[Bug]: SecretRef resolution regression in 2026.4.12+ (socket-mode slack reply fails, filemain-backed plugin secrets read as "unresolved in the active runtime snapshot")

[matthewfranglen]

Bug type

Regression (worked before, now fails)

Beta release blocker

No

Summary

On socket-mode Slack with a SecretRef-backed botToken, inbound messages are received fine but every final reply throws channels.slack.accounts.<id>.botToken: unresolved SecretRef … Resolve this command against an active gateway runtime snapshot before reading it., stalling the session in state=processing. Worked on 2026.4.11, broken in 2026.4.15.

Steps to reproduce

1. Configure a file-based secret provider and point Slack socket-mode credentials at it:

   {
     "secrets": {
       "providers": {
         "filemain": { "source": "file", "path": "~/.openclaw/secrets.json", "mode": "json" }
       }
     },
     "channels": {
       "slack": {
         "enabled": true,
         "mode": "socket",
         "appToken":  { "source": "file", "provider": "filemain", "id": "/channels/slack/appToken" },
         "botToken":  { "source": "file", "provider": "filemain", "id": "/channels/slack/botToken" }
       }
     }
   }

   Populate ~/.openclaw/secrets.json with real socket-mode botToken and appToken values at those ids.

2. Install openclaw 2026.4.11. Start the gateway, send a DM to the bot. Observe: inbound received, agent replies successfully end-to-end.

3. Upgrade to version 2026.4.15. Same config, same secrets file, no other changes. Send another DM.

Expected behavior

Same behavior as 2026.4.11: the agent's final reply is delivered to Slack using the already-resolved bot token captured by the socket-mode provider at startup. No SecretRef error; no stuck session. This is also the behavior #45838 was closed as fixing on 2026-03-24 (PR #53577).

Actual behavior

Inbound message is received and dispatched to the agent. After the agent produces output, reply delivery throws and the session never transitions out of processing.

Gateway log (verbatim except for redacting the user id):

[slack] final reply failed: Error: channels.slack.accounts.default.botToken: unresolved SecretRef "file:filemain:/channels/slack/botToken". Resolve this command against an active gateway runtime snapshot before reading it.
[slack] final reply failed: Error: channels.slack.accounts.default.botToken: unresolved SecretRef "file:filemain:/channels/slack/botToken". Resolve this command against an active gateway runtime snapshot before reading it.
[diagnostic] stuck session: sessionId=23be472b-1d8b-423d-a8c6-f2b0e67f8f2a sessionKey=agent:main:slack:direct:uXXXXXXXX state=processing age=548s queueDepth=0
[diagnostic] stuck session: sessionId=23be472b-1d8b-423d-a8c6-f2b0e67f8f2a sessionKey=agent:main:slack:direct:uXXXXXXXX state=processing age=578s queueDepth=0

The error is logged at extensions/slack/src/monitor/message-handler/dispatch.ts:614. The Resolve this command against an active gateway runtime snapshot before reading it. text is produced by createUnresolvedSecretInputError in src/config/types.secrets.ts:130, reached via normalizeResolvedSecretInputString → resolveSecretInputString({ mode: "strict" }) (added in PR #66818, commit 1769fb2aa1).

The inbound botToken clearly resolves fine: the socket is authenticated, auth.test runs (extensions/slack/src/monitor/provider.ts:387), inbound DMs are delivered to the agent, and only the outbound reply fails. The re-read on the reply path does not use the already-resolved token captured in SlackMonitorContext.botToken; something on that path re-enters resolveSlackAccount({ cfg }) against the raw config, and strict mode then throws.

Downgrading to 2026.4.11 is not a usable workaround: that release has a separate SecretRef-at-config-load bug (#63937) that makes every openclaw CLI command fail when channels.slack.*.botToken is a SecretRef.

