(10);
-    }
-    expect(fakeChild.kill).toHaveBeenCalled();
-  });
-
-  it("returns just the first non-empty line as version when stdout has a banner / update hint", async () => {
-    const result = await probeCopilotCliVersion({
-      spawnFn: () =>
-        makeFakeChild({
-          stdout: "GitHub Copilot CLI 1.0.48.\nRun 'copilot update' to check for updates.\n",
-        }) as never,
-    });
-    expect(result.ok).toBe(true);
-    if (result.ok) {
-      expect(result.version).toBe("GitHub Copilot CLI 1.0.48.");
-      expect(result.rawStdout).toBe(
-        "GitHub Copilot CLI 1.0.48.\nRun 'copilot update' to check for updates.",
-      );
-    }
-  });
-
-  it("does not surface rawStdout when stdout is already single-line", async () => {
-    const result = await probeCopilotCliVersion({
-      spawnFn: () => makeFakeChild({ stdout: "1.2.3\n" }) as never,
-    });
-    expect(result.ok).toBe(true);
-    if (result.ok) {
-      expect(result.version).toBe("1.2.3");
-      expect(result.rawStdout).toBeUndefined();
-    }
-  });
-});
-
-describe("probeCopilotHomeWritable", () => {
-  it("reports ok when the directory exists and is writable, cleaning up after itself", async () => {
-    const home = await makeTempHome();
-    const result = await probeCopilotHomeWritable(home);
-    expect(result.ok).toBe(true);
-    if (result.ok) {
-      expect(result.copilotHome).toBe(home);
-      expect(result.probedPath.startsWith(home)).toBe(true);
-    }
-    const entries = await fs.readdir(home);
-    expect(entries).toEqual([]);
-  });
-
-  it("creates copilotHome if missing", async () => {
-    const root = await makeTempHome();
-    const home = path.join(root, "nested", "copilot-cfg");
-    const result = await probeCopilotHomeWritable(home);
-    expect(result.ok).toBe(true);
-    const stat = await fs.stat(home);
-    expect(stat.isDirectory()).toBe(true);
-  });
-
-  it("reports copilothome-not-writable when fs throws on mkdir", async () => {
-    const result = await probeCopilotHomeWritable("/some/path", {
-      fsApi: {
-        mkdir: vi.fn().mockRejectedValueOnce(new Error("EPERM: not permitted")),
-        writeFile: vi.fn(),
-        rm: vi.fn(),
-      } as never,
-    });
-    expect(result.ok).toBe(false);
-    if (!result.ok) {
-      expect(result.reason).toBe("copilothome-not-writable");
-      expect(result.details?.rawError).toContain("EPERM");
-    }
-  });
-
-  it("falls back to the platform default copilotHome when argument is empty or whitespace", async () => {
-    const writeFile = vi.fn().mockResolvedValue(undefined);
-    const result = await probeCopilotHomeWritable("   ", {
-      fsApi: {
-        mkdir: vi.fn().mockResolvedValue(undefined),
-        writeFile,
-        rm: vi.fn().mockResolvedValue(undefined),
-      } as never,
-    });
-    expect(result.ok).toBe(true);
-    if (result.ok) {
-      expect(result.copilotHome.length).toBeGreaterThan(0);
-      expect(result.copilotHome.toLowerCase()).toContain("copilot");
-    }
-  });
-});
-
-describe("probeCopilotAuthShape", () => {
-  it("resolves to useLoggedInUser when the flag is true", () => {
-    const result = probeCopilotAuthShape({ useLoggedInUser: true });
-    expect(result.ok).toBe(true);
-    if (result.ok) {
-      expect(result.resolvedMode).toBe("useLoggedInUser");
-    }
-  });
-
-  it("resolves to gitHubToken when a non-empty token is supplied", () => {
-    const result = probeCopilotAuthShape({ gitHubToken: "ghp_xxx" });
-    expect(result.ok).toBe(true);
-    if (result.ok) {
-      expect(result.resolvedMode).toBe("gitHubToken");
-    }
-  });
-
-  it("resolves to profile when both profileId and profileVersion are supplied", () => {
-    const result = probeCopilotAuthShape({ profileId: "p1", profileVersion: "v1" });
-    expect(result.ok).toBe(true);
-    if (result.ok) {
-      expect(result.resolvedMode).toBe("profile");
-    }
-  });
-
-  it("rejects when no auth source is provided", () => {
-    const result = probeCopilotAuthShape({});
-    expect(result.ok).toBe(false);
-    if (!result.ok) {
-      expect(result.reason).toBe("no-auth-source");
-    }
-  });
-
-  it("rejects when only one of profileId / profileVersion is provided", () => {
-    expect(probeCopilotAuthShape({ profileId: "p1" }).ok).toBe(false);
-    expect(probeCopilotAuthShape({ profileVersion: "v1" }).ok).toBe(false);
-  });
-
-  it("rejects useLoggedInUser:false on its own", () => {
-    const result = probeCopilotAuthShape({ useLoggedInUser: false });
-    expect(result.ok).toBe(false);
-  });
-
-  it("rejects an empty gitHubToken string", () => {
-    const result = probeCopilotAuthShape({ gitHubToken: "" });
-    expect(result.ok).toBe(false);
-  });
-});

