Dreaming needs configurable session/cron exclusions; isolated cron transcripts still enter session corpus

[zqchris]

Summary

Dreaming currently has no documented/configurable way to exclude specific sessions, cron jobs, groups/topics, or session-key prefixes from session transcript ingestion. On a real 2026.4.24 deployment, isolated cron runs are still appearing in memory/.dreams/session-corpus/YYYY-MM-DD.txt, even though the runtime contains generatedByCronRun / DIRECT_CRON_PROMPT_RE filtering logic.

This makes cron-heavy deployments difficult to operate without maintaining local Dreaming patches. Moving the cron delivery target to a Telegram group/topic does not help, because Dreaming scans agent session transcript files rather than the final delivery surface.

Related: #68449, but this issue is specifically about the missing operator-facing exclusion/config path and the remaining leak of isolated cron transcripts into the session corpus.

Environment

• OpenClaw: 2026.4.24 (764822a)
• Dreaming: enabled via plugins.entries.memory-core.config.dreaming.enabled: true
• Memory backend: builtin
• Affected corpus path: memory/.dreams/session-corpus/YYYY-MM-DD.txt
• Cron job type: payload.kind=agentTurn, sessionTarget=isolated, delivery.mode=announce

What I expected

At least one of these should be true:

1. sessionTarget: isolated cron runs are not ingested into Dreaming's session corpus, or
2. Cron-run transcripts are reliably classified as generatedByCronRun and skipped, including deleted/rotated transcript filenames, or
3. Operators can configure Dreaming to ignore specific cron jobs/session-key prefixes/agents/surfaces, e.g. an allowlist/blocklist such as:
   • dreaming.sessionFilter.excludeSessionKeyPrefixes
   • dreaming.sessionFilter.excludeCronJobIds
   • dreaming.sessionFilter.excludeAgents
   • dreaming.sessionFilter.excludeRegex

What happened

A cron job already configured as sessionTarget: isolated still appeared in Dreaming session corpus.

Counts from local memory/.dreams/session-corpus inspection:

• 2026-04-24.txt: 11 entries for the cron job
• 2026-04-25.txt: 17 entries for the cron job
• 2026-04-26.txt: 2 entries for the cron job
• 2026-04-27.txt: 0 entries at the time of inspection

Example corpus line shape:

[main/sessions/<uuid>.jsonl.deleted.2026-04-25T06-33-10.801Z#L5] User: [cron:<cron-id> <cron-name>] ...

The source paths are important: many contaminated entries reference deleted/rotated transcript filenames such as:

main/sessions/<uuid>.jsonl.deleted.<timestamp>
main/sessions/<uuid>.trajectory.jsonl.deleted.<timestamp>

The current runtime code appears to rely on session-store classification to mark cron transcripts:

• loadSessionTranscriptClassificationForSessionsDir(...)
• isCronRunSessionKey(...)
• cronRunTranscriptPaths
• generatedByCronRun

But once transcript filenames are rotated/deleted, the path in session-corpus may no longer match the live sessions.json sessionFile path, so classification can fail. DIRECT_CRON_PROMPT_RE should still catch direct User: [cron:...] messages, but the corpus evidence shows these prompt lines were already ingested in recent runs.

Config gap checked

I checked the current config schema. memory only exposes:

• memory.backend
• memory.citations
• memory.qmd.*

The memory-core Dreaming plugin config schema currently exposes only broad phase settings:

• dreaming.enabled
• dreaming.frequency
• dreaming.timezone
• dreaming.verboseLogging
• dreaming.storage
• dreaming.phases.light.*
• dreaming.phases.deep.*
• dreaming.phases.rem.*

I could not find a config option to skip a session, group/topic, cron job, or session-key prefix.

Why this matters

Cron jobs often contain operational prompts, tool stdout summaries, and repetitive status text that are useful as notifications but harmful as durable Dreaming input. In a personal-agent deployment, users should not have to fork/patch Dreaming just to keep maintenance cron transcripts out of memory.

Changing Telegram delivery target is not a workaround: the transcript is still stored under the agent and scanned by Dreaming.

Suggested fixes

A robust fix probably needs both:

1. Make cron transcript skipping reliable

   • classify by record/session metadata where available, not only by current session-store transcript path
   • handle .jsonl.deleted.<timestamp> and .trajectory.jsonl.deleted.<timestamp> rotated transcript artifacts
   • keep direct [cron:...] prompt filtering as a defense-in-depth path

2. Add operator-facing Dreaming session filters

   • block by cron job id/name
   • block by session key prefix, e.g. agent:main:cron:
   • block by agent id
   • block by regex over rendered source path/snippet
   • optionally allow an explicit include-only policy for session ingestion

This would let deployments keep Dreaming on for real human conversations while excluding high-volume automation/cron sessions without local patches.

