media: hardcoded image size limits (bytes/input-pixels) are not user-configurable across sanitize layers

[gucasbrg]

Bug type

Feature request (configurability gap)

Summary

OpenClaw has at least 10 hardcoded image size limits scattered across different bundles, and only one of them (DEFAULT_IMAGE_MAX_DIMENSION_PX in src/agents/tool-images.ts) is user-configurable (via agents.defaults.imageMaxDimensionPx). The corresponding byte limits for tool-result image sanitization, the generic media/mime layer, and the OpenAI-compat HTTP client outbound path are all hardcoded, so operators running OpenClaw against vision models that comfortably handle high-resolution photos (Qwen3-VL, GPT-4o, etc.) still get rejection errors on routine inputs like smartphone camera photos.

This is a companion request to the sandbox-only #40880 / #40950 which only covers src/media/store.ts.

Hardcoded limits I could find in dist/ (v2026.4.14)

File	Constant	Value	Scope
mime-*.js	MAX_IMAGE_BYTES	6 MB	generic channel inbound media (src/media/constants.ts)
tool-images-*.js	DEFAULT_IMAGE_MAX_BYTES	5 MB	agent tool-result image sanitize output target
tool-images-*.js	DEFAULT_IMAGE_MAX_DIMENSION_PX	1200	already configurable via agents.defaults.imageMaxDimensionPx
image-ops-*.js	MAX_IMAGE_INPUT_PIXELS	25e6	sharp limitInputPixels hard cap (rejects input before resize)
store-*.js	MEDIA_MAX_BYTES	5 MB	sandbox media staging — covered by #40880 / #40950
constants-*.js	DEFAULT_WEB_MEDIA_BYTES	5 MB	web channel attachment
input-files-*.js	DEFAULT_INPUT_IMAGE_MAX_BYTES	10 MB	per-image limit used by OpenAI-compat client input pipeline
openai-http-*.js	DEFAULT_OPENAI_MAX_TOTAL_IMAGE_BYTES	20 MB	total image payload across one OpenAI chat.completions request
dispatch-acp-*.js	ACP_ATTACHMENT_MAX_BYTES	10 MB	ACP protocol attachments
subagent-spawn-*.js	attachments.maxTotalBytes fallback	5 MB	subagent spawn (existing attachments.maxTotalBytes config)

Why the current situation is painful

• 25 MP sharp cap in image-ops — iPhone 14 Pro Max (48 MP), Samsung S24 Ultra (200 MP), Xiaomi/OPPO/Vivo flagship (50–200 MP) routinely exceed 25 MP. These photos get rejected by exceedsImagePixelLimit() in image-ops.ts before any resize is attempted.

• 5 MB DEFAULT_IMAGE_MAX_BYTES in tool-images — the resize loop (resizeImageBase64IfNeeded) targets 5 MB post-resize; the iteration over sideGrid × IMAGE_REDUCE_QUALITY_STEPS always fits typical JPEGs, but there is no config to loosen the target when the downstream provider can handle 10–20 MB (GPT-4o, Gemini 1.5, Qwen3-VL).

• 1200 px DEFAULT_IMAGE_MAX_DIMENSION_PX — a reasonable default but too small for vision models that prefer 2048 px native input (Qwen3-VL / Qwen2-VL mmproj reports image_max_pixels: 4194304 ≈ 2048×2048). This one is already configurable, but discoverability is poor — there's no docs/reference/config.md entry I could find.

• Outbound openai-http limits (10 MB per image, 20 MB total) — when OpenClaw acts as an OpenAI-compat client and forwards image_url parts to the underlying provider, these limits trigger with error strings like Total image payload too large (…; limit 20971520). There is no obvious config path; gateway.http.endpoints.chatCompletions.images accepts allowUrl but not maxBytes / maxTotalBytes.

Proposed schema

A single media.image.* top-level block in openclaw.json that's threaded to all the above layers (similar to how #40950 adds media.maxBytes). Per-scope overrides for advanced users:

{
  "media": {
    "image": {
      // applies to every image-sizing layer unless overridden below
      "maxBytes": 33554432,            // 32 MB
      "maxInputPixels": 150000000,     // 150 MP (covers modern smartphone cameras)
      "maxDimensionPx": 2048,          // post-resize target
      "maxTotalBytesPerRequest": 67108864, // 64 MB

      // per-scope overrides (optional)
      "scopes": {
        "channel":     { "maxBytes": 33554432 },   // replaces MAX_IMAGE_BYTES
        "toolResult":  { "maxBytes": 16777216, "maxDimensionPx": 2048 },
        "openaiHttp":  { "maxBytes": 33554432, "maxTotalBytes": 67108864 },
        "sandbox":     { "maxBytes": 33554432 }    // overlaps with #40950 `media.maxBytes`
      }
    }
  }
}

Minimum ask: expose media.image.maxBytes + media.image.maxInputPixels + media.image.maxDimensionPx and have each layer read them at boot with sensible defaults (current hardcoded values). agents.defaults.imageMaxDimensionPx can be kept as an alias for back-compat.