OpenClaw version

2026.4.15

Operating system

ubuntu 24.04.4 LTS

Install method

rootless podman from image ghcr.io/openclaw/openclaw rebuilt to add uv

Model

qwen 3.6 local

Provider / routing chain

openclaw -> llama.cpp -> qwen

Additional provider/model setup details

No response

Logs, screenshots, and evidence

{"0":"{\"subsystem\":\"gateway/ws\"}","1":"⇄ res ✓ device.pair.list 116ms conn=f8514afe…0e60 id=b911a9a5…ed44","_meta":{"runtime":"node","runtimeVersion":"24.14.0","hostname":"d41e7fe1dfe5","name":"{\"subsystem\":\"gateway/ws\"}","parentNames":["openclaw"],"date":"2026-04-17T19:31:35.585Z","logLevelId":3,"logLevelName":"INFO","path":{"fullFilePath":"file:///app/dist/subsystem-Cgmckbux.js:324:14","fileName":"subsystem-Cgmckbux.js","fileNameWithLine":"subsystem-Cgmckbux.js:324","fileColumn":"14","fileLine":"324","filePath":"dist/subsystem-Cgmckbux.js","filePathWithLine":"dist/subsystem-Cgmckbux.js:324","method":"logToFile"}},"time":"2026-04-17T19:31:35.585+00:00"}
{"0":"{\"subsystem\":\"gateway/ws\"}","1":"⇄ res ✗ secrets.resolve 1ms errorCode=UNAVAILABLE errorMessage=Error: reply: plugins.entries.exa.config.webSearch.apiKey is unresolved in the active runtime snapshot. conn=47e4c3bc…14bb id=00bc6fe7…7bc2","_meta":{"runtime":"node","runtimeVersion":"24.14.0","hostname":"d41e7fe1dfe5","name":"{\"subsystem\":\"gateway/ws\"}","parentNames":["openclaw"],"date":"2026-04-17T19:32:01.503Z","logLevelId":3,"logLevelName":"INFO","path":{"fullFilePath":"file:///app/dist/subsystem-Cgmckbux.js:324:14","fileName":"subsystem-Cgmckbux.js","fileNameWithLine":"subsystem-Cgmckbux.js:324","fileColumn":"14","fileLine":"324","filePath":"dist/subsystem-Cgmckbux.js","filePathWithLine":"dist/subsystem-Cgmckbux.js:324","method":"logToFile"}},"time":"2026-04-17T19:32:01.503+00:00"}
{"0":"{\"subsystem\":\"gateway/ws\"}","1":"⇄ res ✓ commands.list 166ms conn=f8514afe…0e60 id=59207bf9…796f","_meta":{"runtime":"node","runtimeVersion":"24.14.0","hostname":"d41e7fe1dfe5","name":"{\"subsystem\":\"gateway/ws\"}","parentNames":["openclaw"],"date":"2026-04-17T19:32:05.313Z","logLevelId":3,"logLevelName":"INFO","path":{"fullFilePath":"file:///app/dist/subsystem-Cgmckbux.js:324:14","fileName":"subsystem-Cgmckbux.js","fileNameWithLine":"subsystem-Cgmckbux.js:324","fileColumn":"14","fileLine":"324","filePath":"dist/subsystem-Cgmckbux.js","filePathWithLine":"dist/subsystem-Cgmckbux.js:324","method":"logToFile"}},"time":"2026-04-17T19:32:05.314+00:00"}
{"0":"{\"subsystem\":\"gateway/ws\"}","1":"⇄ res ✓ models.list 170ms conn=f8514afe…0e60 id=0c2de650…f1ef","_meta":{"runtime":"node","runtimeVersion":"24.14.0","hostname":"d41e7fe1dfe5","name":"{\"subsystem\":\"gateway/ws\"}","parentNames":["openclaw"],"date":"2026-04-17T19:32:05.317Z","logLevelId":3,"logLevelName":"INFO","path":{"fullFilePath":"file:///app/dist/subsystem-Cgmckbux.js:324:14","fileName":"subsystem-Cgmckbux.js","fileNameWithLine":"subsystem-Cgmckbux.js:324","fileColumn":"14","fileLine":"324","filePath":"dist/subsystem-Cgmckbux.js","filePathWithLine":"dist/subsystem-Cgmckbux.js:324","method":"logToFile"}},"time":"2026-04-17T19:32:05.317+00:00"}
{"0":"{\"subsystem\":\"gateway/channels/slack\"}","1":"slack final reply failed: Error: channels.slack.accounts.default.botToken: unresolved SecretRef \"file:filemain:/channels/slack/botToken\". Resolve this command against an active gateway runtime snapshot before reading it.","_meta":{"runtime":"node","runtimeVersion":"24.14.0","hostname":"d41e7fe1dfe5","name":"{\"subsystem\":\"gateway/channels/slack\"}","parentNames":["openclaw"],"date":"2026-04-17T19:32:43.078Z","logLevelId":5,"logLevelName":"ERROR","path":{"fullFilePath":"file:///app/dist/subsystem-Cgmckbux.js:324:14","fileName":"subsystem-Cgmckbux.js","fileNameWithLine":"subsystem-Cgmckbux.js:324","fileColumn":"14","fileLine":"324","filePath":"dist/subsystem-Cgmckbux.js","filePathWithLine":"dist/subsystem-Cgmckbux.js:324","method":"logToFile"}},"time":"2026-04-17T19:32:43.079+00:00"}
{"0":"{\"subsystem\":\"gateway/ws\"}","1":"⇄ res ✗ secrets.resolve 1ms errorCode=UNAVAILABLE errorMessage=Error: reply: plugins.entries.exa.config.webSearch.apiKey is unresolved in the active runtime snapshot. conn=1f6ceaea…9476 id=9baab84e…5770","_meta":{"runtime":"node","runtimeVersion":"24.14.0","hostname":"d41e7fe1dfe5","name":"{\"subsystem\":\"gateway/ws\"}","parentNames":["openclaw"],"date":"2026-04-17T19:32:43.118Z","logLevelId":3,"logLevelName":"INFO","path":{"fullFilePath":"file:///app/dist/subsystem-Cgmckbux.js:324:14","fileName":"subsystem-Cgmckbux.js","fileNameWithLine":"subsystem-Cgmckbux.js:324","fileColumn":"14","fileLine":"324","filePath":"dist/subsystem-Cgmckbux.js","filePathWithLine":"dist/subsystem-Cgmckbux.js:324","method":"logToFile"}},"time":"2026-04-17T19:32:43.118+00:00"}

