BUG: Embedded channel reply runs crash on SecretRef-backed Telegram/Discord credentials

[kAIborg24]

Bug type

Regression (worked before, now fails)

Beta release blocker

No

Summary

After upgrading to OpenClaw 2026.4.29, inbound Telegram messages reach the gateway and Telegram can still send bot replies, but embedded agent reply runs fail before model output when channel credentials are configured through non-env SecretRefs.

The failing path appears to be embedded-run prompt/tool-discovery code reading the source/raw channel config instead of a resolved active runtime snapshot, then calling Telegram/Discord channel discovery helpers that synchronously resolve channel credentials.

Steps to reproduce

1. Configure Telegram or Discord with a channel credential stored as a non-env SecretRef, such as an exec-backed SecretRef.
2. Start OpenClaw 2026.4.29 and verify the channel itself is running.
3. Confirm channel transport works with openclaw channels status --probe or an equivalent direct send path.
4. Send an inbound message over Telegram to trigger an embedded agent reply run.
5. Observe that the embedded reply run fails before producing a model reply, while the channel still sends the generic failure message.

Expected behavior

Embedded channel reply runs should use the resolved active runtime snapshot for channel prompt/tool-discovery paths, or treat unresolved channel credentials as unavailable for discovery without failing the agent run.

A working channel with boot-resolved credentials should not crash before model execution.

Actual behavior

The inbound Telegram message is received and the Telegram bot can send the generic error reply, but the embedded agent run fails before the real assistant response.

The failure repeats after openclaw secrets reload --json succeeds with no warnings.

Discord appears affected in the same discovery layer: Discord direct send succeeds, but Discord message-action discovery throws on the unresolved Discord token SecretRef when using raw config.

OpenClaw version

OpenClaw 2026.4.29 (a448042)

Operating system

Ubuntu 26.04 LTS

Install method

pnpm-managed OpenClaw install

Model

Observed with an OpenAI Codex-backed embedded agent model. The failure occurs before model output and does not appear model-specific.

Provider / routing chain

Telegram inbound channel -> embedded agent reply runner -> model provider. Discord message-action discovery shows the same SecretRef failure pattern for Discord credentials.

Additional provider/model setup details

Channel credentials are configured as structured non-env SecretRefs.

The channel runtimes can resolve them for normal transport, but embedded-run discovery receives or reads unresolved source config.

Logs, screenshots, and evidence

Sanitized representative logs:

[diagnostic] lane task error: lane=main durationMs=13156 error="Error: channels.telegram.botToken: unresolved SecretRef \"exec:[redacted]:[redacted]\". Resolve this command against an active gateway runtime snapshot before reading it."
[diagnostic] lane task error: lane=session:agent:main:main durationMs=13158 error="Error: channels.telegram.botToken: unresolved SecretRef \"exec:[redacted]:[redacted]\". Resolve this command against an active gateway runtime snapshot before reading it."
[model-fallback/decision] model fallback decision: decision=candidate_failed requested=[redacted] candidate=[redacted] reason=unknown next=[redacted] detail=channels.telegram.botToken: unresolved SecretRef "exec:[redacted]:[redacted]". Resolve this command against an active gateway runtime snapshot before reading it.
Embedded agent failed before reply: channels.telegram.botToken: unresolved SecretRef "exec:[redacted]:[redacted]". Resolve this command against an active gateway runtime snapshot before reading it.
[telegram] sendMessage ok chat=[redacted] message=[redacted]

Discord discovery evidence from the same runtime:

[message-action-discovery] discord.actions.describeMessageTool failed: Error: channels.discord.token: unresolved SecretRef "exec:[redacted]:[redacted]". Resolve this command against an active gateway runtime snapshot before reading it.
    at normalizeDiscordToken (.../extensions/discord/token-*.js:5:18)
    at resolveDiscordToken (.../extensions/discord/token-*.js:26:22)
    at resolveDiscordAccount (.../extensions/discord/accounts-*.js:54:26)
    at listEnabledDiscordAccounts (.../extensions/discord/accounts-*.js:122:36)
    at resolveDiscordActionDiscovery (.../extensions/discord/channel-actions-*.js:12:44)

Local source-chain evidence from the packaged 2026.4.29 runtime:

embedded prompt prep calls collectRuntimeChannelCapabilities({ cfg: params.config, channel })
  -> resolveChannelPromptCapabilities(...)
  -> Telegram agentPrompt.messageToolCapabilities(...)
  -> resolveTelegramInlineButtonsScope(...)
  -> resolveTelegramAccount(...)
  -> resolveTelegramToken(...)
  -> unresolved SecretRef throws

embedded prompt prep also calls resolveChannelReactionGuidance(...) and listChannelSupportedActions(...), which can reach the same token-resolution path.

Discord describeMessageTool(...)
  -> resolveDiscordActionDiscovery(...)
  -> listEnabledDiscordAccounts(...)
  -> resolveDiscordToken(...)
  -> normalizeResolvedSecretInputString(...)
  -> unresolved SecretRef throws

Additional verification:

openclaw secrets reload --json
=> { "ok": true, "warningCount": 0 }

openclaw secrets audit --check --json
=> summary.unresolvedRefCount = 0

openclaw channels status --probe
=> Telegram connected/works; Discord connected/works

Impact and severity

High for operators using Telegram or Discord with SecretRef-backed channel credentials.

