fix(cli-runner): add opt-in raw transcript reseed for invalidated CLI sessions

[hclsys]

Summary

• keeps raw OpenClaw transcript reseed disabled by default before compaction
• adds reseedFromRawTranscriptWhenUncompacted as an explicit CLI backend opt-in in config types, strict schema, generated baseline, and docs
• limits opted-in raw reseed to safe invalidations (missing-transcript, system-prompt, mcp, session-expired) while auth profile/credential-epoch resets remain no-raw
• prepares a bounded recovery prompt for opted-in native resume retries without disabling normal CLI session resume

Fixes #79713.

Verification

• pnpm exec oxfmt --check --threads=1 CHANGELOG.md docs/gateway/cli-backends.md docs/gateway/config-agents.md src/agents/cli-runner.reliability.test.ts src/agents/cli-runner/prepare.test.ts src/agents/cli-runner/prepare.ts src/agents/cli-runner/session-history.test.ts src/agents/cli-runner/session-history.ts src/config/types.agent-defaults.ts src/config/zod-schema.core.ts
• pnpm run lint:extensions:bundled
• pnpm deadcode:dependencies
• pnpm test src/agents/cli-runner/session-history.test.ts src/agents/cli-runner/prepare.test.ts src/agents/cli-runner.reliability.test.ts src/config/schema.test.ts src/config/zod-schema.agent-defaults.test.ts
• pnpm changed:lanes --json
• git diff --check

pnpm config:docs:gen updated docs/.generated/config-baseline.sha256 and the local ignored generated JSON contains agents.defaults.cliBackends.*.reseedFromRawTranscriptWhenUncompacted. pnpm config:docs:check did not complete locally after the updated hash; it stayed in scripts/generate-config-doc-baseline.ts --check with no output and was stopped after several minutes.

[clawsweeper]

Codex review: needs changes before merge.

Summary
The PR adds a reseedFromRawTranscriptWhenUncompacted CLI backend config flag, threads it into CLI session reseed preparation, adds tests/docs, and updates changelog/config baseline metadata.

Reproducibility: yes. from source. Current main clearly returns no no-compaction reseed, and the PR’s new raw-reseed path can be traced through the existing prepare ordering where missing-transcript is classified before auth reuse checks.

Real behavior proof
Override: The PR carries a maintainer-applied proof: override label, so the external contributor real-behavior proof gate is bypassed for this review.

Next step before merge
A narrow PR-branch repair can make auth-boundary classification win before missing-transcript raw reseed is considered safe.

Security
Needs attention: The patch keeps raw reseed opt-in, but the missing-transcript path can still leak raw transcript history across an auth identity change.

Review findings

• [P1] Preserve auth-boundary checks before raw reseed — src/agents/cli-runner/prepare.ts:411-413

Review details

Best possible solution:

Land the opt-in reseed only after missing-transcript recovery preserves auth-boundary no-raw semantics, with prepare-level regression coverage and docs/schema kept aligned.

Do we have a high-confidence way to reproduce the issue?

Yes from source. Current main clearly returns no no-compaction reseed, and the PR’s new raw-reseed path can be traced through the existing prepare ordering where missing-transcript is classified before auth reuse checks.

Is this the best way to solve the issue?

No as currently patched. The opt-in design is the right narrow direction, but the implementation needs auth-profile and auth-epoch invalidation to win before any raw missing-transcript reseed is prepared.

Full review comments:

• [P1] Preserve auth-boundary checks before raw reseed — src/agents/cli-runner/prepare.ts:411-413
  When a Claude transcript is missing, prepareCliRunContext already sets reusableCliSession to missing-transcript before resolveCliSessionReuse can report an auth-profile or auth-epoch mismatch. With this PR’s new allow-list, that combined case is treated as safe and can send raw prior transcript into a fresh CLI run under changed credentials, despite the intended no-raw auth boundary. Resolve the binding auth state first or suppress raw reseed for missing transcripts whose saved auth identity no longer matches, and add prepare-level coverage.
  Confidence: 0.88

Overall correctness: patch is incorrect
Overall confidence: 0.88

Security concerns:

• [medium] Raw reseed can bypass auth-boundary invalidation — src/agents/cli-runner/prepare.ts:411
  Because missing transcript is classified before auth-profile/auth-epoch reuse checks, an opted-in backend can raw-reseed prior transcript after a credential or auth-profile change if the Claude transcript is also missing.
  Confidence: 0.86

