Stability, installer auth, runtime compatibility, and context-management improvements

[Arentai86]

Summary

This is a field report from a real OpenClaw installation/use session. The main reliability issues are clustered around local dashboard auth persistence, Codex OAuth profile detection, runtime/package compatibility, long-session context growth, and missing final assistant messages after tools complete.

Reporter: @Arentai86 / OpenZen

Environment

• OS: macOS
• Installation path: custom OpenClaw installer
• Gateway URL observed locally: http://127.0.0.1:7842
• Chat URL observed after install: http://127.0.0.1:7842/chat?session=main
• Runtime/package locations involved:
  • ~/.openclaw
  • ~/Library/Application Support/OpenClaw/runtime/server
  • ~/.openclaw/npm/node_modules/@openclaw/codex

Problems Observed

1. Dashboard/chat auth breaks after browser restart

After reopening OpenClaw, the browser can land on the Gateway Dashboard auth screen instead of returning to the usable chat session.

The page asks for:

• WebSocket URL
• Gateway Token
• Password

Observed message:

Auth required
The Gateway is reachable, but it needs a matching token or password before this browser can connect.

Expected:

• Installer creates and persists a valid local dashboard/chat URL.
• Browser restart does not break the local session.
• User does not need to manually recover WebSocket token/password after a normal install.

Actual:

• A raw URL like http://127.0.0.1:7842/chat?session=main is not enough.
• User can be dropped into an auth dashboard and blocked without manual token setup.

2. Codex OAuth/auth profile is not reliably picked up

OpenClaw can fail only after the user sends a message:

Agent failed before reply: No API key found for provider "openai-codex".
Auth store: ~/.openclaw/agents/main/agent/auth-profiles.json
Configure auth for this agent ...

Expected:

• If openai-codex is selected, OpenClaw should use the Codex OAuth profile automatically.
• Installer/runtime should copy, link, or discover portable auth profiles correctly.
• Missing auth should be detected during setup or preflight, not after the first user request.

Actual:

• UI loads and the agent appears usable.
• Execution fails only at runtime.
• The error suggests auth may be stored in the wrong place or not propagated to the agent directory.

3. Runtime/package mismatch after update or install

Observed errors include:

(0, _pluginRuntime.listRegisteredPluginAgentPromptGuidance) is not a function

and:

Cannot find module
~/Library/Application Support/OpenClaw/runtime/server/dist/plugin-sdk/root-alias.cjs/agent-harness-task-runtime

Require stack:
~/.openclaw/npm/node_modules/@openclaw/codex/dist/run-attempt-...

Expected:

• Bundled runtime server and @openclaw/codex versions are always compatible.
• Installer/update process is atomic.
• If runtime files/functions are missing, OpenClaw repairs itself or refuses to start with a clear diagnostic.

Actual:

• Gateway can start successfully while agent execution fails later.
• Runtime references files/functions that are not present in the installed server package.

4. Agent executes tools but does not send the final answer

Repeatedly, OpenClaw runs tool calls successfully but never sends the final assistant message. The user then has to ask again what happened.

Observed:

• Tool cards appear.
• Commands finish.
• No final assistant response arrives.
• Sometimes runtime eventually reports idle/watchdog fallback.

Expected:

• After tools finish, OpenClaw always emits a final assistant message.
• UI receives a turn/completed or equivalent terminal event.
• If the model/tool loop stalls, runtime produces a clear fallback summary from completed tool results.

Actual:

• Chat looks hung even though work was completed.
• User cannot tell whether the task finished, failed, or is still running.

5. Context grows too fast and long project chats become unreliable

After 20-30 minutes of continuous work, active context can fill with tool output, repeated logs, failed patch attempts, command output, and stale intermediate state.

Expected:

• Completed tool results are compacted or summarized.
• Old bulky tool output is removed from active prompt context.
• Important decisions and state remain as compact summaries.
• Long project sessions remain usable for hours.

Actual:

• Context usage becomes very high.
• Agent slows down, hangs, or stops answering.
• Old tool outputs appear to remain in active context too long.

6. Tool output and repeated failed attempts pollute context

OpenClaw appears to keep too much low-value operational noise in the conversation:

• long shell outputs
• repeated failed patches
• repeated missing-file errors
• repeated same-tool failures
• logs that are no longer useful once the task is done

Expected:

• Tool output has strict caps.
• Repeated identical errors trigger a hard stop or summarization.
• Completed phases are replaced by concise state summaries.

