Bug type
Regression (worked before, now fails)
Beta release blocker
No
Summary
The session-memory hook writes all agent session memory files to the shared default workspace memory directory instead of each agent's own configured workspace, causing data leakage between agents.
Steps to reproduce
- Configure two agents with separate workspaces in openclaw.json
- agent-a: workspace "/path/to/agent-a-workspace"
- agent-b: workspace "/path/to/agent-b-workspace"
- Use agent-b and run /new or /reset
- Observe the session memory file is written to the shared default workspace memory directory, not agent-b's dedicated workspace
Expected behavior
Each agent's session memory should be written to its own configured workspace's memory/ directory (e.g., ~/.openclaw/workspace/agent-id/memory/)
Actual behavior
All session memory files are written to the shared default workspace's memory/ directory (~/.openclaw/workspace/memory/) regardless of which agent is running. Agent memory files can be read by other agents.
OpenClaw version
2026.4.5
Operating system
macOS Darwin 25.4.0
Install method
No response
Model
minimax-portal/MiniMax-M2.7-highspeed
Provider / routing chain
openclaw -> minimax-portal
Additional provider/model setup details
Affected: Multi-agent OpenClaw deployments with separate workspace per agent
Severity: High (security/data leakage between agents)
Frequency: Always (every /new or /reset command)
Consequence: One agent can read another agent's session memory files
Logs, screenshots, and evidence
Impact and severity
No response
Additional information
The memory-search vector store (SQLite) IS correctly isolated per-agent via ~/.openclaw/memory/{agentId}.sqlite. Only the session-memory hook's daily note files are affected.
Root cause: In dist/bundled/session-memory/handler.js, the hook resolves the workspace directory with a fallback chain that does not correctly prioritize the agent's own configured workspace when contextWorkspaceDir is passed from the invoker.
Bug type
Regression (worked before, now fails)
Beta release blocker
No
Summary
The session-memory hook writes all agent session memory files to the shared default workspace memory directory instead of each agent's own configured workspace, causing data leakage between agents.
Steps to reproduce
Expected behavior
Each agent's session memory should be written to its own configured workspace's memory/ directory (e.g., ~/.openclaw/workspace/agent-id/memory/)
Actual behavior
All session memory files are written to the shared default workspace's memory/ directory (~/.openclaw/workspace/memory/) regardless of which agent is running. Agent memory files can be read by other agents.
OpenClaw version
2026.4.5
Operating system
macOS Darwin 25.4.0
Install method
No response
Model
minimax-portal/MiniMax-M2.7-highspeed
Provider / routing chain
openclaw -> minimax-portal
Additional provider/model setup details
Affected: Multi-agent OpenClaw deployments with separate workspace per agent
Severity: High (security/data leakage between agents)
Frequency: Always (every /new or /reset command)
Consequence: One agent can read another agent's session memory files
Logs, screenshots, and evidence
Impact and severity
No response
Additional information
The memory-search vector store (SQLite) IS correctly isolated per-agent via ~/.openclaw/memory/{agentId}.sqlite. Only the session-memory hook's daily note files are affected.
Root cause: In dist/bundled/session-memory/handler.js, the hook resolves the workspace directory with a fallback chain that does not correctly prioritize the agent's own configured workspace when contextWorkspaceDir is passed from the invoker.