[Bug]: subagents.agentRuntime not inherited from agents.defaults — subagents bypass claude-cli runtime, hit Extra Usage bucket instead of Claude Max/Pro subscription, triggers 24h auth lockout

[Redoudou]

Bug type

Behavior bug (incorrect output/state without crash)

Beta release blocker

No

Summary

When agentRuntime: claude-cli is set at agents.defaults, subagents silently ignore it, fall back to direct HTTP, and drain your Extra Usage quota instead of your Claude Max/Pro subscription — one failed call locks out the entire Anthropic provider for 24 hours.

Steps to reproduce

1. Set agents.defaults.agentRuntime.id = "claude-cli" in openclaw.json
2. Leave agents.defaults.subagents.agentRuntime unset
3. Trigger any session that spawns a subagent (cron job with kind: agentTurn, or any task calling sessions_spawn)
4. Observe the subagent fires via subsystem: agent/embedded instead of /usr/bin/claude
5. If Extra Usage is disabled or exhausted, the embedded call returns 400 and OpenClaw writes disabledUntil ~24h forward to auth-state.json
6. All subsequent requests — including normal interactive chat — return "Provider anthropic has billing issue (skipping all models)"

Expected behavior

Subagents inherit agentRuntime: claude-cli from agents.defaults and route through the /usr/bin/claude binary, which carries the correct Claude Code headers that bill against the Max/Pro subscription.

Actual behavior

Subagents use the embedded HTTP runner regardless of agents.defaults.agentRuntime. The embedded runner calls the Anthropic API directly without CLI headers, routing to the Extra Usage bucket. One billing error sets disabledUntil in auth-state.json, which survives gateway restarts. All provider models are then skipped with "Provider anthropic has billing issue (skipping all models)" until the cooldown expires or the file is manually cleared.

OpenClaw version

2026.2.21-2

Operating system

Ubuntu 24.04 LTS (Linux 6.8.0-100-generic x86_64)

Install method

npm install -g openclaw

Model

anthropic/claude-sonnet-4-6

Provider / routing chain

• Intended: anthropic:claude-cli OAuth → /usr/bin/claude binary - Actual (subagents): embedded HTTP runner → api.anthropic.com directly (no CLI headers)

Additional provider/model setup details

Single auth profile anthropic:claude-cli (OAuth). No anthropic:manual profile.
agents.defaults.agentRuntime.id = "claude-cli" is set.
agents.defaults.subagents.agentRuntime is absent.

The diagnostic tool flags this post-hoc under automated diagnosis but emits no warning at gateway startup. The lockout state is stored under usageStats["anthropic:claude-cli"] in:

Logs, screenshots, and evidence

and persists across restarts.

## Logs and Evidence

Diagnostic report (tokens redacted by diagnostic script). Key evidence:

- **Section 2** — `disabledUntil` set, `disabledReason: billing`
- **Section 6** — first error at `00:07:04 UTC` from `subsystem: agent/embedded`:

Impact and severity

Impact and Severity

Affected users	Any Claude Max/Pro user running claude-cli OAuth with subagents — standard self-hosted setup
Severity	Blocks entire agent workflow — not just subagents, all interactive chat stops
Frequency	Reproducible every time a subagent is spawned with Extra Usage disabled or exhausted; also triggered on gateway restart when a missed cron fires catch-up
Consequence	Up to 24h outage requiring manual intervention; no warning before or during failure; subscription usage console shows nothing wrong because the subscription is never actually reached

Workaround

Manually clear usageStats fields in auth-state.json and restart:

python3 -c "
import json
path = '/home/<user>/.openclaw/agents/main/agent/auth-state.json'
with open(path) as f: d = json.load(f)
for p in d.get('usageStats', {}):
    for k in ['disabledUntil','failureCounts','errorCount','disabledReason','lastFailureAt']:
        d['usageStats'][p].pop(k, None)
with open(path, 'w') as f: json.dump(d, f, indent=2)
print('Cleared.')
"
openclaw gateway restart

Permanent fix: explicitly set agents.defaults.subagents.agentRuntime.id = "claude-cli" in openclaw.json.