Actual:

• Context fills with low-value operational history.

Suggested Improvements

1. Make the installer create a valid persistent local dashboard/chat URL.
2. Persist or auto-refresh gateway auth tokens across browser restarts.
3. Validate openai-codex auth during setup and before first run.
4. Lock runtime server and @openclaw/codex package versions together.
5. Add a startup doctor check for missing runtime files/functions.
6. Add automatic context hygiene:
   • early compression around 30-40% context usage
   • pruning old tool outputs
   • keeping only the recent N messages verbatim
   • summarizing completed tool phases
   • enforcing a hard message-count or token-budget limit
7. Guarantee final turn completion:
   • always emit turn/completed
   • if missing after timeout, synthesize a final summary from completed tool results
8. Add visible UI state:
   • running
   • compacting
   • waiting for model
   • completed
   • failed
9. Add loop guardrails for repeated identical tool failures.

Acceptance Criteria

• Fresh install opens directly into a usable chat.
• Browser restart does not require manual Gateway Token recovery.
• openai-codex works with Codex OAuth profile without a manual API key.
• Runtime update cannot leave mixed incompatible versions.
• Agent always sends a final answer after completing tools.
• Long sessions can run for hours with automatic context compaction.
• User never sees silent hangs after completed tool execution.

Why this matters

These issues are not isolated polish problems. Together they make OpenClaw feel unreliable after install and during serious long-running work. Fixing auth persistence, version atomicity, context hygiene, and guaranteed final-turn completion would substantially improve trust in OpenClaw as a daily-use agent runtime.

[clawsweeper]

Codex review: keeping this open for maintainer follow-up; there is still a little grit to resolve. Reviewed May 25, 2026, 12:37 PM ET / 16:37 UTC.

Summary
Keep open: the report is broad but credible, aligns with current stability/setup priorities, and current main only shows partial mechanisms and recent partial fixes rather than one canonical implementation that closes the whole reliability cluster.

Reproducibility: no. not as a single high-confidence current-main repro. The field report is detailed and source inspection shows plausible current paths for tokenless dashboard auth prompts and message-tool final suppression, but the full custom macOS installer/update/runtime cluster was not reproduced.

Ways to help us reproduce this

• Add a screenshot or short recording showing the behavior.
• Add expected vs actual behavior.

Next step
This should be owner-triaged and split before repair because it spans credential handling, installer/update atomicity, runtime compatibility, final-message semantics, and context-management policy.

Security
Needs attention: The issue itself is auth-sensitive, so any future fix needs a credential-handling pass even though no patch is under review.

Review details

Best possible solution:

Split the field report into owner-reviewed fixes for installer/dashboard auth recovery, Codex auth preflight, runtime/package atomicity checks, final-delivery liveness, and context hygiene defaults, with upgrade proof for each path.

Do we have a high-confidence way to reproduce the issue?

No, not as a single high-confidence current-main repro. The field report is detailed and source inspection shows plausible current paths for tokenless dashboard auth prompts and message-tool final suppression, but the full custom macOS installer/update/runtime cluster was not reproduced.

Is this the best way to solve the issue?

Unclear as one issue-sized fix. The maintainable path is to split the cluster into narrow repairs with owner review, because auth persistence, runtime/package atomicity, final delivery, and context compaction have different compatibility and proof requirements.

AGENTS.md: found and applied where relevant.

Remaining risk / open question:

• The report combines several subsystems; fixing it as one large change would be hard to validate and should probably be split into bounded follow-up issues or PRs.
• Some Codex auth and context symptoms appear partially addressed on current main, so maintainers should confirm the reporter's installed version and custom installer path before duplicating work.
• The dashboard-token and OAuth portions are credential-sensitive and need SecretRef/no-log behavior preserved during any repair.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 313762282c2a.

