openclaw - 💡(How to fix) Fix Stop openai.com Codex runtime creep: respect explicit PI config [1 pull requests]

Summary

OpenClaw should not silently migrate users from the OpenClaw/PI runtime to OpenAI's Codex runtime/app-server path.

This is especially important after Peter's public commitment:

"tl;dr: I’m joining OpenAI to work on bringing agents to everyone. OpenClaw will move to a foundation and stay open and independent." https://steipete.me/posts/2026/openclaw

That promise is hard to square with doctor --fix / update flows that rewrite working PI/OpenClaw setups into OpenAI's Codex-backed runtime paths, then complain when users explicitly opt out.

Current problem

Even after explicitly configuring OpenAI models to use PI:

{
  "models": {
    "providers": {
      "openai": {
        "agentRuntime": { "id": "pi" }
      }
    }
  },
  "plugins": {
    "entries": {
      "codex": { "enabled": false }
    }
  }
}

OpenClaw still emits warnings like:

Config warnings
- plugins.entries.codex: plugin not installed: codex — install the official external plugin with:
  openclaw plugins install @openclaw/codex

Doctor warnings
- plugins.entries.codex: stale plugin reference "codex" was found.
- Run "openclaw doctor --fix" to remove stale plugin ids and dangling channel references.

This is wrong if the user intentionally configured PI and intentionally disabled OpenAI's Codex runtime/plugin.

Why this matters

OpenAI's Codex runtime/app-server is not a harmless implementation detail.

Users report concrete problems around it:

• Codex harness loads its own native skills/tools.
• Those tools can conflict with existing OpenClaw skills/hooks.
• It is not obvious how to disable or uninstall those native tools.
• Codex runtime may independently introduce behavior changes outside OpenClaw's normal control surface.
• It adds an opaque external agent runtime/client component into an open-source project where users expect OpenClaw to remain the primary loop.

This should be opt-in, not silently pushed by doctor/update/config repair.

Existing related issues

This is not theoretical. There are already many related reports:

• #84038 — doctor --fix silently migrates intentional openai-codex/ config to openai/, breaking PI+OAuth runtime and causing token inflation
• #84175 — doctor --fix migrates working openai-codex + PI setup to Codex runtime
• #80628 — doctor/update can silently rewrite openai-codex routes; update should fail closed on protected-route drift
• #88644 — doctor --fix breaks Codex model routing by rewriting openai-codex/ to openai/
• #84637 — Codex runtime/harness too easy to confuse with model fallbacks
• #84032 — model picker should distinguish provider/auth route from agent runtime
• #86996 — Active Memory + Codex app-server causes latency, hook timeouts, startup aborts, and event-loop stalls
• #86103 — TUI/Web turns remain “In progress” with Runtime: OpenAI Codex after successful OAuth
• #84393 — Codex runtime silently injects coding-agent base prompt into operational agents
• #86087 — Codex harness fails due to removed plugin-sdk export
• #84662 — Codex app-server stores per-turn OpenClaw runtime context in native user history, causing runaway input growth
• #85551 — openai/gpt-5.5-pro unreachable when openai-codex OAuth profile is present, even with agentRuntime.id: "pi"

This is almost certainly underreported: many users will just see broken config/runtime behavior and never file an issue.

OpenClaw docs are currently complete spaghetti

The OpenClaw OpenAI provider docs are here:

https://docs.openclaw.ai/providers/openai

The page mixes several meanings of “Codex”:

• provider/auth route
• legacy model prefix
• plugin
• runtime
• app-server
• chat command set
• ACP route

The page says OpenClaw uses one provider id, openai, for multiple auth shapes, while also saying agent turns run through Codex by default and legacy Codex refs are repaired by doctor.

That may be internally intended, but externally it reads as provider/runtime/auth conflation. The current naming makes it very hard for users to understand how to keep OpenClaw/PI as the actual agent loop.

Do not repeat the Anthropic path

OpenClaw should not gradually become a thin wrapper around one vendor's agent runtime.

OpenAI's Codex can be a supported runtime. It should not become a silently enforced backend for users who explicitly chose PI/OpenClaw.

Required fix

At minimum:

1. If the user explicitly configures agentRuntime.id: "pi" for provider/model policy, OpenClaw must respect it everywhere.
2. doctor --fix and openclaw update must not rewrite that into Codex runtime.
3. Doctor must not warn that Codex plugin is missing/stale when the effective model policy explicitly chooses PI and Codex is intentionally disabled.
4. Session-store repair must not remove explicit PI pins unless it can prove equivalent provider/model policy is active.
5. Docs must clearly separate:
   • provider
   • auth profile
   • model ref
   • runtime
   • plugin
   • ACP route

Acceptance criteria for ClawSweeper

• A config with openai/* + agentRuntime.id: "pi" and plugins.entries.codex.enabled=false produces no “install Codex plugin” warning.
• openclaw doctor --fix does not enable Codex, install Codex, or rewrite PI runtime policy to Codex.
• openclaw update does not silently change effective runtime from PI to Codex.
• openclaw sessions --json reports runtime metadata consistent with the explicit PI policy.
• Tests cover provider/model policy, session-store repair, and doctor/update behavior.

OpenAI's Codex runtime is fine as an opt-in. Silently migrating explicit PI users to it is not.