openclaw - 💡(How to fix) Fix [Bug]: image/video provider inventory leaks into Discord group channels as visible tool output [1 comments, 2 participants]

Summary

image_generate / video_generate provider inventory output can be delivered into Discord group channels as user-visible tool output, leaking internal provider/model/configured/auth-hint information.

This is not an API-key leak, but it exposes operator environment details that should stay internal, especially on group surfaces.

Affected versions

Confirmed by inspecting npm package dist:

• 2026.4.24: affected
• 2026.4.27: affected
• 2026.4.29-beta.1: affected

The behavior appears to have been introduced in 2026.4.5 by commit 932194b (feat(video): add provider support and discord fallback), which added compact provider inventory emission for image_generate / video_generate.

Environment where observed

• OpenClaw app: 2026.4.24
• Channel: Discord
• Surface: group/channel
• Tool profile: full/coding-capable agent with image_generate

Repro

1. In a Discord channel, ask the agent to perform an image generation/editing task where it decides to inspect available image-generation providers first.
2. The agent calls:
   • image_generate with action: "list"
3. The provider inventory output is posted into Discord as visible text, e.g. lines containing:
   • provider ids
   • model names
   • configured: yes/no
   • auth hints such as required env var names
   • capabilities / supported sizes / aspect ratios

Expected

Provider inventory should be available to the agent internally, but it should not be emitted to external chat surfaces by default.

For group channels, this kind of runtime/environment inventory should be treated as diagnostic/internal data unless the operator explicitly asks to display it.

Actual

The compact provider inventory is emitted to Discord as user-visible tool output.

Code pointer

Current dist/source contains this logic in src/agents/pi-embedded-subscribe.handlers.tools.ts:

const COMPACT_PROVIDER_INVENTORY_TOOLS = new Set(["image_generate", "video_generate"]);

function shouldEmitCompactToolOutput(params: {
  toolName: string;
  result: unknown;
  outputText?: string;
}): boolean {
  if (!COMPACT_PROVIDER_INVENTORY_TOOLS.has(params.toolName)) {
    return false;
  }
  if (!hasProviderInventoryDetails(params.result)) {
    return false;
  }
  return Boolean(params.outputText?.trim());
}

Then tool output emission uses:

ctx.shouldEmitToolOutput() || shouldEmitCompactToolOutput({ toolName, result, outputText })

So provider inventory can bypass the normal tool-output visibility decision.

Why this matters

This is similar in class to previous group-surface internal trace leaks such as #70912, though the data here is provider inventory rather than Working… tool traces.

Impact:

• Reveals which providers/models are installed or configured.
• Reveals auth mechanism hints / env var names.
• Creates noisy, surprising messages in group channels.
• Makes operators less likely to trust media-generation tools in shared spaces.

Suggested fix direction

Prefer not to emit compact provider inventory to external chat surfaces by default.

Possible approaches:

1. Remove image_generate / video_generate from compact tool-output emission entirely.
2. Gate it on direct/private surfaces only.
3. Gate it on explicit verbose/debug mode only.
4. Redact provider inventory before external delivery, while keeping the full result in the agent/tool context.

The generated media delivery path should remain unchanged; only the action=list inventory output needs suppression or stricter gating.