Issue Station
Sign In
Tools hereToolbox

openclaw - ✅(Solved) Fix Gateway agent invocation blocked by session sendPolicy even when not delivering [1 pull requests, 1 comments, 2 participants]

Official PRs (…)
ON THIS PAGE

Recommended Tools

×6

Utilities matched from this issue’s tags and category — try them while you read without losing context.

GitHub issue graph ai analysis

Paste a GitHub issue URL. We fetch that issue, discover linked issues from bodies/comments/timeline, collect linked pull requests, and produce a structured English report.

The report is written in English Markdown for sharing and archival.

Helpful · Quick feedback

Loading…
GitHub stats
openclaw/openclaw#73381Fetched 2026-04-29 06:20:26
View on GitHub
Comments
1
Participants
2
Timeline
4
Reactions
0
Author
marcusglee11marcusglee11
Participants
clawsweeper[bot]clawsweeper[bot]marcusglee11marcusglee11
Timeline (top)
cross-referenced ×3commented ×1

Error Message

GatewayClientRequestError: send blocked by session policy

Fix Action

Fix / Workaround

Diagnostic Hotfix Tested Locally

Local diagnostic patch in the built bundle:

That removed the immediate policy rejection for non-delivery quick-agent calls. The patch is not durable: openclaw update --yes --tag 2026.4.25 refreshes the package and restores the bug.

PR fix notes

PR #73500: fix(gateway,agent): only enforce session sendPolicy=deny when delivering

Description (problem / solution / changelog)

Summary

Gates the gateway agent request handler's sendPolicy=deny rejection on request.deliver === true, mirroring the runtime gate already present in src/agents/agent-command.ts. Non-delivery agent invocations (quick-agent smoke checks, internal gateway agent calls without external delivery) no longer fail with send blocked by session policy; the deny check still fires for explicit delivery requests.

Root cause

src/gateway/server-methods/agent.ts called resolveSendPolicy(...) and rejected with INVALID_REQUEST before differentiating "deliver externally" from "execute internally". agent-command.ts already wrapped the same check in if (opts.deliver === true). The mismatch made session.sendPolicy=deny block runtime readiness checks even when no external send was requested.

Change

-      const sendPolicy = resolveSendPolicy({ ... });
-      if (sendPolicy === "deny") {
-        respond(false, undefined, errorShape(ErrorCodes.INVALID_REQUEST, "send blocked by session policy"));
-        return;
-      }
+      if (request.deliver === true) {
+        const sendPolicy = resolveSendPolicy({ ... });
+        if (sendPolicy === "deny") {
+          respond(false, undefined, errorShape(ErrorCodes.INVALID_REQUEST, "send blocked by session policy"));
+          return;
+        }
+      }

Outbound delivery remains gated; the change keeps the existing agent-command.ts deny path identical, so two-layer protection still applies for any deliver: true call.

Tests

src/gateway/server-methods/agent.test.ts:

  • New: allows non-delivery agent invocations even when sendPolicy is deny (#73381) — sets resolveSendPolicy to return "deny" and asserts agentCommand runs and no send blocked by session policy rejection is sent.
  • New: blocks delivery=true agent invocations when sendPolicy is deny (#73381) — same fixture but with deliver: true; asserts the rejection still fires and agentCommand is not called.

The existing resolveSendPolicy mock was promoted to a vi.fn that resets to "allow" between tests so deny-cases can be opted into per test.

Closes #73381.

Changed files

  • CHANGELOG.md (modified, +1/-0)
  • src/gateway/server-methods/agent.test.ts (modified, +42/-1)
  • src/gateway/server-methods/agent.ts (modified, +22/-14)

Code Example

GatewayClientRequestError: send blocked by session policy

---

systemctl --user stop openclaw-bus-watcher.service
pgrep -u "$USER" -ax openclaw-agent   # returned no rows
systemctl --user is-active openclaw-gateway.service  # active

---

openclaw health
openclaw gateway call chat.history --params '{"sessionKey":"agent:main:main","limit":1}' --timeout 60000 --json
openclaw gateway call sessions.list --timeout 60000 --json

---

openclaw agent --agent quick \
  --session-id canary_smoke_20260428T072250Z \
  --timeout 90 \
  --message 'smoke: reply with exactly OK'

---

errorCode=INVALID_REQUEST errorMessage=send blocked by session policy

---

[ws] ⇄ res ✗ agent 6ms errorCode=INVALID_REQUEST errorMessage=send blocked by session policy

---

- if (resolveSendPolicy({ ... }) === "deny") {
+ if (request.deliver === true && resolveSendPolicy({ ... }) === "deny") {

---

dist/server-plugin-bootstrap-*.js
agent gateway request handling around resolveSendPolicy(...)
RAW_BUFFERClick to expand / collapse

Bug Description

On OpenClaw 2026.4.25, a gateway agent request can be rejected with:

GatewayClientRequestError: send blocked by session policy

This happens for a non-delivery quick-agent smoke invocation, after a clean maintenance-window canary with no bus watcher and no local openclaw-agent processes running.

