[Bug]: cron/gateway tools stripped in Telegram sessions despite #22296 senderIsOwner fix (2026.2.24)

[dinglind]

Summary

After updating to 2026.2.24, cron and gateway tools are still missing in Telegram sandbox sessions. The #22296 fix (forwarding senderIsOwner through embedded queued/followup runner params) resolved this for Discord but Telegram sessions still fail — the tools are stripped before reaching the model.
Related: #22284, #22296

Steps to reproduce

1. Install OpenClaw 2026.2.24 via npm global
2. Configure a Telegram bot with sandbox enabled (mode: "all")
3. Configure the agent with Docker network access to the gateway (bridge network + extraHosts for WebSocket connectivity)
4. Ensure cron tool is in the sandbox allow list and not in the deny list
5. Verify cron works via CLI: openclaw agent --agent --channel telegram --message "list tools" — cron appears
6. Send a message via Telegram asking the agent to use the cron tool
7. Agent responds: "I don't have the cron tool available"

Expected behavior

Agent should have access to cron and gateway tools in Telegram sessions when the sender is the configured owner.

Actual behavior

Tools are stripped from the session. The model never sees cron or gateway in its function list. CLI path works perfectly — only Telegram (and likely other channel) sessions are affected.
Root cause is the same as #22284:

• OWNER_ONLY_TOOL_NAME_FALLBACKS is a hardcoded Set containing "cron" and "gateway" in compiled dist files
• ownerOnly: true is hardcoded on cron and gateway tool definitions
• senderIsOwner resolves to false in Telegram sessions despite correct owner configuration
• fix(tools): forward senderIsOwner to embedded runner so owner-only tools work #22296 fixed forwarding for queued/followup paths but the initial Telegram session tool filtering still strips these tools

OpenClaw version

2026.2.24

Operating system

Ubuntu 24.04 / WSL2 on Windows 11

Install method

npm global

Logs, screenshots, and evidence

CLI test shows cron available:

$ openclaw agent --agent myagent --channel telegram --message "list tools"
# Output includes functions.cron


Telegram session — agent cannot see cron tool. Sandbox explain confirms cron is allowed:

$ openclaw sandbox explain --agent myagent
# cron in allow list, not in deny list


Tracing in compiled dist (same files as #22284):

- pi-embedded-helpers-*.js: OWNER_ONLY_TOOL_NAME_FALLBACKS = new Set(["whatsapp_login", "cron", "gateway"])
- pi-embedded-*.js: name: "cron", ownerOnly: true
- applyOwnerOnlyToolPolicy filters these out when senderIsOwner is false

Impact and severity

Affected: Telegram users with sandboxed agents on 2026.2.24
Severity: High — completely blocks cron/gateway tool access from Telegram
Frequency: 100% reproducible
Workaround: Patching 8 compiled dist files (must be reapplied after every update)

Additional information

The workaround from #22284 still works — removing cron/gateway from OWNER_ONLY_TOOL_NAME_FALLBACKS and removing ownerOnly: true from the tool definitions in compiled dist files. This needs to be reapplied after every npm i -g openclaw@latest.
Suggested fix: either resolve senderIsOwner correctly for Telegram sessions (same as was done for Discord in #22296), or remove the hardcoded blocklist entirely and rely on config-driven tool policy as proposed in #22284.

[steipete]

Closing as duplicate of #25286 — same ownerAllowFrom bug: cron/gateway tools stripped despite config. The Telegram-specific framing in this issue is the same root cause. Tracking at #25286.