feat(nvidia): tag NIM requests with app origin

[nv-kasikritc]

Summary

• Problem: NVIDIA NIM cannot reliably identify that OpenClaw originated requests unless OpenClaw sends the billing invoke-origin header.
• Why it matters: NVIDIA can use the app-origin signal to track which apps requests are originating from.
• What changed: verified NVIDIA NIM routes now attach X-BILLING-INVOKE-ORIGIN: OpenClaw through the shared provider attribution policy path, with endpoint metadata for https://integrate.api.nvidia.com/v1 and coverage for official-route and custom-proxy behavior.
• What did NOT change (scope boundary): custom proxy hosts do not receive this header automatically, and non-NVIDIA providers are unchanged.

Change Type (select all)

• Bug fix
• Feature
• Refactor required for the fix
• Docs
• Security hardening
• Chore/infra

Scope (select all touched areas)

• Gateway / orchestration
• Skills / tool execution
• Auth / tokens
• Memory / storage
• Integrations
• API / contracts
• UI / DX
• CI/CD / infra

Linked Issue/PR

• Closes N/A
• Related N/A
• This PR fixes a bug or regression

Real behavior proof (required for external PRs)

• Behavior or issue addressed: NVIDIA NIM requests from OpenClaw should include X-BILLING-INVOKE-ORIGIN: OpenClaw only on verified NVIDIA NIM routes.
• Real environment tested: local OpenClaw checkout on macOS with Node/pnpm test lanes.
• Exact steps or command run after this patch: pnpm test src/gateway/sessions-patch.test.ts src/plugins/registry.runtime-config.test.ts src/agents/provider-attribution.test.ts src/agents/provider-request-config.test.ts extensions/nvidia/index.test.ts extensions/nvidia/provider-catalog.test.ts extensions/nvidia/plugin-registration.contract.test.ts
• Evidence after fix (screenshot, recording, terminal capture, console output, redacted runtime log, linked artifact, or copied live output): targeted tests passed 5 Vitest shards in 58.26s; OPENCLAW_LOCAL_CHECK=1 OPENCLAW_LOCAL_CHECK_MODE=throttled pnpm check:changed exited 0 after typecheck, lint, guard, and selected changed-lane checks.
• Observed result after fix: official NVIDIA NIM route header resolution returns X-BILLING-INVOKE-ORIGIN: OpenClaw; custom proxy routes preserve operator-provided headers and do not get automatic NVIDIA attribution.
• What was not tested: no live NVIDIA API request was sent from this checkout.
• Before evidence (optional but encouraged): prior NVIDIA provider metadata had no route-scoped attribution policy for the billing invoke-origin header.

Root Cause (if applicable)

• Root cause: N/A.
• Missing detection / guardrail: provider attribution tests did not cover NVIDIA NIM billing-origin tracking because no NVIDIA attribution policy existed.
• Contributing context (if known): OpenRouter already used the shared attribution policy path; NVIDIA NIM needed equivalent route-gated metadata and header handling.

Regression Test Plan (if applicable)

• Coverage level that should have caught this:
  • Unit test
  • Seam / integration test
  • End-to-end test
  • Existing coverage already sufficient
• Target test or file: src/agents/provider-attribution.test.ts; src/agents/provider-request-config.test.ts
• Scenario the test should lock in: official NVIDIA NIM endpoints attach X-BILLING-INVOKE-ORIGIN: OpenClaw, custom proxy hosts do not, and spoofed caller header values cannot override route-owned attribution.
• Why this is the smallest reliable guardrail: the shared provider attribution and request-header merge seams are where OpenRouter-style tracking is resolved before provider requests are made.
• Existing test that already covers this (if any): OpenRouter attribution tests covered the analogous policy shape, but not NVIDIA NIM.
• If no new test is added, why not: N/A.

User-visible / Behavior Changes

NVIDIA NIM requests sent to verified NVIDIA routes now include X-BILLING-INVOKE-ORIGIN: OpenClaw. Custom NVIDIA-compatible proxy hosts are unchanged.

Diagram (if applicable)

Before:
[OpenClaw NVIDIA request] -> [integrate.api.nvidia.com/v1] -> [no OpenClaw app-origin header]

After:
[OpenClaw NVIDIA request] -> [verified NVIDIA NIM route] -> [X-BILLING-INVOKE-ORIGIN: OpenClaw]

Security Impact (required)

• New permissions/capabilities? (Yes/No) No
• Secrets/tokens handling changed? (Yes/No) No
• New/changed network calls? (Yes/No) No
• Command/tool execution surface changed? (Yes/No) No
• Data access scope changed? (Yes/No) No
• If any Yes, explain risk + mitigation: N/A. This changes request metadata on existing NVIDIA NIM calls by adding a non-secret app-origin header on verified NVIDIA routes only.