Impact and severity

No response

Additional information

[hclsys]

Scoping the regression window: the git diff between v2026.4.11 and v2026.4.12 is short on slack runtime changes (extensions/slack/src/ only has test/boundary commits, no production code touched). The drift has to be in a shared path the slack reply-delivery reads from.

Candidate commits that touched the secrets/resolver layer in that window:

• 54c45ae9c — fix(secrets): cache guarded channel assignment helpers (test-support only, but mentions a cache-guard redesign)
• d742db1ea — perf(secrets): lazy-load runtime web-tools manifest lookups (moves runtime secret resolution behind lazy load)
• 380de88a6 — fix: extract shared session status runtime (#65807)

Prior fix that's supposed to cover this case: #53577 (fix(secrets): prevent unresolved SecretRef from crashing embedded agent runs, merged 2026-03-24) — touches dispatch-from-config.ts, get-reply.ts, inbound-reply-dispatch.ts, plugin-sdk/inbound-reply-dispatch.ts. My guess: the lazy-load refactor between 4.11 and 4.12 moved the resolver path such that slack's socket-mode reply handler is now reading from a snapshot before the resolver has populated — race window between the two paths.

What would sharpen this: can you share the full stack trace from the log when the reply fails? The frame immediately above channels.slack.accounts.default.botToken: unresolved SecretRef … is the key — if it's dispatchFromConfig/getReply, the fix belongs in the #53577 chain; if it's a slack-specific socket-mode handler, the fix shape is different.

Also worth testing: does inline secret values (instead of source: "file") work on 4.15? That isolates whether the bug is in the SecretRef resolver timing or in the slack handler reading stale state.

[matthewfranglen]

sorry this was reproduced on 2026.4.15. i was using opus to dig into it and it claimed the reproduction from 2026.4.12. i should've checked more the ticket more thoroughly my bad.

i've attached the logs from an error and cut out some of the speculation from the original ticket.

[matthewfranglen]

when i have the values in the config (i.e. skip the secret file) the slack replies work

[oclilbuddy]

Confirming on a separate setup — macOS 26.4.1 / arm64 / Node 25.9.0 / npm-global install, Anthropic models (not local), exec-source secret provider (1Password CLI via cached wrapper) instead of file. Same error wording, same failure shape: socket mode connects, inbound messages dispatched to agent fine, outbound reply throws channels.slack.accounts.default.botToken: unresolved SecretRef "exec:slack_bot_token:value". Resolve this command against an active gateway runtime snapshot before reading it.

Two additional data points that may help narrow the fix:

Version bisection is tighter than "2026.4.12+": the regression appears specifically between 2026.4.14 and 2026.4.15.

• 2026.4.14 (323493f) — works with SecretRef botToken + appToken. Clean startup, reply arrives in Slack end-to-end.
• 2026.4.15 (041266a) — broken with identical config. chat.postMessage throws immediately.

A/B is deterministic: npm i -g openclaw@2026.4.14 → restart → Slack replies work. Upgrade back to @2026.4.15 → broken again. Same config file across both, only version changes.

Reply-path vs reaction-path asymmetry: on .15 with SecretRef botToken, the reactions.add call (we use channels.slack.typingReaction: "hourglass_flowing_sand") succeeds — the emoji appears on the inbound message as expected. Only chat.postMessage on the final reply throws. So some Slack Web API call sites inside the plugin on .15 are resolving the token correctly; the raw-config re-read in resolveSlackAccount({ cfg }) you pointed at is specifically on the final-reply dispatch path.

For maintainer context: our changelog bisection landed on PR #66796 ("Reply/secrets: resolve active reply channel/account SecretRefs before reply-run message-action discovery") as a likely introduction vector, which is in the same release cluster as the strict-mode tightening #66818 you cited. Worth checking whether #66796 covered the message-action-discovery path but missed the final-reply dispatch path, since reactions.add goes through a different dispatch and still works.

Staying on .14 as the workaround until a fix ships. Thanks for the detailed write-up on this one.