Why this matters to us

We're running OpenClaw against a local Qwen3-VL 8B (llama.cpp + mmproj) that happily decodes up to 48 MP JPEG inputs when called directly. But OpenClaw's built-in tool-images sanitizer forces all agent-observable images through a 5 MB / 1200 px funnel, so our agents see low-resolution thumbnails when the model could see the real pixels. We worked around it by sed-patching the bundles after every docker compose build, but that's obviously not sustainable.

Related

• [Bug]: tools/sandbox: MEDIA_MAX_BYTES (5 MB) is hardcoded and not user-configurable #40880 / media: make MEDIA_MAX_BYTES configurable via media.maxBytes #40950 (sandbox staging MEDIA_MAX_BYTES)
• Feature Request: Auto-resize images exceeding 5MB limit instead of rejecting #61041 (push-apns auto-resize instead of reject)
• Feature request: Image resize/maxBytes option for Read tool #8080 (Feature request: image resize/maxBytes for Read tool)
• Control UI WebSocket Image Upload Size Limit Too Small (5MB Hardcoded) #11563 (closed — Control UI WebSocket 5 MB limit)
• tools.media.image.maxBytes config setting is not used for inbound images #2954 (closed — tools.media.image.maxBytes defined but not applied to inbound)

Environment

• OpenClaw v2026.4.14 (via ghcr.io/openclaw/openclaw:2026.4.14)
• Docker deployment on macOS 18.8 host
• Provider: local Qwen3-VL 8B via llama.cpp llama-server (mmproj image_max_pixels: 4194304)

[gg22mm]

[clawsweeper]

Codex review: keeping this open for maintainer follow-up; there is still a little grit to resolve. Reviewed June 3, 2026, 1:06 AM ET / 05:06 UTC.

Summary
Codex review failed: codex execution failed.

Reproducibility: unclear. The review failed before ClawSweeper could establish a reproduction path.

Ways to help us reproduce this

• Include the exact command, prompt, or workflow that triggered it.
• Add expected vs actual behavior.

Next step
Review did not complete, so no work-lane recommendation was made.

Review details

Best possible solution:

Retry the Codex review after fixing the execution failure.

Do we have a high-confidence way to reproduce the issue?

Unclear. The review failed before ClawSweeper could establish a reproduction path.

Is this the best way to solve the issue?

Unclear. Retry the review first so ClawSweeper can evaluate the actual issue and fix direction.

AGENTS.md: unclear because the file could not be read completely.

Remaining risk / open question:

• No close action taken because the review did not complete.

Codex review notes: model gpt-5.5, reasoning high; reviewed against c0c4156b6dc9.

Label changes

Label changes:

• add issue-rating: 🦪 silver shellfish: Current issue advisory state selects this label.
• add clawsweeper:needs-info: Current issue advisory state selects this label.
• remove P2: Current review triage priority is none.
• remove clawsweeper:no-new-fix-pr: Current issue advisory state no longer selects this label.
• remove clawsweeper:needs-maintainer-review: Current issue advisory state no longer selects this label.
• remove clawsweeper:needs-product-decision: Current issue advisory state no longer selects this label.
• remove clawsweeper:source-repro: Current issue advisory state no longer selects this label.
• remove impact:message-loss: Current review selected no impact labels.
• remove issue-rating: 🦞 diamond lobster: Current issue advisory state no longer selects this label.

Evidence reviewed

What I checked:

• failure reason: codex execution failed.
• codex failure detail: Codex review failed for this issue with exit 1.
• codex stdout: Per-item Codex failure; continuing with the rest of the shard.

Likely related people:

• unknown: Codex failed before it could trace repository history. (role: review did not complete; confidence: low)

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

[clawsweeper]

Codex review: keeping this open for maintainer follow-up; there is still a little grit to resolve.

Keep open. Current main only partially addresses the request: image downscaling dimension and OpenAI-compatible chat-completion image budgets are configurable, but the broader configurable image byte/input-pixel/dimension contract is still absent across sanitizer defaults, generic media caps, gateway attachment parsing, sandbox staging, and ACP image attachment reads.

Required change / next step:

The report is valid, but the fix spans a public config contract, resource-limit policy, docs, and multiple overlapping open slice items, so it needs maintainer design/review before a safe automated repair PR.