[clawsweeper]

Codex review: keeping this open for maintainer follow-up; there is still a little grit to resolve.

Summary
Keep open: current main has partial cron transcript filtering, but it still lacks an operator-facing Dreaming session/cron exclusion config and the related implementation PR #72913 is closed unmerged.

Reproducibility: yes. for the remaining actionable gap: current main has no Dreaming session-filter schema or resolved config, and the ingestion path has no configurable exclusion predicate. The original production corpus contamination was not replayed locally.

Next step
Maintainer review is needed to choose or approve the new public filter/config contract and decide whether to revive or replace #72913.

Review details

Best possible solution:

Decide the public memory-core filter contract, then land #72913 or an equivalent focused change that documents dreaming.sessionFilter and hardens cron transcript attribution for rotated and non-run-key cases.

Do we have a high-confidence way to reproduce the issue?

Yes for the remaining actionable gap: current main has no Dreaming session-filter schema or resolved config, and the ingestion path has no configurable exclusion predicate. The original production corpus contamination was not replayed locally.

Is this the best way to solve the issue?

Yes for triage: keeping this issue open is the best current outcome because the related implementation is closed unmerged and current main does not expose the requested filter contract. The maintainable fix should stay in memory-core and align schema, docs, types, and focused ingestion tests.

What I checked:

• Dreaming schema has no session filter block: The memory-core plugin manifest exposes dreaming.enabled, cadence/model/timezone/logging/storage/execution/phases, but no dreaming.sessionFilter or exclusion keys. (extensions/memory-core/openclaw.plugin.json:34, 9a49d143c819)
• Resolved Dreaming config has no filter contract: MemoryDreamingConfig contains scheduling, storage, execution, and phase fields only; resolveMemoryDreamingConfig reads no session-filter object. (src/memory-host-sdk/dreaming.ts:128, 9a49d143c819)
• Ingestion loop lacks configurable exclusion predicate: collectSessionIngestionBatches enumerates agent transcript files and only carries generatedByDreamingNarrative / generatedByCronRun flags into buildSessionEntry; there is no operator predicate for cron job id, agent id, session-key prefix, or source path. (extensions/memory-core/src/dreaming-phases.ts:719, 9a49d143c819)
• Cron classification is still strict: Session-store classification only adds paths when isCronRunSessionKey(sessionKey) is true, and that helper intentionally matches only agent:<id>:cron:<job>:run:<run> keys, not broader cron prefixes. (packages/memory-host-sdk/src/host/session-files.ts:220, 9a49d143c819)
• Current main has partial mitigation: Current source can mark isolated cron runs with run-scoped keys and strips direct [cron:...] user prompt lines; tests cover skipping ordinary isolated cron-run transcripts, but that does not provide the requested configurable exclusion surface. (src/cron/isolated-agent/run.ts:532, 9a49d143c819)
• Docs list only existing user-facing Dreaming keys: The Dreaming docs say all settings live under plugins.entries.memory-core.config.dreaming and list enabled, frequency, and model, with phase policy and thresholds described as non-user-facing config details. Public docs: docs/concepts/dreaming.md. (docs/concepts/dreaming.md:207, 9a49d143c819)

Likely related people:

• jalehman: Authored the merged session-store-based Dreaming transcript skip work that current ingestion still relies on for cron transcript classification. (role: introduced related behavior; confidence: high; commits: a1b01f0281d0; files: extensions/memory-core/src/dreaming-phases.ts, packages/memory-host-sdk/src/host/session-files.ts)
• vignesh07: Introduced and hardened the cursored Dreaming session ingestion pipeline that a session exclusion predicate would extend. (role: major feature-history contributor; confidence: high; commits: 8cea63c61b83, 5291a2cfd1be, 695176542fcf; files: extensions/memory-core/src/dreaming-phases.ts, extensions/memory-core/src/dreaming-phases.test.ts, packages/memory-host-sdk/src/host/session-files.ts)
• zqchris: Provided the production corpus evidence and opened fix(memory-core): keep rotated cron transcripts out of dreaming corpus + add operator filters #72913, the closed unmerged PR that attempted the filter/config and rotated-transcript fix. (role: implementation proposer and production reporter; confidence: medium; commits: e821864013eb, 0ad250d6007a, 743556fd2672; files: extensions/memory-core/openclaw.plugin.json, extensions/memory-core/src/dreaming-phases.ts, packages/memory-host-sdk/src/host/session-files.ts)

Remaining risk / open question:

• The exact public dreaming.sessionFilter shape still needs maintainer agreement because it adds configuration surface.
• I did not replay the original 2026.4.24 production corpus leak; the current conclusion is based on source inspection, current tests, docs, and the provided issue/PR context.
• The provided context shows fix(memory-core): keep rotated cron transcripts out of dreaming corpus + add operator filters #72913 closed unmerged, but not the human closure rationale.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 9a49d143c819.