extensions/copilot/src/doctor-probes.ts

@@ -1,260 +0,0 @@
-/**
- * Runtime doctor probes for the copilot extension.
- *
- * Imperative side-effecting checks used to diagnose a copilot
- * deployment from within `openclaw doctor` (or any equivalent
- * harness-side health check). Kept out of doctor-contract-api.ts
- * because that contract is declarative and auto-loaded by the
- * plugin registry, whereas these probes spawn subprocesses or
- * touch the filesystem and must be invoked imperatively.
- *
- * All probes are pure (no module-level state) and dependency-
- * injectable for tests. They never throw on a probe-negative
- * result — failure is surfaced via the `ok: false` shape so the
- * caller can render a structured doctor report.
- */
-
-import { spawn } from "node:child_process";
-import fs from "node:fs/promises";
-import os from "node:os";
-import path from "node:path";
-
-export type ProbeResult<TPayload extends object = Record<string, never>> =
-  | ({ ok: true } & TPayload)
-  | { ok: false; reason: string; details?: Record<string, unknown> };
-
-export interface ProbeCopilotCliVersionOptions {
-  /** Command to invoke; defaults to "copilot". */
-  command?: string;
-  /** Argv used to ask for version; defaults to ["--version"]. */
-  args?: readonly string[];
-  /** Timeout in milliseconds; defaults to 5_000. */
-  timeoutMs?: number;
-  /** Injection seam for testing. Defaults to node:child_process spawn. */
-  spawnFn?: typeof spawn;
-}
-
-export interface ProbeCopilotHomeOptions {
-  /** Injection seam for testing. */
-  fsApi?: Pick<typeof fs, "mkdir" | "writeFile" | "rm">;
-  /** Filename used for the writability probe. */
-  probeFileName?: string;
-}
-
-const DEFAULT_PROBE_TIMEOUT_MS = 5_000;
-const DEFAULT_PROBE_FILENAME = ".copilot-doctor-probe";
-
-/**
- * Probe that the Copilot CLI is installed and prints a version.
- * Treats non-zero exit, missing stdout, and timeout all as failures.
- */
-export async function probeCopilotCliVersion(
-  options: ProbeCopilotCliVersionOptions = {},
-): Promise<ProbeResult<{ version: string; command: string; rawStdout?: string }>> {
-  const command = options.command ?? "copilot";
-  const args = options.args ?? ["--version"];
-  const timeoutMs = options.timeoutMs ?? DEFAULT_PROBE_TIMEOUT_MS;
-  const spawnImpl = options.spawnFn ?? spawn;
-
-  return new Promise<ProbeResult<{ version: string; command: string; rawStdout?: string }>>(
-    (resolve) => {
-      let child: ReturnType<typeof spawn> | undefined;
-      let settled = false;
-      const settle = (
-        result: ProbeResult<{ version: string; command: string; rawStdout?: string }>,
-      ): void => {
-        if (settled) {
-          return;
-        }
-        settled = true;
-        if (timer) {
-          clearTimeout(timer);
-        }
-        try {
-          child?.kill();
-        } catch {
-          // ignore double-kill / already-dead errors
-        }
-        resolve(result);
-      };
-
-      const timer = setTimeout(() => {
-        settle({
-          ok: false,
-          reason: "probe-timeout",
-          details: { command, args: [...args], timeoutMs },
-        });
-      }, timeoutMs);
-
-      try {
-        child = spawnImpl(command, [...args], { stdio: ["ignore", "pipe", "pipe"] });
-      } catch (error) {
-        settle({
-          ok: false,
-          reason: "spawn-failed",
-          details: { command, args: [...args], rawError: formatProbeError(error) },
-        });
-        return;
-      }
-
-      let stdout = "";
-      let stderr = "";
-      child.stdout?.on("data", (chunk: Buffer) => {
-        stdout += chunk.toString("utf8");
-      });
-      child.stderr?.on("data", (chunk: Buffer) => {
-        stderr += chunk.toString("utf8");
-      });
-      child.on("error", (error: Error) => {
-        settle({
-          ok: false,
-          reason: "spawn-error",
-          details: { command, args: [...args], rawError: error.message },
-        });
-      });
-      child.on("close", (code: number | null, signal: NodeJS.Signals | null) => {
-        if (code !== 0) {
-          settle({
-            ok: false,
-            reason: "non-zero-exit",
-            details: {
-              command,
-              args: [...args],
-              exitCode: code,
-              signal,
-              stderr: stderr.trim() || undefined,
-            },
-          });
-          return;
-        }
-        const rawStdout = stdout.trim();
-        if (!rawStdout) {
-          settle({
-            ok: false,
-            reason: "empty-version",
-            details: { command, args: [...args] },
-          });
