Bug: TUI displays injected message metadata ("Conversation info (untrusted metadata)") in chat history

[nhod]

Summary

The TUI renders raw stored session message content, which includes injected "Conversation info (untrusted metadata)" blocks prepended to every user message. These blocks are meant to be invisible AI context, not user-visible UI elements.

Root Cause

Message context injection (in pi-embedded-*.js) prepends metadata blocks directly to the message content before storage in the session JSONL:

Conversation info (untrusted metadata):
```json
{
  "message_id": "...",
  "sender": "gateway-client"
}
\```

\```

The TUI loads session history via `chat.history` and renders the raw stored content without stripping these injected blocks. There is no filtering/stripping logic in the TUI render path, and no config option to suppress the metadata injection.

## Reproduction

1. Open the TUI: `openclaw tui`
2. Send any message
3. The message appears in the TUI chat history prefixed with a `Conversation info (untrusted metadata):` JSON block

## Expected

Metadata injection blocks are invisible to the user in all UI surfaces.

## Actual

Every user message in the TUI is prefixed with:

Conversation info (untrusted metadata):

{ "message_id": "...", "sender": "..." }
\```

Workaround

None. Using Telegram or WhatsApp as the channel avoids the issue since those channel UIs render only the bot response, not the raw stored session content.

Suggested Fix

The TUI message renderer should strip known metadata injection prefixes before display. Alternatively, the injection should happen ephemerally at model-call time rather than being persisted to the session JSONL store.

Environment

• OS: macOS 26.3 (Sequoia), Apple Silicon
• OpenClaw: 2026.2.17
• Node: v25.6.1

[vincentkoc]

Keeping this issue open as canonical for this failure cluster.

Canonical fix: #22142

Folded duplicates:

• [Bug]: Conversation metadata visible to user in webchat and macOS app #21106
• Webchat displays message metadata JSON with each message after 2026.2.19-2 #22116
• webchat: Conversation metadata visible to users #22156
• [Bug] Webchat displays "Conversation info (untrusted metadata)" envelope visibly in chat UI #22202
• [Webchat] Hide inbound metadata envelope from message display #21030
• [Bug]: The metadata envelope (Conversation info (untrusted metadata) ...) is being rendered in the TUl and Mac app when it should be hidden. #19718
• [Bug]: Webchat UI renders raw metadata envelope in chat bubbles #20297
• fix(chat): strip inbound user context metadata from display messages #21121

[vincentkoc]

Status update for this failure cluster.

Canonical target PR stays open: #22142

Closed as duplicates against #22142:

• [Bug]: Conversation metadata visible to user in webchat and macOS app #21106 — "[Bug]: Conversation metadata visible to user in webchat and macOS app"
• Webchat displays message metadata JSON with each message after 2026.2.19-2 #22116 — "Webchat displays message metadata JSON with each message after 2026.2.19-2"
• webchat: Conversation metadata visible to users #22156 — "webchat: Conversation metadata visible to users"
• [Bug] Webchat displays "Conversation info (untrusted metadata)" envelope visibly in chat UI #22202 — "[Bug] Webchat displays "Conversation info (untrusted metadata)" envelope visibly in chat UI"
• [Webchat] Hide inbound metadata envelope from message display #21030 — "[Webchat] Hide inbound metadata envelope from message display"
• [Bug]: The metadata envelope (Conversation info (untrusted metadata) ...) is being rendered in the TUl and Mac app when it should be hidden. #19718 — "[Bug]: The metadata envelope (Conversation info (untrusted metadata) ...) is being rendered in the TUl and Mac app when it should be hidden."
• [Bug]: Webchat UI renders raw metadata envelope in chat bubbles #20297 — "[Bug]: Webchat UI renders raw metadata envelope in chat bubbles"
• fix(chat): strip inbound user context metadata from display messages #21121 — "fix(chat): strip inbound user context metadata from display messages"

No triage credit is requested. Merge-credit will be attributed to the canonical PR author: https://github.com/Mellowambience.

Edge-surface follow-ups (keep visible and re-evaluate after 22142 merge):

• fix: strip metadata blocks and prevent reply tag streaming leaks #21643 — strip metadata blocks and prevent reply-tag streaming leaks
• TUI renders gateway reconnect metadata as visible chat messages #21548 — TUI renders gateway reconnect metadata as visible chat messages
• fix: strip untrusted metadata blocks and system event lines from webchat UI #22147 — strip untrusted metadata blocks and system event lines from webchat UI (scope mismatch check still pending)

Open related items held for symptom overlap review (not marked duplicate yet):

• [Bug] Control UI: Conversation info metadata visible & auto-scroll not working #20903
• [Bug]: Mac app and web UI leak raw message metadata — TUI and Telegram work correctly #20807

[vincentkoc]

PR #22142 is now merged. Canonical issue remains closed by that merge. Scope actions:

• [Bug] Control UI: Conversation info metadata visible & auto-scroll not working #20903 and [Bug]: Mac app and web UI leak raw message metadata — TUI and Telegram work correctly #20807: kept on hold (related but not yet verified/closed).
• Follow-up surfaces still monitored: fix: strip metadata blocks and prevent reply tag streaming leaks #21643, TUI renders gateway reconnect metadata as visible chat messages #21548, fix: strip untrusted metadata blocks and system event lines from webchat UI #22147.