Review details

Best possible solution:

Define a backwards-compatible, documented image limit contract with global defaults and scoped overrides, then thread it through the sanitizer, media/image-ops, generic inbound media, media-store and sandbox staging, gateway attachment parsing, ACP attachment reads, and OpenAI-compatible HTTP paths while preserving existing aliases where needed.

What I checked:

• top_level_media_schema_has_no_image_limits: The current OpenClaw config type still defines top-level media with only preserveFilenames and ttlHours, so keys like media.image.maxBytes or media.image.maxInputPixels are not part of the current contract. (src/config/types.openclaw.ts:119, acae48b790fa)
• tool_result_sanitizer_only_reads_dimension_config: The sanitizer defaults still include DEFAULT_IMAGE_MAX_BYTES = 5 MiB, and resolveImageSanitizationLimits only reads agents.defaults.imageMaxDimensionPx, not a byte or input-pixel config. (src/agents/image-sanitization.ts:8, acae48b790fa)
• sharp_input_pixel_cap_remains_fixed: MAX_IMAGE_INPUT_PIXELS remains a fixed 25,000,000 and is passed into the image-ops runtime; the colocated guard test asserts oversized images are rejected before resize work starts. (src/media/image-ops.ts:35, acae48b790fa)
• gateway_attachment_image_cap_still_hard_limited: Gateway attachment parsing can read agents.defaults.mediaMaxMb for the general attachment ceiling, but image attachments are still rejected above the generic MAX_IMAGE_BYTES constant before offload, which leaves the requested image-specific config gap. (src/gateway/chat-attachments.ts:61, acae48b790fa)
• sandbox_and_acp_caps_remain_fixed: Sandbox staging still binds STAGED_MEDIA_MAX_BYTES to MEDIA_MAX_BYTES, and ACP image attachment reads still use ACP_ATTACHMENT_MAX_BYTES = 10 MiB rather than a shared image-limit configuration. (src/auto-reply/reply/stage-sandbox-media.ts:20, acae48b790fa)
• openai_http_progress_is_scoped: OpenAI-compatible chat completions now resolve maxTotalImageBytes and images.maxBytes from gateway.http.endpoints.chatCompletions, but that path is isolated from the sanitizer, media store, generic media, input-pixel guard, gateway attachment image cap, and ACP paths named in the issue. (src/gateway/openai-http.ts:91, acae48b790fa)

Likely related people:

• steipete: Recent history shows the current agents.defaults.imageMaxDimensionPx configurability, several tool-image sanitizer changes, ACP image forwarding, and gateway attachment preservation work in the affected paths. (role: recent maintainer and adjacent owner; confidence: high; commits: b05e89e5e605, 2706cbd6d732, 3e2bc28e5147; files: src/agents/image-sanitization.ts, src/agents/tool-images.ts, src/auto-reply/reply/dispatch-acp-attachments.ts)
• vincentkoc: Recent path history includes the fixed image input-pixel guard, the move of sharp image ops into the media runtime, and media store/config-related work that overlaps the requested image limit contract. (role: media/image-ops maintainer; confidence: high; commits: 0ed4f8a72bb1, e174d96cc0b2, ba9eaf2ee219; files: src/media/image-ops.ts, extensions/media-understanding-core/image-ops.ts, src/media/store.ts)
• Syysean: The gateway attachment parsing and offload path still contains one of the remaining hard image caps, and commit history shows substantial merged work on maxBytes enforcement and media-ref handling there. (role: gateway attachment offload contributor; confidence: medium; commits: c6f2db150687; files: src/gateway/chat-attachments.ts, src/gateway/server-methods/chat.ts, src/gateway/server-methods/agent.ts)
• neeravmakwana: A recent media-store change titled 'honor configured store limits' is adjacent to the sandbox/media-store slice that this broader issue references through [Bug]: tools/sandbox: MEDIA_MAX_BYTES (5 MB) is hardcoded and not user-configurable #40880 and media: make MEDIA_MAX_BYTES configurable via media.maxBytes #40950. (role: media store configurable-limit contributor; confidence: medium; commits: a743b30b8b0f; files: src/media/store.ts, src/config/types.openclaw.ts)

Remaining risk / open question:

• A final design needs bounded defaults and validation because raising image limits affects memory, disk, network transfer, and provider request cost.
• The config contract needs a compatibility plan for existing partial knobs such as agents.defaults.imageMaxDimensionPx, tools.media.image.maxBytes, agents.defaults.mediaMaxMb, and gateway.http.endpoints.chatCompletions.images.*.
• Several related open items cover narrower slices, so maintainers should avoid landing conflicting schemas or duplicate partial fixes.

Codex review notes: model gpt-5.5, reasoning high; reviewed against acae48b790fa.