Issue Station
Sign In
Tools hereToolbox

openclaw - 💡(How to fix) Fix delivery-recovery: post-approval follow-up dumps raw internal handler source to channel (related to #72184) [2 comments, 3 participants]

Official PRs (…)
ON THIS PAGE

Recommended Tools

×6

Utilities matched from this issue’s tags and category — try them while you read without losing context.

GitHub issue graph ai analysis

Paste a GitHub issue URL. We fetch that issue, discover linked issues from bodies/comments/timeline, collect linked pull requests, and produce a structured English report.

The report is written in English Markdown for sharing and archival.

Helpful · Quick feedback

Loading…
GitHub stats
openclaw/openclaw#74283Fetched 2026-04-30 06:26:10
View on GitHub
Comments
2
Participants
3
Timeline
4
Reactions
2
Author
xonamanxonaman
Participants
clawsweeper[bot]clawsweeper[bot]martingarramonmartingarramonxonamanxonaman
Timeline (top)
commented ×2cross-referenced ×2

Root Cause

Filing fresh because #72184 is locked.

Fix Action

Fix / Workaround

Same symptom family as #72184 (closed Apr 27 as fixed in v2026.4.24), but a different code path that the previous fix does not cover. The v2026.4.24 fix was scoped to config.patch/config.apply restart sentinels only; this manifestation is in the /approve post-approval follow-up delivery hop.

RAW_BUFFERClick to expand / collapse

Same symptom family as #72184 (closed Apr 27 as fixed in v2026.4.24), but a different code path that the previous fix does not cover. The v2026.4.24 fix was scoped to config.patch/config.apply restart sentinels only; this manifestation is in the /approve post-approval follow-up delivery hop.

Filing fresh because #72184 is locked.

Today's reproductions (3x in main session)

Time (UTC)TriggerTelegram message body
08:31exec with node -e requiring /approveAutomatic session resume failed, so sending the status directly.\n\nError: ENOTDIR: not a directory, mkdir '/dev/null/x/y'
10:39exec with sed inline-eval requiring /approveAutomatic session resume failed, so sending the status directly.\n\nrams.resultText.trim(); if (!resultText) return false; ... (raw JS from internal handler)
10:41exec with awk inline-eval requiring /approveAutomatic session resume failed, so sending the status directly.\n\nl); const sessionOnlyOriginChannel = ... (raw JS from internal handler)

In each case the body after the \n\n prefix is a verbatim slice of internal post-approval handler source / local variable serialization, not the agent's intended reply.

Code path

Installed package: [email protected] at ~/.npm-global/lib/node_modules/openclaw/dist/bash-tools-MqL7r1OX.js

  • L215: literal prefix string "Automatic session resume failed, so sending the status directly.\n\n"
  • Same file (~L240–260): sendDirectFollowupFallback is invoked when callGatewayTool("agent", ...) for session resume throws (sessionError).
  • The fallback emits resultText after the prefix. On the failure branch, resultText contains internal handler local-state strings (looks like raw JS source from the same module), not the agent's intended chat reply.

Why the v2026.4.24 fix doesn't cover this

The Apr 27 close (Codex auto-review) verified the gateway-restart → delivery-recovery path is fixed. None of those fixes touch the approval-completion → session-resume → fallback path, which uses sendDirectFollowupFallback, not buildRecoveryDeliverParams.

Suggested fix

Two layers:

  1. Hard guardrail in sendDirectFollowupFallback: validate that resultText looks like a real agent reply before emitting. Drop if it contains JS-source-like patterns or didn't originate from a verified agent reply payload. Replace with a generic "Reply unavailable, see gateway logs" stub when sanity-check fails.
  2. Root cause: the upstream handler is populating resultText with internal serialized state when the session-resume call throws. The fallback is just the messenger — fix the producer so resultText is either the agent reply or empty.

Environment

  • OpenClaw: 2026.4.22
  • Channel: telegram (direct DM)
  • Triggered by: every exec requiring /approve for inline-eval (sed/awk/node -e)
  • Repro reliability: 100% (3/3 today)

Related

  • #72184 (locked, closed prematurely — same symptom, narrower code path)

extent analysis

TL;DR

Implement a hard guardrail in sendDirectFollowupFallback to validate resultText before emitting and address the root cause of resultText being populated with internal serialized state.

Guidance

  • Validate resultText in sendDirectFollowupFallback to ensure it does not contain JS-source-like patterns and originates from a verified agent reply payload.
  • Replace invalid resultText with a generic "Reply unavailable, see gateway logs" stub.
  • Investigate why the upstream handler is populating resultText with internal serialized state when the session-resume call throws and fix the producer to set resultText to either the agent reply or empty.
  • Review the differences between the code path fixed in v2026.4.24 and the current code path to understand why the previous fix does not apply.

Example

No code snippet is provided as the issue does not contain sufficient information to create a specific example.

Notes

The provided information suggests that the issue is related to the sendDirectFollowupFallback function and the handling of resultText. However, without more context or code, it is difficult to provide a complete solution.

Recommendation

Apply a workaround by implementing the suggested hard guardrail in sendDirectFollowupFallback to prevent emitting invalid resultText until the root cause can be addressed.

Vote matrix · Quick signals

Works
Did the solution work? Tap to confirm.
Easy Fix
Was it a quick fix?
Time Saver
Did it save you time?
Blocking
Was it severely blocking?
Common Issue
Are others likely hitting this too?
Flaky / Intermittent
Is it intermittent?
Verified / Reproducible
Can you reproduce it reliably?
Loading…
#API routing#API middleware#SSR setup#ISR setup#authentication setup

Still need to ship something?

×6

Another batch ranked right after the header list — different links, same matching logic.

Back to top recommendations

TRENDING