Skip to content

[Bug]: image attachments don't work on telegram - sandbox-fs Syntax error: ";" unexpected on inbound media filenames (2026.2.23 regression) #25824

New issue
New issue
Closed
Closed
[Bug]: image attachments don't work on telegram - sandbox-fs Syntax error: ";" unexpected on inbound media filenames (2026.2.23 regression)#25824
Labels
bugSomething isn't working
@hamnaanaa

Description

@hamnaanaa
hamnaanaa
opened on Feb 24, 2026

Summary

After upgrading from 2026.2.22 to 2026.2.23, all sandbox filesystem operations (read, write, image) fail with moltbot-sandbox-fs: 1: Syntax error: ";" unexpected when the file path contains OpenClaw's auto-generated inbound media filename pattern (file_{id}---{uuid}.{ext}).

This breaks ALL inbound media processing — agents cannot see photos, voice notes, or documents sent by users. The error did not occur on 2026.2.22.

Steps to reproduce

  1. Run OpenClaw 2026.2.23 with sandbox enabled (mode: "all", scope: "agent", workspaceAccess: "rw")
  2. Send a photo or voice note to the bot via Telegram
  3. OpenClaw stages the file into media/inbound/ in the agent's workspace with a filename like file_1095---f00a04a2-99a0-4d98-99b0-dfe61c5a4198.ogg
  4. The agent attempts to read/view the file using read, image, or write tools
  5. All fail with moltbot-sandbox-fs: 1: Syntax error: ";" unexpected

Expected behavior

Agent can read and process inbound media files, same as 2026.2.22.

Actual behavior

[tools] read failed: moltbot-sandbox-fs: 1: Syntax error: ";" unexpected
[tools] image failed: moltbot-sandbox-fs: 1: Syntax error: ";" unexpected
[tools] write failed: moltbot-sandbox-fs: 1: Syntax error: ";" unexpected

Every read, image, and write tool call targeting inbound media files fails. The agent cannot see any user-attached photos, voice notes, or documents.

OpenClaw version

2026.2.23

Operating system

Ubuntu 24.04 (Hostinger KVM 8 — 8 vCPU, 32GB RAM)

Install method

docker

Logs, screenshots, and evidence

Measured on the same server, same config, same users:


# Before upgrade (2026.2.22, Feb 23 00:00 – Feb 24 18:00 UTC)
journalctl --since '2026-02-23' --until '2026-02-24 18:00' | grep -c 'moltbot-sandbox-fs.*Syntax error'
0

# After upgrade (2026.2.23, Feb 24 18:00 UTC – present)
journalctl --since '2026-02-24 18:00' | grep -c 'moltbot-sandbox-fs.*Syntax error'
197


Zero occurrences on 2026.2.22. 197 occurrences within hours of upgrading to 2026.2.23. No other config changes between the two counts.

All auto-generated inbound media filenames follow this pattern:


file_{telegram_file_id}---{uuid}.{ext}


Examples from our workspace:

file_1095---f00a04a2-99a0-4d98-99b0-dfe61c5a4198.ogg
file_1221---6c4f9947-8cbb-48a1-a834-e69c2bbfeaa2.md
file_1569---54dcf3f8-9874-4888-8f47-a5fb719f584f.md
file_1635---6f424291-8255-4b0f-8b1c-cae3800ea0cc.ogg


Files exist on disk and are the correct size (verified via `ls -la`). The sandbox container can't read them through the sandbox-fs bridge.

Impact and severity

Critical for multi-user deployments. Inbound media is a core feature — users send photos, voice notes, and documents expecting the agent to see them. This completely breaks that flow for all sandboxed agents. We have 842 agents serving 815+ Telegram users, all affected.

Additional information

Workaround Result
Manually renaming files (removing ---) Works but not practical at scale
Disabling sandbox (mode: "off") Would fix it but removes all process isolation
Downgrading to 2026.2.22 Works (0 occurrences) but loses 2026.2.23 fixes

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions