CLI: add --session-key flag to openclaw agent

[zhangzhejian]

Summary

• Add --session-key <key> option to openclaw agent CLI for explicit session key routing
• Plumb sessionKey through AgentCliOpts, validation guard, resolveSessionKeyForRequest(), and the --local fallback path
• Enables external integrations (e.g., agentgram polling scripts) to use custom session keys like agentgram:<room_id> for per-room session isolation

Test plan

• pnpm tsgo — no new type errors
• pnpm test -- src/commands/agent/session.test — all 8 tests pass
• Manual: openclaw agent --session-key "agentgram:test-room" --message "hello" --json

🤖 Generated with Claude Code

[greptile-apps]

Greptile Summary

This PR adds a --session-key <key> flag to the openclaw agent CLI command, enabling callers to explicitly specify a session key for routing — particularly useful for external integrations like polling scripts that need per-room session isolation (e.g., agentgram:<room_id>).

The change is well-scoped and correctly threads the new option through the type definition (AgentCliOpts), the validation guard, resolveSessionKeyForRequest(), and the --local embedded fallback path.

Key observations:

• In agentCliCommand, the explicit field assignment for the session key inside localOpts is redundant — unlike agentId (mapped from agent) and replyAccountId (mapped from replyAccount), this field has the same name in both types and is already included by the ...opts spread.
• The gateway execution path (agentViaGatewayCommand) does not include the --agent conflict check that the local path (agentCommandInternal) already performs when an explicit session key is also provided, creating a minor inconsistency: conflicting flags yield a clear local error but are silently forwarded to the gateway when run without --local.
• No CLI help text example was added for the new flag, though this is cosmetic.

Confidence Score: 4/5

• This PR is safe to merge; the changes are minimal, well-contained, and do not introduce any regressions.
• The core logic is sound and correctly integrated across all affected call sites. The only findings are a redundant field assignment (style) and a minor inconsistency in conflict-detection behaviour between the gateway and local execution paths — neither of which would cause a runtime failure.
• No files require special attention; src/commands/agent-via-gateway.ts has the minor issues noted above.

_{Last reviewed commit: 16a2dc8}

Comments Outside Diff (1)

1. undefined, line undefined (link)

   Missing --agent + --session-key conflict validation in the gateway path

   The local execution path (agentCommandInternal in agent.ts, line 366–373) explicitly validates that the agent ID embedded in --session-key matches the --agent flag, and throws a clear error if they conflict:

   if (agentIdOverride && opts.sessionKey) {
     const sessionAgentId = resolveAgentIdFromSessionKey(opts.sessionKey);
     if (sessionAgentId !== agentIdOverride) {
       throw new Error(`Agent id "..." does not match session key agent "...".`);
     }
   }

   This guard is absent in agentViaGatewayCommand. When the gateway path is used with conflicting --agent and --session-key values, the mismatch is silently passed through to the gateway. If the gateway returns an opaque error, the user will get less actionable feedback than they would from the --local path.

   Consider adding the same pre-flight check here (or at least in agentCliCommand before dispatching to either path) so the behaviour is consistent regardless of execution mode.

   Prompt To Fix With AI

   This is a comment left during a code review.
   Path: src/commands/agent-via-gateway.ts
   Line: 116-122
   
   Comment:
   **Missing `--agent` + `--session-key` conflict validation in the gateway path**
   
   The local execution path (`agentCommandInternal` in `agent.ts`, line 366–373) explicitly validates that the agent ID embedded in `--session-key` matches the `--agent` flag, and throws a clear error if they conflict:
   
   ```ts
   if (agentIdOverride && opts.sessionKey) {
     const sessionAgentId = resolveAgentIdFromSessionKey(opts.sessionKey);
     if (sessionAgentId !== agentIdOverride) {
       throw new Error(`Agent id "..." does not match session key agent "...".`);
     }
   }
   ```
   
   This guard is absent in `agentViaGatewayCommand`. When the gateway path is used with conflicting `--agent` and `--session-key` values, the mismatch is silently passed through to the gateway. If the gateway returns an opaque error, the user will get less actionable feedback than they would from the `--local` path.
   
   Consider adding the same pre-flight check here (or at least in `agentCliCommand` before dispatching to either path) so the behaviour is consistent regardless of execution mode.
   
   How can I resolve this? If you propose a fix, please make it concise.

