openclaw - 💡(How to fix) Fix Native hook relay unavailable blocks post-image Codex shell/file operations on 2026.5.26

Summary

On a local Linux install running OpenClaw 2026.5.26, a Codex app-server session for agent main successfully generated images, but then failed every local shell/filesystem follow-up step because the native hook relay was unavailable.

The user-facing symptom looked like an image-generation blocker because the agent could not save, resize, validate, or commit generated PNGs into the target repo. The logs indicate the image provider/media path was healthy; the failing layer was the Codex native tool bridge used by local shell/file operations.

This may already be fixed by 2026.5.27 / #87272, but I am filing this as a focused Linux reproduction with concrete timestamps and session IDs before retesting latest.

Environment

• OpenClaw: 2026.5.26 (10ad3aa)
• @openclaw/codex: 2026.5.26
• @openai/codex: 0.134.0
• OS: Linux 7.0.10-arch1-1 x86_64
• Node: v24.11.1
• Gateway: user systemd service openclaw-gateway.service, active/running
• Gateway ExecStart: node .../openclaw/2026.5.26/.../node_modules/openclaw/dist/index.js gateway --port 18789
• Agent: main
• Codex model in session: gpt-5.5
• Codex cwd in failing session: /home/shb/.openclaw/workspace/main
• OpenAI/Codex auth: runtime auth reported usable; image-generation calls selected provider=openai-codex

Observed failure

At 2026-05-28 16:40:58 CEST, the main agent Codex logs recorded a native tool failure:

Command blocked by PreToolUse hook: Native hook relay unavailable. Command: git status --short --branch && git log --oneline -3 && git remote -v && find chrome-web-store -maxdepth 4 -type f -print 2>/dev/null | sort | xargs -r file

Log metadata:

• Session/thread id: 019e6f06-7db6-72a1-98e9-534c170f3f81
• Submission/turn id: 019e6f07-e092-7650-b105-af34eefde5e2
• Tool call id: call_HqA5Dk5vRGNIPE9QQWq1J08Y
• Target: codex_core::tools::router
• Tool: exec_command
• Source DB: ~/.openclaw/agents/main/agent/codex-home/logs_2.sqlite

The agent then surfaced this as:

blocker: local shell/file operations are failing with Native hook relay unavailable, so I can’t reliably save the generated PNGs into the repo, validate dimensions, or commit. Also the earlier image generation job did not produce a usable saved asset.

Image generation was successful

The same run had successful image-generation/media evidence:

• Gateway logged image-generation/openai auth selection at 16:38:01, 16:39:56, 16:40:35, 16:41:30, 16:43:00, and 16:44:31.
• Each selected provider=openai-codex mode=oauth transport=codex-responses requestedModel=gpt-image-2 responsesModel=gpt-5.5.
• Managed PNGs were produced under ~/.openclaw/media/tool-image-generation/.
• Telegram sendPhoto calls succeeded for the generated images with message ids 893, 895, 896, 897, 898, and 899.

Example generated managed-media files:

2026-05-28 16:39:17 1487593 linkedin-feedblocker-1-home-feed-blocked-source---4c6449fd-add1-4461-8eda-89d38d422156.png
2026-05-28 16:41:17 1460274 linkedin-feedblocker-2-popup-controls-source---e0568016-693f-440d-bb58-bbe9844e5f03.png
2026-05-28 16:41:52 1113573 linkedin-feedblocker-1-home-feed-blocked-source---081f4e11-3572-4b0f-8bb0-4970712d196b.png
2026-05-28 16:42:41 1498942 linkedin-feedblocker-3-my-network-blocked-source---044ef33e-c940-4128-a23a-dc558aa46b02.png
2026-05-28 16:44:18 1628987 linkedin-feedblocker-4-invitations-preserved-source---c39f47df-9724-46f5-a5d0-f246e41329a5.png
2026-05-28 16:47:00 1573378 linkedin-feedblocker-5-section-restore-source---a04d01c8-896f-4a27-b1bf-19f4d723d165.png

So the failure impact was specifically the post-generation local workflow:

• Could not inspect the worktree.
• Could not create/copy into chrome-web-store/screenshots.
• Could not resize/validate screenshots to the required dimensions.
• Could not commit generated assets.

Additional local state

After the failure, /tmp/openclaw-native-hook-relays-1000/ contained no relay record files at inspection time. This does not prove the bridge directory state at the exact failure instant, but it may help distinguish this from stale-record-only cases.

The target worktree existed but was unchanged:

/home/shb/Worktrees/zen-media/linkedin-feed-blocker-images
## tung/linkedin-feed-blocker-images

No chrome-web-store/ directory had been created there.

Related issues / PRs

• #87395 appears to track the broader 2026.5.26 native hook relay regression family.
• #87615 also reports intermittent Native hook relay unavailable blocking Codex native tool execution.
• #87536 may be related for bridge spawn/registration failures.
• #87272 was merged for native hook relay generation reuse/fallback behavior.
• #87563 is an open PR around pruning stale bridge files.

Current read

This looks like another 2026.5.26 native hook relay failure, not an OpenAI/Codex auth problem and not an image-generation provider failure.

If this is expected to be fixed in 2026.5.27, the next step is to upgrade this install and rerun a focused reproduction: generate an image, wait for managed media completion, then immediately perform native shell/file operations from the same agent session.