fix(search): redact native web search provider context

eleqtrizit · eleqtrizit · commit 89d23b37803f · 2026-06-09T23:03:40.000Z
diff --git a/docs/.generated/plugin-sdk-api-baseline.sha256 b/docs/.generated/plugin-sdk-api-baseline.sha256
@@ -1,2 +1,2 @@
-b15dd03c86dcd1d069c6987f2e158aeaa5d32611dac9eb640b8b1d7e2c6a560e  plugin-sdk-api-baseline.json
-1e184dcbe980490f42bad6f44b4ce5a26b597e1c137fc00433031847829d5c3f  plugin-sdk-api-baseline.jsonl
+424f72310250c242a3157994c45f7319370c1bf99014a13ee5f86cc811f43dd4  plugin-sdk-api-baseline.json
+87e786df92be36c22a7b392162c9fa39b634094d15aec4736d8b65be8d7cfd9c  plugin-sdk-api-baseline.jsonl
diff --git a/extensions/openai/native-web-search.ts b/extensions/openai/native-web-search.ts
@@ -3,15 +3,10 @@ import type { StreamFn } from "openclaw/plugin-sdk/agent-core";
 import type { OpenClawConfig } from "openclaw/plugin-sdk/config-contracts";
 import { streamSimple } from "openclaw/plugin-sdk/llm";
 import { normalizeProviderId } from "openclaw/plugin-sdk/provider-model-shared";
-import { isProviderNativeWebSearchAllowedByToolPolicy } from "openclaw/plugin-sdk/provider-stream-family";
 import { streamWithPayloadPatch } from "openclaw/plugin-sdk/provider-stream-shared";
 import { isRecord } from "openclaw/plugin-sdk/string-coerce-runtime";
 import { isOpenAIApiBaseUrl } from "./base-url.js";
 
-type NativeWebSearchPolicyContext = Parameters<
-  typeof isProviderNativeWebSearchAllowedByToolPolicy
->[0]["nativeWebSearchPolicyContext"];
-
 const OPENAI_WEB_SEARCH_TOOL = { type: "web_search" } as const;
 
 type OpenAINativeWebSearchPatchResult =
@@ -95,22 +90,15 @@ export function createOpenAINativeWebSearchWrapper(
   params: {
     config?: OpenClawConfig;
     agentId?: string;
-    nativeWebSearchPolicyContext?: NativeWebSearchPolicyContext;
+    nativeWebSearchAllowedByToolPolicy?: boolean;
   },
 ): StreamFn {
   const underlying = baseStreamFn ?? streamSimple;
   return (model, context, options) => {
     if (!shouldEnableOpenAINativeWebSearch({ config: params.config, model })) {
       return underlying(model, context, options);
     }
-    if (
-      !isProviderNativeWebSearchAllowedByToolPolicy({
-        config: params.config,
-        model,
-        agentId: params.agentId,
-        nativeWebSearchPolicyContext: params.nativeWebSearchPolicyContext,
-      })
-    ) {
+    if (params.nativeWebSearchAllowedByToolPolicy === false) {
       return underlying(model, context, options);
     }
     return streamWithPayloadPatch(underlying, model, context, options, (payload) => {
diff --git a/extensions/openai/openai-provider.test.ts b/extensions/openai/openai-provider.test.ts
@@ -82,7 +82,7 @@ function runWrappedPayloadCase(params: {
   extraParams?: Record<string, unknown>;
   cfg?: Record<string, unknown>;
   agentId?: string;
-  nativeWebSearchPolicyContext?: unknown;
+  nativeWebSearchAllowedByToolPolicy?: boolean;
   payload?: Record<string, unknown>;
 }) {
   const payload = params.payload ?? { store: false };
@@ -100,7 +100,7 @@ function runWrappedPayloadCase(params: {
     config: params.cfg as never,
     agentDir: "/tmp/openai-provider-test",
     agentId: params.agentId,
-    nativeWebSearchPolicyContext: params.nativeWebSearchPolicyContext,
+    nativeWebSearchAllowedByToolPolicy: params.nativeWebSearchAllowedByToolPolicy,
     streamFn: baseStreamFn,
   } as never);
 