The behavior appears to conflate two different actions:

  • external delivery/send, where session.sendPolicy=deny should block outbound delivery; and
  • internal gateway agent invocation, where no external delivery is requested and the agent run should be allowed.

Steps to Reproduce

Environment:

  • OpenClaw: 2026.4.25 (aa36ee6)
  • OS: WSL2 Linux 6.6.87.2-microsoft-standard-WSL2
  • Node in OpenClaw package path: 25.2.1
  • Gateway: systemd user service on loopback port 18789
  • Default model: github-copilot/gpt-5-mini

Clean-room setup used before reproducing:

systemctl --user stop openclaw-bus-watcher.service
pgrep -u "$USER" -ax openclaw-agent   # returned no rows
systemctl --user is-active openclaw-gateway.service  # active

Direct gateway health/liveness checks passed:

openclaw health
openclaw gateway call chat.history --params '{"sessionKey":"agent:main:main","limit":1}' --timeout 60000 --json
openclaw gateway call sessions.list --timeout 60000 --json

Then run a fresh quick-agent smoke:

openclaw agent --agent quick \
  --session-id canary_smoke_20260428T072250Z \
  --timeout 90 \
  --message 'smoke: reply with exactly OK'

Expected Behavior

A non-delivery gateway agent invocation should not be blocked by outbound send policy.

session.sendPolicy=deny should block actual external delivery/send paths only, e.g. when the request is explicitly delivering externally.

Actual Behavior

Gateway rejects the agent request:

errorCode=INVALID_REQUEST errorMessage=send blocked by session policy

During the same clean canary window:

  • openclaw health: PASS
  • direct chat.history: PASS
  • direct sessions.list: PASS
  • fresh quick-agent invocation: FAIL
  • openclaw status: timeout/failure
  • openclaw doctor: failure

Relevant gateway log line:

[ws] ⇄ res ✗ agent 6ms errorCode=INVALID_REQUEST errorMessage=send blocked by session policy

Diagnostic Hotfix Tested Locally

In the installed package bundle, the gateway agent path checks send policy before differentiating whether the request is actually delivering externally.

Local diagnostic patch in the built bundle:

- if (resolveSendPolicy({ ... }) === "deny") {
+ if (request.deliver === true && resolveSendPolicy({ ... }) === "deny") {

That removed the immediate policy rejection for non-delivery quick-agent calls. The patch is not durable: openclaw update --yes --tag 2026.4.25 refreshes the package and restores the bug.

Likely source area from the npm bundle:

dist/server-plugin-bootstrap-*.js
agent gateway request handling around resolveSendPolicy(...)

Impact

This makes runtime readiness checks fail even when the gateway is alive and direct gateway methods pass. Operators see systemd active + health/direct calls OK, but user-facing CLI/agent/TUI readiness is broken.

This also caused an upgrade canary to fail in a clean maintenance window after watcher contamination was removed.

Related Issues

extent analysis

TL;DR

The issue can be fixed by modifying the gateway agent path to check the send policy only when the request is actually delivering externally.

Guidance

  • The problem seems to be caused by the gateway agent path checking the send policy before differentiating whether the request is delivering externally.
  • To verify, check the gateway log for the error message "send blocked by session policy" and confirm that the request is a non-delivery quick-agent invocation.
  • Apply the local diagnostic patch to the installed package bundle, which checks the request.deliver property before resolving the send policy.
  • Consider updating the dist/server-plugin-bootstrap-*.js file in the npm bundle to include the modified send policy check.

Example

- if (resolveSendPolicy({ ... }) === "deny") {
+ if (request.deliver === true && resolveSendPolicy({ ... }) === "deny") {

Notes

The provided diagnostic patch is not durable and will be overwritten by an openclaw update. A more permanent solution would require updating the underlying code in the npm bundle.

Recommendation

Apply the workaround by modifying the gateway agent path to check the send policy only when the request is actually delivering externally, as shown in the local diagnostic patch. This will allow non-delivery quick-agent invocations to proceed without being blocked by the send policy.

Vote matrix · Quick signals

Works
Did the solution work? Tap to confirm.
Easy Fix
Was it a quick fix?
Time Saver
Did it save you time?
Blocking
Was it severely blocking?
Common Issue
Are others likely hitting this too?
Flaky / Intermittent
Is it intermittent?
Verified / Reproducible
Can you reproduce it reliably?
Loading…
#GPU compatibility#latency issue#model loading#dependency error#request error

Still need to ship something?

×6

Another batch ranked right after the header list — different links, same matching logic.

Back to top recommendations

TRENDING

openclaw - ✅(Solved) Fix Gateway agent invocation blocked by session sendPolicy even when not delivering [1 pull requests, 1 comments, 2 participants]