Label changes

Label changes:

• add P1: The issue describes broken install/auth and agent completion workflows that can block real use after setup or during long sessions.
• add impact:message-loss: The report says tool calls finish but the final assistant message is not delivered, leaving users without the completed response.
• add impact:session-state: The report describes long-session context growth, stale state, and transcript/tool-output bloat affecting session reliability.
• add impact:auth-provider: The report centers on dashboard auth tokens, Codex OAuth profile discovery, provider auth routing, and auth-profile storage.
• add issue-rating: 🐚 platinum hermit: Current issue advisory state selects this label.
• add clawsweeper:needs-live-repro: Current issue advisory state selects this label.
• add clawsweeper:no-new-fix-pr: Current issue advisory state selects this label.
• add clawsweeper:needs-maintainer-review: Current issue advisory state selects this label.
• add clawsweeper:needs-product-decision: Current issue advisory state selects this label.
• add clawsweeper:needs-security-review: Current issue advisory state selects this label.

Label justifications:

• P1: The issue describes broken install/auth and agent completion workflows that can block real use after setup or during long sessions.
• impact:auth-provider: The report centers on dashboard auth tokens, Codex OAuth profile discovery, provider auth routing, and auth-profile storage.
• impact:message-loss: The report says tool calls finish but the final assistant message is not delivered, leaving users without the completed response.
• impact:session-state: The report describes long-session context growth, stale state, and transcript/tool-output bloat affecting session reliability.

Evidence reviewed

Security concerns:

• [medium] Preserve SecretRef and token no-log behavior — src/commands/dashboard.ts:42
  The dashboard and OAuth portions involve gateway tokens and auth profiles; fixes should not persist resolved SecretRef plaintext into logs, browser-visible plain URLs, or service metadata without an explicit security review.
  Confidence: 0.78

What I checked:

• Repository policy applied: Root and scoped AGENTS guidance was read; this issue touches auth/session state, provider routing, plugin/runtime compatibility, gateway protocol, and context-management surfaces that the repo treats as compatibility-sensitive. (AGENTS.md:13, 313762282c2a)
• Vision fit: VISION.md names bug fixes, stability, setup reliability, and first-run UX as current priorities, so the report is in scope even though it needs splitting and owner review. (VISION.md:18, 313762282c2a)
• Dashboard auth is partially handled, not fully solved: The dashboard command builds a tokenized URL only when a token is available and not SecretRef-managed, so a plain browser URL can still reach the auth-required UI path described by the reporter. (src/commands/dashboard.ts:42, 313762282c2a)
• Control UI currently expects token recovery: The English UI copy for auth failures explicitly tells users to paste a token from a fresh dashboard command, which supports keeping the installer/browser-restart UX request open. (ui/src/i18n/locales/en.ts:987, 313762282c2a)
• Codex auth has recent partial fixes: Current docs and changelog show Codex OAuth route repair, stale profile cleanup, and one recent fix for the exact missing openai-codex auth error in isolated lanes, but they do not prove the reporter's custom installer/runtime path is fixed end to end. (CHANGELOG.md:487, 313762282c2a)
• Runtime compatibility surface exists on current main: The specific plugin SDK subpath and prompt-guidance function named by the observed errors exist on current main, pointing toward mixed installed packages or upgrade state rather than an absent current-source API. (package.json:518, 313762282c2a)

Likely related people:

• zhang-guiping: Blame and shortlog point the current dashboard auth, Codex routing, plugin SDK prompt-guidance, package export, and compaction precheck lines to the recent squashed commit that carried these surfaces. (role: recent area contributor; confidence: medium; commits: d6b7fe8615be; files: src/commands/dashboard.ts, src/agents/openai-codex-routing.ts, src/plugins/command-registry-state.ts)
• @altaywtf: The same squashed commit metadata lists @altaywtf as reviewer and co-author, making them a useful routing candidate for the current implementation sweep. (role: reviewer and adjacent contributor; confidence: medium; commits: d6b7fe8615be; files: src/commands/dashboard.ts, src/agents/openai-codex-routing.ts, src/plugins/command-registry-state.ts)
• @RomneyDa: The current changelog credits @RomneyDa on a recent Auth/Codex fix for the exact openai-codex missing-auth error shape, so they are a plausible auth-routing follow-up owner. (role: recent auth/Codex contributor; confidence: low; commits: d6b7fe8615be; files: CHANGELOG.md, appcast.xml)
• @Totalsolutionsync: The current changelog also credits @Totalsolutionsync on the recent Auth/Codex missing-auth fix, making them relevant to the reported Codex OAuth subproblem. (role: recent auth/Codex contributor; confidence: low; commits: d6b7fe8615be; files: CHANGELOG.md, appcast.xml)

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.