@@ -1236,6 +1236,7 @@ describe("buildOpenAIProvider", () => {
       provider: "openai",
       modelId: "gpt-5.4",
       agentId: "main",
+      nativeWebSearchAllowedByToolPolicy: false,
       cfg: {
         agents: {
           list: [
diff --git a/extensions/openai/shared.ts b/extensions/openai/shared.ts
@@ -89,7 +89,7 @@ const wrapOpenAIResponsesProviderStreamFn: NonNullable<
   createOpenAINativeWebSearchWrapper(wrapOpenAIResponsesStreamFn?.(ctx) ?? ctx.streamFn, {
     config: ctx.config,
     agentId: ctx.agentId,
-    nativeWebSearchPolicyContext: ctx.nativeWebSearchPolicyContext,
+    nativeWebSearchAllowedByToolPolicy: ctx.nativeWebSearchAllowedByToolPolicy,
   });
 
 export function buildOpenAIResponsesProviderHooks(options?: {
diff --git a/src/agents/embedded-agent-runner-extraparams.test.ts b/src/agents/embedded-agent-runner-extraparams.test.ts
@@ -469,7 +469,7 @@ function createTestOpenAIProviderWrapper(
     config: params.context.config,
     agentDir: params.context.agentDir,
     agentId: params.context.agentId,
-    ...params.context.nativeWebSearchPolicyContext,
+    nativeWebSearchAllowedByToolPolicy: params.context.nativeWebSearchAllowedByToolPolicy,
   });
   streamFn = createOpenAIStringContentWrapper(streamFn);
   streamFn = createOpenAICompletionsStrictMessageKeysWrapper(streamFn);
@@ -563,20 +563,8 @@ describe("applyExtraParamsToAgent", () => {
 
     expect(capturedContext?.agentDir).toBe("/tmp/openclaw-agent");
     expect(capturedContext?.workspaceDir).toBe("/tmp/openclaw-workspace");
-    expect(capturedContext?.nativeWebSearchPolicyContext).toEqual({
-      sessionKey: "agent:cass:main",
-      sandboxToolPolicy: { deny: ["group:web"] },
-      messageProvider: "teams",
-      agentAccountId: "acct-1",
-      groupId: "group-1",
-      groupChannel: "General",
-      groupSpace: "space-1",
-      spawnedBy: "agent:cass:main",
-      senderId: "alice",
-      senderName: "Alice",
-      senderUsername: "alice-user",
-      senderE164: "+15551234567",
-    });
+    expect(capturedContext?.nativeWebSearchAllowedByToolPolicy).toBe(false);
+    expect("nativeWebSearchPolicyContext" in (capturedContext ?? {})).toBe(false);
   });
 
   function runResponsesPayloadMutationCase(params: {
diff --git a/src/agents/embedded-agent-runner/extra-params.ts b/src/agents/embedded-agent-runner/extra-params.ts
@@ -1,3 +1,7 @@
+import {
+  type NativeWebSearchToolPolicyParams,
+  isNativeWebSearchAllowedByToolPolicy,
+} from "../../agents/codex-native-web-search-core.js";
 /**
  * Resolves model extra parameters and transport overrides for embedded agents.
  */
@@ -30,7 +34,6 @@ import {
   wrapProviderStreamFn as wrapProviderStreamFnRuntime,
 } from "../../plugins/provider-hook-runtime.js";
 import type { ProviderRuntimeModel } from "../../plugins/provider-runtime-model.types.js";
-import type { ProviderNativeWebSearchPolicyContext } from "../../plugins/types.js";
 import { canonicalizeMaxTokensParam, resolveMaxTokensParam } from "../model-max-tokens-params.js";
 import { legacyModelKey, modelKey } from "../model-selection-normalize.js";
 import { supportsGptParallelToolCallsPayload } from "../provider-api-families.js";
@@ -1046,7 +1049,7 @@ export function applyExtraParamsToAgent(
   resolvedTransport?: SupportedTransport,
   options?: {
     preparedExtraParams?: Record<string, unknown>;
-    nativeWebSearchPolicyContext?: ProviderNativeWebSearchPolicyContext;
+    nativeWebSearchPolicyContext?: NativeWebSearchToolPolicyParams;
   },
 ): { effectiveExtraParams: Record<string, unknown> } {
   const resolvedExtraParams = resolveExtraParams({
@@ -1093,6 +1096,15 @@ export function applyExtraParamsToAgent(
   };
 
   const providerStreamBase = agent.streamFn;
+  const nativeWebSearchAllowedByToolPolicy = options?.nativeWebSearchPolicyContext
+    ? isNativeWebSearchAllowedByToolPolicy({
+        config: cfg,
+        modelProvider: model?.provider,
+        modelId: model?.id,
+        agentId,
+        ...options.nativeWebSearchPolicyContext,
+      })
+    : undefined;
   const pluginWrappedStreamFn = providerRuntimeDeps.wrapProviderStreamFn({
     provider,
     config: cfg,
@@ -1101,7 +1113,7 @@ export function applyExtraParamsToAgent(
       agentDir,
       workspaceDir,
       agentId,
-      nativeWebSearchPolicyContext: options?.nativeWebSearchPolicyContext,
+      nativeWebSearchAllowedByToolPolicy,
       provider,
       modelId,
       extraParams: effectiveExtraParams,
diff --git a/src/llm/providers/stream-wrappers/openai.ts b/src/llm/providers/stream-wrappers/openai.ts
@@ -630,6 +630,7 @@ export function createCodexNativeWebSearchWrapper(
     senderName?: string | null;
     senderUsername?: string | null;
     senderE164?: string | null;
+    nativeWebSearchAllowedByToolPolicy?: boolean;
     codeModeToolSurfaceEnabled?: boolean;
   },
 ): StreamFn {
@@ -663,6 +664,15 @@ export function createCodexNativeWebSearchWrapper(
       return underlying(model, context, codeModeOptions);
     }
 
