Cron isolated agent does not pass sandboxInfo to system prompt

[flowese]

Bug Description

When running a cron job with sessionTarget: "isolated" and the agent has sandbox enabled (mode: "all"), the agent receives the host workspace path in the system prompt instead of the container mount path.

Expected Behavior

The system prompt should include the sandbox section with:

Agent workspace access: rw (mounted at /workspace)

And ideally workspaceDir should reflect /workspace (or /agent for ro) when sandboxed.

Actual Behavior

The system prompt shows:

Your working directory is: /home/node/loom-novia

But inside the Docker container, the actual path is /workspace. The agent tries to use the host path, fails, and hallucinates files.

Root Cause

In /src/cron/isolated-agent/run.ts, runEmbeddedPiAgent is called without passing sandboxInfo:

return runEmbeddedPiAgent({
  workspaceDir,  // ← host path
  // Missing: sandboxInfo
});

The function buildEmbeddedSandboxInfo() exists and correctly builds the object with agentWorkspaceMount, but the cron runner never calls it.

Suggested Fix

In runCronIsolatedAgentTurn, resolve sandbox context for the agent and pass it:

import { resolveSandboxContext } from "../../agents/sandbox.js";
import { buildEmbeddedSandboxInfo } from "../../agents/pi-embedded-runner.js";

// ... inside the function:
const sandboxContext = await resolveSandboxContext({ cfg, sessionKey, agentId });
const sandboxInfo = buildEmbeddedSandboxInfo(sandboxContext, execElevated);

return runEmbeddedPiAgent({
  // ...existing params
  sandboxInfo,
});

Environment

• Moltbot running in Docker
• Agent with sandbox.mode: "all", workspaceAccess: "rw"
• Cron job with sessionTarget: "isolated"

[openclaw-barnacle]

This issue has been automatically marked as stale due to inactivity.
Please add updates or it will be closed.

[jbencook]

I'm running into the same problem