[greptile-apps]

Unnecessary explicit field mapping

The sessionKey field name is identical in both AgentCliOpts and AgentCommandOpts, so the ...opts spread on line 185 already carries the value into localOpts — the explicit mapping on line 188 is a no-op.

This differs from agentId: opts.agent and replyAccountId: opts.replyAccount, which are necessary because the CLI prop names differ from the command type field names. Since the field is named identically in both types, the explicit assignment can be removed.

Suggested change

	const localOpts = {
	...opts,
	agentId: opts.agent,
	sessionKey: opts.sessionKey,
	replyAccountId: opts.replyAccount,
	const localOpts = {
	...opts,
	agentId: opts.agent,
	replyAccountId: opts.replyAccount,
	};

Prompt To Fix With AI

This is a comment left during a code review.
Path: src/commands/agent-via-gateway.ts
Line: 185-189

Comment:
**Unnecessary explicit field mapping**

The `sessionKey` field name is identical in both `AgentCliOpts` and `AgentCommandOpts`, so the `...opts` spread on line 185 already carries the value into `localOpts` — the explicit mapping on line 188 is a no-op.

This differs from `agentId: opts.agent` and `replyAccountId: opts.replyAccount`, which are necessary because the CLI prop names differ from the command type field names. Since the field is named identically in both types, the explicit assignment can be removed.

```suggestion
  const localOpts = {
    ...opts,
    agentId: opts.agent,
    replyAccountId: opts.replyAccount,
  };
```

How can I resolve this? If you propose a fix, please make it concise.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 16a2dc84bd

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Validate --session-key before exposing it on CLI

Adding --session-key here makes malformed keys user-reachable, but the local execution path still does not validate key shape (src/commands/agent.ts:343-373) while the gateway path explicitly rejects malformed agent: keys (src/gateway/server-methods/agent.ts:296-306). In practice, openclaw agent --session-key agent:main ... can fail gateway validation, fall back to embedded mode, and then create/use an invalid session key, causing inconsistent behavior between normal and fallback runs and potentially orphaned session history.

Useful? React with 👍 / 👎.

[openclaw-barnacle]

This pull request has been automatically marked as stale due to inactivity.
Please add updates or it will be closed.

[himochen]

+1 from a downstream integration. We have a near-identical use case that would benefit from this flag merging:

Use case: an external agent harness (xenia) that runs in a separate Claude Code session and dispatches turns into an OpenClaw agent (elena) via subprocess for bidirectional threaded conversations. Current state without this flag:

• --agent elena --session-id <xenia-thread-id> routes into agent:elena:main regardless of --session-id (verified: src/agents/command/session.ts:139-161, the !explicitSessionKey guard at line 161 short-circuits the session-id branch when --agent is provided), so external traffic collides with the agent's own main-session heartbeats.
• AgentParamsSchema.sessionKey already exists at src/gateway/protocol/schema/agent.ts:134 and commands/agent-via-gateway.ts:138 already forwards it. Protocol + transport are already there; this PR just surfaces it on the CLI. No new architectural surface.
• openclaw cron add already exposes --session-key (src/cli/cron-cli/register.cron-add.ts:76), so the CLI surface is asymmetric between cron add and agent today.

This gives us (and presumably anyone doing per-thread/per-room isolation — agentgram, xenia, or similar) a clean namespace like agent:<id>:xenia:<thread-id> that sits alongside main / explicit:<id> / cron session:<id> without collision.

Two small suggestions if the author is still around:

1. The greptile bot's finding Login fails with 'WebSocket Error (socket hang up)' ECONNRESET #2 is a real asymmetry worth addressing here: the gateway path silently forwards conflicting --agent / --session-key combos, while the local path throws a clear error (agents/agent-command.ts:227-232). Mirroring the check in agentViaGatewayCommand would make the two paths behaviorally consistent.

2. Separately (not blocking this PR), downstream integrations that manage their own gateway-availability checks would benefit from a companion --no-fallback flag to suppress the built-in gateway→embedded auto-fallback at commands/agent-via-gateway.ts:180-196. Happy to open a follow-up PR for that after this one lands, to keep the diff scope here clean.

Would like to see this unstaled. If @zhangzhejian is unavailable, I'm happy to pick up the rebase / address review comments.

[openclaw-barnacle]

This pull request has been automatically marked as stale due to inactivity.
Please add updates or it will be closed.