+    if (params.nativeWebSearchAllowedByToolPolicy === false) {
+      log.debug(
+        `skipping Codex native web search (tool_policy_denied) for ${
+          model.provider ?? "unknown"
+        }/${model.id ?? "unknown"}`,
+      );
+      return underlying(model, context, options);
+    }
+
     const activation = resolveCodexNativeSearchActivation({
       config: params.config,
       modelProvider: readStringValue(model.provider),
diff --git a/src/plugin-sdk/provider-stream.ts b/src/plugin-sdk/provider-stream.ts
@@ -1,7 +1,4 @@
 // Provider stream helpers expose shared wrapper families and payload transforms for provider plugins.
-import { readStringValue } from "@openclaw/normalization-core/string-coerce";
-import { isNativeWebSearchAllowedByToolPolicy } from "../agents/codex-native-web-search-core.js";
-import type { OpenClawConfig } from "../config/types.openclaw.js";
 import { createGoogleThinkingPayloadWrapper } from "../llm/providers/stream-wrappers/google.js";
 import { createMinimaxFastModeWrapper } from "../llm/providers/stream-wrappers/minimax.js";
 import { resolveMoonshotThinkingKeep } from "../llm/providers/stream-wrappers/moonshot-thinking.js";
@@ -24,7 +21,7 @@ import {
   createOpenRouterWrapper,
   isProxyReasoningUnsupported,
 } from "../llm/providers/stream-wrappers/proxy.js";
-import type { ProviderNativeWebSearchPolicyContext, ProviderPlugin } from "../plugins/types.js";
+import type { ProviderPlugin } from "../plugins/types.js";
 import type { ProviderWrapStreamFnContext } from "./plugin-entry.js";
 import {
   createMoonshotThinkingWrapper,
@@ -68,21 +65,6 @@ export type ProviderStreamFamily =
 
 type ProviderStreamFamilyHooks = Pick<ProviderPlugin, "wrapStreamFn">;
 
-export function isProviderNativeWebSearchAllowedByToolPolicy(params: {
-  config?: OpenClawConfig;
-  model?: { id?: unknown; provider?: unknown };
-  agentId?: string;
-  nativeWebSearchPolicyContext?: ProviderNativeWebSearchPolicyContext;
-}): boolean {
-  return isNativeWebSearchAllowedByToolPolicy({
-    config: params.config,
-    modelProvider: readStringValue(params.model?.provider),
-    modelId: readStringValue(params.model?.id),
-    agentId: params.agentId,
-    ...params.nativeWebSearchPolicyContext,
-  });
-}
-
 /** Builds provider hook objects for one supported stream-wrapper family. */
 export function buildProviderStreamFamilyHooks(
   /**
@@ -149,7 +131,7 @@ export function buildProviderStreamFamilyHooks(
             config: ctx.config,
             agentDir: ctx.agentDir,
             agentId: ctx.agentId,
-            ...ctx.nativeWebSearchPolicyContext,
+            nativeWebSearchAllowedByToolPolicy: ctx.nativeWebSearchAllowedByToolPolicy,
           });
           nextStreamFn = createOpenAIStringContentWrapper(nextStreamFn);
           return createOpenAIResponsesContextManagementWrapper(
diff --git a/src/plugins/types.ts b/src/plugins/types.ts
@@ -696,21 +696,6 @@ export type ProviderAuthDoctorHintContext = {
   profileId?: string;
 };
 
-export type ProviderNativeWebSearchPolicyContext = {
-  sessionKey?: string;
-  sandboxToolPolicy?: { allow?: string[]; deny?: string[] };
-  messageProvider?: string;
-  agentAccountId?: string | null;
-  groupId?: string | null;
-  groupChannel?: string | null;
-  groupSpace?: string | null;
-  spawnedBy?: string | null;
-  senderId?: string | null;
-  senderName?: string | null;
-  senderUsername?: string | null;
-  senderE164?: string | null;
-};
-
 /**
  * Provider-owned extra-param normalization before OpenClaw builds its generic
  * stream option wrapper.
@@ -723,7 +708,7 @@ export type ProviderPrepareExtraParamsContext = {
   agentDir?: string;
   workspaceDir?: string;
   agentId?: string;
-  nativeWebSearchPolicyContext?: ProviderNativeWebSearchPolicyContext;
+  nativeWebSearchAllowedByToolPolicy?: boolean;
   provider: string;
   modelId: string;
   model?: ProviderRuntimeModel;