Inbound channel messages can become unusable even though the underlying channel transport is healthy. Users see only a generic “Something went wrong while processing your request” reply.

Additional information

This looks related to active-runtime-snapshot vs source-config leakage in embedded reply runs.

Discovery/prompt helper paths should not synchronously require raw channel credentials, and should not fail the whole embedded run when a SecretRef is unresolved in source config but available in the gateway runtime snapshot.

[clawsweeper]

Codex review: keeping this open for maintainer follow-up; there is still a little grit to resolve.

Summary
Keep open. Current main still has a Telegram embedded prompt-prep path from raw run config through prompt capabilities and reaction guidance into strict non-env SecretRef token resolution, and #75445 is an open unmerged closing PR that should be reviewed before this issue closes.

Reproducibility: yes. The report gives concrete 2026.4.29 steps and sanitized logs, and current source still shows a Telegram raw-config path from embedded prompt prep into strict non-env SecretRef token resolution before model output.

Next step
No repair job: #75445 is an open closing PR for this report, so the next action is maintainer review of that PR’s coverage.

Review details

Best possible solution:

Make optional prompt/discovery paths use a resolved runtime snapshot or read-only fail-soft inspection while preserving strict credential failures for real send/probe paths, then close after the fix lands.

Do we have a high-confidence way to reproduce the issue?

Yes. The report gives concrete 2026.4.29 steps and sanitized logs, and current source still shows a Telegram raw-config path from embedded prompt prep into strict non-env SecretRef token resolution before model output.

Is this the best way to solve the issue?

Unclear. Fail-soft optional discovery is the right boundary, but the linked PR’s channel-actions approach needs coverage review for Telegram prompt capabilities and reaction guidance as well as Discord/Telegram message-action discovery.

What I checked:

• Open closing PR: Provided GitHub context lists fix(channels): tolerate unresolved SecretRef tokens during Discord/Telegram channel-actions discovery #75445 as open, unmerged, and using closing syntax for this issue, so the issue should stay open until that PR or an equivalent fix lands. (e5bc27823adc)
• Embedded prompt prep uses run config: runEmbeddedAttempt builds runtime channel capabilities, reaction guidance, and channel actions from params.config during prompt construction, matching the reported pre-model failure path. (src/agents/pi-embedded-runner/run/attempt.ts:1161, 15bbf4f2f304)
• Prompt hooks are direct plugin calls: resolveChannelPromptCapabilities and resolveChannelReactionGuidance call the plugin hooks without a local fail-soft guard, so Telegram hook errors can still abort prompt prep. (src/agents/channel-tools.ts:149, 15bbf4f2f304)
• Telegram prompt hooks reach account resolution: Telegram messageToolCapabilities calls resolveTelegramInlineButtonsScope and reactionGuidance calls resolveTelegramReactionLevel, both with the raw cfg passed from prompt prep. (extensions/telegram/src/channel.ts:679, 15bbf4f2f304)
• Telegram helpers resolve accounts: resolveTelegramInlineButtonsScope and resolveTelegramReactionLevel both resolve a Telegram account before reading prompt-only capability settings. (extensions/telegram/src/inline-buttons.ts:63, 15bbf4f2f304)
• Non-env Telegram SecretRefs remain strict: Telegram token resolution deliberately re-enters strict SecretRef resolution for non-env SecretRefs, which is the reported unresolved SecretRef failure when raw source config reaches this path. (extensions/telegram/src/token.ts:86, 15bbf4f2f304)

Likely related people:

• steipete: Current checkout blame maps the central channel prompt wrappers and Telegram prompt hook lines to Peter Steinberger in 47375fd; 929df0f also recently touched the embedded runner attempt surface. (role: recent maintainer; confidence: medium; commits: 47375fd6dc98, 929df0f5567f; files: src/agents/channel-tools.ts, src/agents/runtime-capabilities.ts, src/agents/pi-embedded-runner/run/attempt.ts)
• joshavant: Merged history includes active channel/account SecretRef resolution in reply runs and inspect/strict SecretRef behavior alignment, including Telegram token source and tests. (role: SecretRef runtime-resolution feature-history owner; confidence: high; commits: 731d4666d25f, 1769fb2aa1d6; files: src/auto-reply/reply/agent-runner-utils.ts, src/auto-reply/reply/agent-runner-utils.secret-resolution.test.ts, extensions/telegram/src/token.ts)
• gumadeiras: Recent merged work on fast-path message tool discovery touched the generic channel-tools and message-action-discovery path involved in the Discord/Telegram discovery portion of this report. (role: adjacent message-tool discovery owner; confidence: medium; commits: 7ae670e50159; files: src/agents/channel-tools.ts, src/channels/plugins/message-action-discovery.ts)

Remaining risk / open question:

• fix(channels): tolerate unresolved SecretRef tokens during Discord/Telegram channel-actions discovery #75445 may only cover channel-actions discovery; maintainer review should verify Telegram messageToolCapabilities and reactionGuidance are covered before closing this issue.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 15bbf4f2f304.