[clawsweeper]

Thanks for the context here. I did a careful shell check against current main, and the useful part of this older PR is already implemented there.

Current main already carries the useful openclaw agent --session-key behavior through the merged replacement PR, including validation, embedded fallback handling, docs, tests, and real CLI proof; the remaining value in this older branch is obsolete.

So I’m closing this older PR as already covered on main rather than keeping a mostly-duplicated branch open.

Review details

Best possible solution:

Keep the current main implementation from the merged replacement PR and close this stale branch instead of trying to rebase its smaller, older diff.

Do we have a high-confidence way to reproduce the issue?

Not applicable as a feature PR rather than a bug report. Source inspection confirms current main now exposes and routes --session-key, and the merged replacement PR includes terminal proof for the CLI behavior.

Is this the best way to solve the issue?

Yes for current main, not for this branch. The merged replacement PR is the maintainable solution because it adds shared validation, embedded-path parity, docs, tests, and proof beyond this older two-file plumbing branch.

Security review:

Security review cleared: The stale branch only adds TypeScript CLI option plumbing and the superseding implementation does not introduce dependency, workflow, secret, install, or package-resolution changes.

What I checked:

• Current CLI surface: Current main registers --session-key <key> for openclaw agent with help text describing exact agent-prefixed keys and --agent scoping. (src/cli/program/register.agent.ts:71, bb5010b89a5a)
• Shared dispatch validation: Current main validates malformed agent: keys and --agent/session-key mismatches before gateway or embedded dispatch, then normalizes the dispatch options once. (src/commands/agent-via-gateway.ts:160, bb5010b89a5a)
• Gateway forwarding: Current main resolves the explicit session key and passes it as params.sessionKey to the Gateway agent request. (src/commands/agent-via-gateway.ts:537, bb5010b89a5a)
• Embedded path alignment: Direct embedded agentCommand now scopes explicit legacy keys, rejects malformed agent-prefixed keys, checks --agent mismatches, and passes the normalized key into session resolution. (src/agents/agent-command.ts:323, bb5010b89a5a)
• Docs coverage: The public agent CLI docs list --session-key, show exact-key examples, and document scoping for agent-prefixed, bare, global, and unknown keys. Public docs: docs/cli/agent.md. (docs/cli/agent.md:13, bb5010b89a5a)
• Focused regression coverage: Current tests cover gateway explicit-key routing, legacy-key scoping, embedded fallback preservation, local embedded runs, malformed-key rejection, and agent mismatch rejection. (src/commands/agent-via-gateway.test.ts:235, bb5010b89a5a)

Likely related people:

• Kaspre: Authored the merged replacement PR that implemented explicit CLI session keys with validation, docs, tests, and real behavior proof. (role: replacement feature implementer; confidence: high; commits: eb7f3b7b50c5, 2c76dd339f5f; files: src/commands/agent-via-gateway.ts, src/agents/agent-command.ts, src/routing/session-key.ts)
• Peter Steinberger: Local history shows repeated recent work across the central agent CLI, gateway dispatch, routing helper, and session-resolution paths touched by this feature. (role: recent area contributor; confidence: medium; commits: 5e97045345a6, 310b5e4f6a22, 22e7b462c527; files: src/commands/agent-via-gateway.ts, src/cli/program/register.agent.ts, src/agents/command/session.ts)
• Vincent Koc: Recent commits in the inspected history narrow and refactor agent session helper and command imports near the same CLI/session-routing boundary. (role: adjacent session/agent contributor; confidence: medium; commits: ce1fffa97e24, 99755fcb2f1f, f2e08295e6b3; files: src/commands/agent-via-gateway.ts, src/agents/command/session.ts, src/routing/session-key.ts)

Codex review notes: model gpt-5.5, reasoning high; reviewed against bb5010b89a5a; fix evidence: commit eb7f3b7b50c5, main fix timestamp 2026-05-22T03:08:25Z.

[clawsweeper]

ClawSweeper PR egg

🎁 Pass real behavior proof to wake the egg and unlock a hatchable treat.

Where did the egg go?

• The egg game starts only after the PR passes the real-behavior proof check.
• Before that, no creature or rarity is rolled. The treat waits for real proof.
• This is still just collectible flavor: proof affects review readiness, not creature quality.

[clawsweeper]

ClawSweeper applied the proposed close for this PR.

• Action: closed this PR.
• Close reason: mostly implemented on main.
• Evidence: durable ClawSweeper review.