Acceptance criteria:

• pnpm test src/agents/cli-runner/prepare.test.ts src/agents/cli-runner/session-history.test.ts
• pnpm test src/agents/cli-runner.reliability.test.ts
• pnpm test src/config/schema.test.ts src/config/zod-schema.agent-defaults.test.ts
• pnpm exec oxfmt --check --threads=1 CHANGELOG.md docs/gateway/cli-backends.md docs/gateway/config-agents.md src/agents/cli-runner.reliability.test.ts src/agents/cli-runner/prepare.test.ts src/agents/cli-runner/prepare.ts src/agents/cli-runner/session-history.test.ts src/agents/cli-runner/session-history.ts src/config/types.agent-defaults.ts src/config/zod-schema.core.ts
• pnpm config:docs:check

What I checked:

• Current no-raw default: Current main returns no reseed messages when a CLI transcript has no compaction summary, preserving the existing raw-transcript boundary. (src/agents/cli-runner/session-history.ts:199, 9b629758fe26)
• Explicit safety test: Current main has a raw-secret test asserting uncompacted raw transcript history is not reseeded by default. (src/agents/cli-runner/session-history.test.ts:229, 9b629758fe26)
• Auth checks are downstream of missing-transcript classification: The prepare path classifies a missing Claude transcript before it calls resolveCliSessionReuse, so a saved binding with changed auth can be reported as missing-transcript instead of auth-profile or auth-epoch. (src/agents/cli-runner/prepare.ts:284, 9b629758fe26)
• Auth-boundary reasons exist in reuse resolution: resolveCliSessionReuse already returns auth-profile and auth-epoch invalidations when the stored binding auth identity no longer matches the current run. (src/agents/cli-session.ts:159, 9b629758fe26)
• PR changed raw reseed allow-list: The PR diff adds raw reseed parameters and allows raw reseed for missing-transcript, while the PR body says auth profile and credential-epoch resets remain no-raw. (src/agents/cli-runner/session-history.ts:205, 47e97d9d7b88)
• Maintainer direction and proof override: The discussion records maintainer guidance to keep raw reseed disabled by default and add a documented opt-in; the timeline later applies proof: override.

Likely related people:

• steipete: Recent current-main blame for the CLI session/auth files points to Peter Steinberger, and the PR discussion records his explicit guidance on preserving the no-raw default with an opt-in config path. (role: maintainer reviewer and recent adjacent owner; confidence: high; commits: 36da8c1b9ea4; files: src/agents/cli-runner/session-history.ts, src/agents/cli-runner/prepare.ts, src/agents/cli-session.ts)
• obviyus: The bounded fresh-session reseed and compaction-boundary behavior is tied to the commit titled fix(cli): bound fresh session reseed, which touched the central CLI runner session-history and prepare files. (role: introduced behavior; confidence: high; commits: 8559a84e4ea5; files: src/agents/cli-runner/session-history.ts, src/agents/cli-runner/session-history.test.ts, src/agents/cli-runner/prepare.ts)

Remaining risk / open question:

• Until the missing-transcript/auth precedence is covered, the opt-in raw reseed can cross an auth identity boundary in the combined missing-transcript plus auth-change case.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 9b629758fe26.

[steipete]

Thanks for digging into this. I agree the reported behavior is real: when the external CLI session is invalidated before we have a compaction summary, the fresh run currently starts with historyPrompt=none and loses useful continuity.

I don't think we should fix it by enabling raw pre-compaction transcript reseeding by default, though. src/agents/cli-runner/session-history.test.ts has an explicit raw secret case asserting that fresh CLI sessions are not reseeded from raw transcript history before compaction, so this PR changes a deliberate safety boundary.

The smallest landable shape I would suggest is:

• keep the current default: no raw transcript reseed before compaction
• add an explicit CLI backend opt-in for uncompacted raw-tail reseed
• wire that through both CliBackendConfig and the strict CliBackendSchema
• pass the resolved backend option into loadCliSessionReseedMessages
• keep the existing no-raw test, and add opt-in coverage for bounded raw-tail reseeding
• document the config knob, since it changes what context is sent into the external CLI process

If we want automatic continuity by default later, I think the safer product fix is to summarize-on-invalidation and reseed from that summary, rather than injecting raw transcript history into a fresh external CLI session by default. That is a larger session/compaction-flow change and probably should be separate from this small fix.