Additional Information

The diagnostic tool detects the misconfiguration but only when run manually. A gateway startup warning — analogous to the existing allowInsecureAuth=true warning — would catch this before it causes an outage.

Additional information

Suggested Fix

Two changes, one behavioral and one UX:

1. Default inheritance (the real fix)

When agents.defaults.agentRuntime.id is set, subagents.agentRuntime should
automatically inherit it unless explicitly overridden. Same logic as any sane
config cascade — child inherits parent unless told otherwise.

2. Startup warning (the safety net)

When agentRuntime.id = "claude-cli" is detected at agents.defaults but
subagents.agentRuntime is unset, emit a startup warning — same pattern already
used for allowInsecureAuth=true. Catches misconfiguration before it causes a
24h outage.

Note: We are not asking to remove the embedded HTTP runner — it is a
legitimate option for isolation use cases. The problem is the silent fallback,
not the existence of the path.

[clawsweeper]

ClawSweeper status: review started.

I am starting a fresh review of this issue: [Bug]: subagents.agentRuntime not inherited from agents.defaults — subagents bypass claude-cli runtime, hit Extra Usage bucket instead of Claude Max/Pro subscription, triggers 24h auth lockout This is item 1/1 in the current shard. Shard 0/1.

This placeholder means the worker is alive and reading the current context. I will edit this same comment with the actual review when the claws are done clicking.

Crustacean status: shell secured, claws on keyboard, evidence pebbles being sorted.

[gorkem2020]

Same defaults-ignored pattern affects subagents.model

Confirming this on 2026.5.7, with an extension that probably matters for the fix scope: the same defaults-ignored behavior also affects agents.defaults.subagents.model. Per-agent overrides under agents.list[].subagents.model resolve correctly, but the defaults-level entry is silently ignored.

Reproduction with model field

Config:

{
  "agents": {
    "defaults": {
      "subagents": {
        "model": {
          "primary": "openrouter/deepseek/deepseek-v4-flash",
          "fallbacks": []
        }
      }
    }
  }
}

Parent agent: claude-cli runtime, model: "anthropic/claude-opus-4-7". No subagents block under the agent's agents.list[] entry. Called sessions_spawn from the parent with no explicit model parameter, agentId unset for self-spawn.

Spawned subagent's session jsonl:

{
  "api": "cli",
  "provider": "claude-cli",
  "model": "claude-opus-4-7"
}

Both model and provider inherited from the parent. The configured agents.defaults.subagents.model.primary (openrouter/deepseek/deepseek-v4-flash) was ignored.

Verified working path: adding agents.list[].subagents.model: "openrouter/deepseek/deepseek-v4-flash" per-agent makes the subagent route correctly to OpenRouter and DeepSeek V4 Flash, with model_change and model-snapshot events recorded in the subagent's jsonl. So the resolver bug is specific to the defaults-level path, not the field itself.

The pattern

agents.defaults.subagents.* is being ignored by sessions_spawn for at least:

• agentRuntime (this issue)
• model (this comment, with reproduction above)

A class-level fix in the spawn-time defaults resolver may address both at once.

Happy to provide additional reproduction evidence if helpful.

[joshavant]

Thanks @Redoudou for the detailed report, and thanks @gorkem2020 for the additional agents.defaults.subagents.model reproduction.

We dug through the current runtime-selection contract and found that the original agents.defaults.agentRuntime expectation is no longer the supported config path: whole-agent runtime keys are treated as legacy and ignored by runtime selection. Runtime policy now belongs on provider/model config, for example agents.defaults.models["anthropic/claude-sonnet-4-6"].agentRuntime.

The actionable bug here was the related default-subagent resolver behavior: agents.defaults.subagents.model could be bypassed by the target agent's normal primary model during sessions_spawn. That meant a default child model carrying model-scoped runtime policy, such as claude-cli, could be skipped and the child could run through the wrong backend. #81783 fixes that precedence so agents.defaults.subagents.model is applied before the target agent primary model, while preserving the intended legacy-ignore behavior for agents.defaults.agentRuntime.

Validated with focused Testbox coverage and a direct runtime-resolution proof showing a default subagent model winning over a conflicting target primary model while preserving runtime: "claude-cli" from model policy.

Closing as fixed by #81783.