[Bug]: Gateway Chat UI displays system-injected messages (Post-Compaction Audit, Heartbeat) as "You" #26461
Description
Summary
Gateway Chat UI displays system-injected messages (Post-Compaction Audit, Heartbeat) as "You"
Steps to reproduce
Title: Gateway Chat UI displays system-injected messages (Post-Compaction Audit, Heartbeat) as "You"
Body:
Summary
After compaction, OpenClaw injects user-role messages into the conversation (e.g.,
This caused a multi-day false alarm where we believed an external attacker was injecting messages into our bot — we rotated all three bot tokens and audited Telegram sessions before realizing these were OpenClaw's own post-compaction prompts.
Steps to reproduce
- Run a multi-agent setup with compaction enabled (mode: "safeguard")
- Chat until compaction triggers
- Open the Gateway Chat UI
- Observe the post-compaction audit message displayed with "You" as sender
Expected behavior
System-injected user-role messages (Post-Compaction Audit, Heartbeat prompts) should be visually distinct from actual user messages — e.g., labeled "System" or styled differently (like the existing "COMPACTION" divider).
Actual behavior
All user-role messages show as "You", regardless of origin.
Screenshots
(attached)
OpenClaw version
2026.2.23
Operating system
macOS (Darwin 25.3.0, arm64)
Impact
High — This directly causes false positive security incidents. Users cannot distinguish real messages from system-injected ones, leading to unnecessary token rotations and wasted debugging time.
Expected behavior
System-injected user-role messages should be visually distinct from actual user messages
Actual behavior
All user-role messages show as "You", regardless of origin
OpenClaw version
2026.2.23
Operating system
macOS
Install method
npm global
Logs, screenshots, and evidence
Impact and severity
No response
Additional information
No response