OpenAI fc_* transcript sanitizers bypassed when contextEngine.assemble() replaces session messages

[Grynn]

Summary

When a contextEngine plugin (e.g. lossless-claw) is active, contextEngine.assemble() runs after sanitizeSessionHistory() in the attempt loop. The assembled messages bypass the OpenAI-specific transcript sanitizers, which can re-introduce call_id|fc_id pairs that OpenAI Responses rejects.

Error seen:

Invalid 'input[86].id': 'fc_VlMFjbiUmP_P7YRExGpwuqcZ3Wxmoy6g522VwS00A3TOSbsgVftCkLT0bdYrd'.
Expected an ID that contains letters, numbers, underscores, or dashes,
but this value contained additional characters.

Code path

1. sanitizeSessionHistory() (src/agents/pi-embedded-runner/google.ts) — applies downgradeOpenAIFunctionCallReasoningPairs() and downgradeOpenAIReasoningBlocks() to the live session messages ✅
2. contextEngine.assemble() (src/agents/pi-embedded-runner/run/attempt.ts) — replaces the sanitized messages with assembled context from the plugin. This assembled context contains raw stored messages that were not passed through the OpenAI sanitizers ❌
3. Provider call receives messages with fc_* ids missing their paired reasoning items → OpenAI rejects

Root cause

The OpenAI transcript sanitizers run at step 1, but their work is effectively discarded when the context engine replaces the message array at step 2. The context engine plugin has no awareness of provider-specific replay constraints.

Suggested fix

Re-run the OpenAI transcript sanitizers after contextEngine.assemble() returns and before the provider call. Something like:

// After assemble() replaces session messages
if (isOpenAIResponsesModel(model)) {
  messages = downgradeOpenAIReasoningBlocks(messages);
  messages = downgradeOpenAIFunctionCallReasoningPairs(messages);
}

This keeps the sanitization concern in OpenClaw core where it belongs, rather than requiring every context engine plugin to know about OpenAI replay quirks.

Related

• lossless-claw issue: LCM assemble can reintroduce OpenAI-invalid call_id|fc_id pairs after transcript sanitization Martian-Engineering/lossless-claw#46

Workaround

Reducing freshTailCount in the context engine config lowers the probability (fewer raw turns replayed), but doesn't eliminate the issue.

[resyon]

Still affecting v2026.3.13-1. The root cause (lossless-claw contextEngine plugin reassembling sanitized history and reintroducing invalid call_id values after sanitizeSessionHistory() runs) is still present. Any ETA on a fix?

[steipete]

Closing this as implemented after Codex review.

Current main already closes the reported gap: OpenAI Responses transcript sanitization now runs in the outbound streamFn wrapper, so messages replaced by contextEngine.assemble() are sanitized immediately before the provider call instead of only once at attempt startup.

What I checked:

• OpenAI sanitizers now run on every outbound request: run/attempt.ts wraps activeSession.agent.streamFn for OpenAI Responses and reapplies downgradeOpenAIReasoningBlocks() followed by downgradeOpenAIFunctionCallReasoningPairs() to context.messages before calling the provider. (src/agents/pi-embedded-runner/run/attempt.ts:1480, 564f820efa2b)
• Context engine replacement happens earlier in the same attempt flow: contextEngine.assemble() can still replace activeSession.agent.state.messages, but that state now flows through the outbound wrapper above before the provider request is sent. (src/agents/pi-embedded-runner/run/attempt.ts:1632, 564f820efa2b)
• Original startup sanitization remains in place: sanitizeSessionHistory() still applies the OpenAI downgrade path during history preparation, so current main has both the initial sanitization and the outbound safety net. (src/agents/pi-embedded-runner/replay-history.ts:495, 564f820efa2b)
• Regression coverage for OpenAI fc/call_id downgrade behavior: Current tests assert that missing replayable reasoning strips fc_* pairings while preserved reasoning keeps canonical call_id|fc_id values, covering the sanitizer behavior the issue discusses. (src/agents/pi-embedded-runner.openai-tool-id-preservation.test.ts:81, 564f820efa2b)
• Shipped in tagged release: The tagged release commit v2026.4.22 already contains the same outbound OpenAI sanitization block in run/attempt.ts, so this fix is not just on unreleased main. (src/agents/pi-embedded-runner/run/attempt.ts:1480, 00bd2cf7a376)

So I’m closing this as already implemented rather than keeping a duplicate issue open.

Review notes: reviewed against 564f820efa2b; fix evidence: release v2026.4.22, commit 00bd2cf7a376.