-          return;
-        }
-        // Many version commands (notably the GitHub Copilot CLI's `copilot --version`)
-        // print a banner plus an "update available" hint on subsequent
-        // lines. Surface only the first non-empty line as `version` so the
-        // doctor UI gets a clean string; keep the full stdout in
-        // `rawStdout` for debugging.
-        const version = firstNonEmptyLine(rawStdout) ?? rawStdout;
-        const payload: { version: string; command: string; rawStdout?: string } = {
-          version,
-          command,
-        };
-        if (rawStdout !== version) {
-          payload.rawStdout = rawStdout;
-        }
-        settle({ ok: true, ...payload });
-      });
-    },
-  );
-}
-
-function firstNonEmptyLine(value: string): string | undefined {
-  for (const line of value.split(/\r?\n/)) {
-    const trimmed = line.trim();
-    if (trimmed.length > 0) {
-      return trimmed;
-    }
-  }
-  return undefined;
-}
-
-/**
- * Probe that copilotHome (or default ~/.config/copilot) is writable
- * by the running user. Mirrors the existing auth-bridge's expectation
- * that the SDK can persist credentials under copilotHome.
- */
-export async function probeCopilotHomeWritable(
-  copilotHome: string | undefined,
-  options: ProbeCopilotHomeOptions = {},
-): Promise<ProbeResult<{ copilotHome: string; probedPath: string }>> {
-  const fsApi = options.fsApi ?? fs;
-  const probeFileName = options.probeFileName ?? DEFAULT_PROBE_FILENAME;
-  const resolvedHome =
-    typeof copilotHome === "string" && copilotHome.trim().length > 0
-      ? copilotHome.trim()
-      : defaultCopilotHome();
-  const probedPath = path.join(resolvedHome, probeFileName);
-
-  try {
-    await fsApi.mkdir(resolvedHome, { recursive: true });
-    await fsApi.writeFile(probedPath, "copilot-doctor-probe", "utf8");
-    await fsApi.rm(probedPath, { force: true });
-    return { ok: true, copilotHome: resolvedHome, probedPath };
-  } catch (error) {
-    return {
-      ok: false,
-      reason: "copilothome-not-writable",
-      details: {
-        copilotHome: resolvedHome,
-        probedPath,
-        rawError: formatProbeError(error),
-      },
-    };
-  }
-}
-
-/**
- * Probe GitHub Copilot agent runtime auth resolution given a useLoggedInUser hint.
- * Validates that at least one of {useLoggedInUser, gitHubToken,
- * profileId+profileVersion} is set. This is intentionally a
- * shape-only probe: actually performing an SDK auth handshake
- * would require a pool and is out of scope for `openclaw doctor`.
- */
-export function probeCopilotAuthShape(input: {
-  useLoggedInUser?: boolean;
-  gitHubToken?: string;
-  profileId?: string;
-  profileVersion?: string;
-}): ProbeResult<{ resolvedMode: "useLoggedInUser" | "gitHubToken" | "profile" }> {
-  if (input.useLoggedInUser === true) {
-    return { ok: true, resolvedMode: "useLoggedInUser" };
-  }
-  if (typeof input.gitHubToken === "string" && input.gitHubToken.length > 0) {
-    return { ok: true, resolvedMode: "gitHubToken" };
-  }
-  if (
-    typeof input.profileId === "string" &&
-    input.profileId.length > 0 &&
-    typeof input.profileVersion === "string" &&
-    input.profileVersion.length > 0
-  ) {
-    return { ok: true, resolvedMode: "profile" };
-  }
-  return {
-    ok: false,
-    reason: "no-auth-source",
-    details: {
-      hint: "Set useLoggedInUser:true, or gitHubToken, or both profileId+profileVersion",
-    },
-  };
-}
-
-function defaultCopilotHome(): string {
-  // Mirrors the SDK convention; auth-bridge uses the same default.
-  if (process.platform === "win32") {
-    return path.join(process.env.APPDATA ?? os.homedir(), "copilot");
-  }
-  const xdg = process.env.XDG_CONFIG_HOME;
-  if (xdg && xdg.length > 0) {
-    return path.join(xdg, "copilot");
-  }
-  return path.join(os.homedir(), ".config", "copilot");
-}
-
-function formatProbeError(error: unknown): string {
-  if (error instanceof Error) {
-    return error.message;
-  }
-  try {
-    return JSON.stringify(error);
-  } catch {
-    return String(error);
-  }
-}

extensions/deepgram/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openclaw/deepgram-provider",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "private": true,
   "description": "OpenClaw Deepgram media-understanding provider",
   "type": "module",

extensions/deepinfra/npm-shrinkwrap.json

@@ -1,12 +1,12 @@
 {
   "name": "@openclaw/deepinfra-provider",
-  "version": "2026.6.10",
+  "version": "2026.6.9",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@openclaw/deepinfra-provider",
-      "version": "2026.6.10"
+      "version": "2026.6.9"
     }
   }
 }