WhatsApp extension plugin sendMedia doesn't forward mediaLocalRoots (agent workspace media blocked)

[odrobnik]

Summary

extensions/whatsapp/src/channel.ts line 298: sendMedia does not destructure or forward mediaLocalRoots from the outbound context. This causes assertLocalMediaAllowed to receive undefined roots, falling back to defaults that exclude the agent workspace directory.

Result: Any media file in the agent workspace (e.g. ~/workspace/image.png) fails with LocalMediaAccessError: Local media path is not under an allowed directory when sent via WhatsApp — even though getAgentScopedMediaLocalRoots correctly includes the workspace.

Fix

- sendMedia: async ({ to, text, mediaUrl, accountId, deps, gifPlayback }) => {
+ sendMedia: async ({ to, text, mediaUrl, mediaLocalRoots, accountId, deps, gifPlayback }) => {
    const send = deps?.sendWhatsApp ?? getWhatsAppRuntime().channel.whatsapp.sendMessageWhatsApp;
    const result = await send(to, text, {
      verbose: false,
      mediaUrl,
      accountId: accountId ?? undefined,
      gifPlayback,
+     mediaLocalRoots,
    });

The core plugin at src/channels/plugins/outbound/whatsapp.ts already has the correct implementation but is unused — the extension plugin is the actual runtime adapter.

Prior Art

This is the same bug as #23140. Two fix PRs were submitted (#23148, #23272) — both were stale-bot closed without maintainer review.

[Dingding-leo]

This is a straightforward fix - same bug as #23140 that was never properly merged.

Root Cause:
extensions/whatsapp/src/channel.ts line 298 doesn't forward mediaLocalRoots to the WhatsApp API, causing workspace media to fail with LocalMediaAccessError.

The Fix (as you specified):

- sendMedia: async ({ to, text, mediaUrl, accountId, deps, gifPlayback }) => {
+ sendMedia: async ({ to, text, mediaUrl, mediaLocalRoots, accountId, deps, gifPlayback }) => {
    const send = deps?.sendWhatsApp ?? getWhatsAppRuntime().channel.whatsapp.sendMessageWhatsApp;
    const result = await send(to, text, {
      verbose: false,
      mediaUrl,
      accountId: accountId ?? undefined,
      gifPlayback,
+     mediaLocalRoots,
    });

Note: The core plugin at src/channels/plugins/outbound/whatsapp.ts already handles this correctly - the extension plugin is the one that needs fixing.

History:
This bug was previously reported as #23140, with PRs #23148 and #23272 submitted but stale-bot closed. The fix should be re-applied and merged this time.

Quick fix - should be straightforward to land.

[ashawwal]

Surprised this still hasn't been fixed in 13.3. It's driving me nuts.

[openclaw-barnacle]

This issue has been automatically marked as stale due to inactivity.
Please add updates or it will be closed.

[openclaw-barnacle]

Closing due to inactivity.
If this is still an issue, please retry on the latest OpenClaw release and share updated details.
If you are absolutely sure it still happens on the latest release, open a new issue with fresh repro steps.