Repro + Verification

Environment

• OS: macOS
• Runtime/container: local Node/pnpm checkout
• Model/provider: NVIDIA provider request-policy seam
• Integration/channel (if any): N/A
• Relevant config (redacted): verified NVIDIA NIM base URL https://integrate.api.nvidia.com/v1

Steps

1. Resolve provider attribution headers for provider nvidia and official NVIDIA NIM base URL.
2. Resolve request headers for a custom provider id pointing at the official NVIDIA NIM base URL with a spoofed caller value.
3. Resolve request headers for provider nvidia pointed at a custom proxy host.

Expected

• Official NVIDIA NIM routes include X-BILLING-INVOKE-ORIGIN: OpenClaw.
• Caller-provided spoofed values cannot override the route-owned NVIDIA attribution header.
• Custom proxy hosts do not receive automatic NVIDIA attribution.

Actual

• Matches expected in src/agents/provider-attribution.test.ts and src/agents/provider-request-config.test.ts.

Evidence

• Failing test/log before + passing after
• Trace/log snippets
• Screenshot/recording
• Perf numbers (if relevant)

Human Verification (required)

What you personally verified (not just CI), and how:

• Verified scenarios: official NVIDIA NIM endpoint classification; NVIDIA attribution policy shape; automatic header injection on verified NVIDIA routes; spoofing protection; no automatic header on custom proxy hosts; NVIDIA plugin endpoint metadata.
• Edge cases checked: provider id alias casing; custom provider id using the official NVIDIA route; caller-wins precedence with both route-owned and operator-owned header behavior.
• What you did not verify: live NVIDIA API traffic. Testbox validation was attempted but blocked by sandbox approval policy because it would sync the private checkout externally; the local changed gate was used instead.

Review Conversations

• I replied to or resolved every bot review conversation I addressed in this PR.
• I left unresolved only the conversations that still need reviewer or maintainer judgment.

Compatibility / Migration

• Backward compatible? (Yes/No) Yes
• Config/env changes? (Yes/No) No
• Migration needed? (Yes/No) No
• If yes, exact upgrade steps: N/A

Risks and Mitigations

• Risk: custom proxy deployments could unexpectedly receive OpenClaw attribution if treated as NVIDIA routes.
  • Mitigation: attribution is gated by verified NVIDIA endpoint metadata; custom proxy hosts are covered by tests as not receiving the header automatically.

[clawsweeper]

Codex review: needs real behavior proof before merge.

Summary
Adds NVIDIA endpoint metadata and a provider attribution policy that injects X-BILLING-INVOKE-ORIGIN: OpenClaw on verified NIM routes, plus tests for official-route and custom-proxy header behavior.

Reproducibility: not applicable. this is a new provider attribution feature, not a bug report. The behavior is source-reviewable through the diff and tests, but no live request proof was supplied.

Real behavior proof
Needs real behavior proof before merge: The PR body reports tests/checks and says no live NVIDIA API request was sent, so the contributor should add terminal/live output, a recording, or redacted logs from a real OpenClaw NVIDIA request and update the PR body to trigger re-review.

Next step before merge
Human handling is needed for contributor real behavior proof and maintainer acceptance of the vendor billing-origin header; there is no narrow code repair for ClawSweeper to make.

Security
Cleared: The diff adds fixed non-secret request metadata, manifest endpoint classification, and tests without new dependencies, secret handling, execution paths, or network destinations.

Review details

Best possible solution:

Land the route-gated header through manifest endpoint metadata and the shared request-policy seam once redacted runtime proof from a real NVIDIA request and maintainer header-contract acceptance are in place.

Do we have a high-confidence way to reproduce the issue?

Not applicable: this is a new provider attribution feature, not a bug report. The behavior is source-reviewable through the diff and tests, but no live request proof was supplied.

Is this the best way to solve the issue?

Yes for code shape: manifest endpoint classification plus shared provider request policy is the narrow maintainable route. The remaining gate is proof and policy acceptance rather than a code rewrite.

Acceptance criteria:

• Review the PR body for redacted live/runtime proof from an actual OpenClaw NVIDIA request showing the header behavior.
• Confirm maintainer acceptance of sending X-BILLING-INVOKE-ORIGIN: OpenClaw on verified NVIDIA NIM routes.
• Check current PR head CI before merge.

What I checked:

• Current main lacks NVIDIA route attribution: Current main lists OpenRouter, OpenAI, OpenAI Codex, and SDK-hook-only providers in listProviderAttributionPolicies; there is no NVIDIA attribution policy or nvidia-native endpoint class on main. (src/agents/provider-attribution.ts:539, 3225ec43c887)
• NVIDIA plugin owns the official NIM route: The bundled NVIDIA manifest already defines the official OpenAI-compatible base URL as https://integrate.api.nvidia.com/v1, but current main has no providerEndpoints metadata for it. (extensions/nvidia/openclaw.plugin.json:15, 3225ec43c887)
• Shared request seam protects route-owned attribution keys: Current request header resolution merges provider policy attribution at transport-time and removes caller headers whose names match protected attribution keys, so the PR targets the existing shared seam rather than NVIDIA runtime code. (src/agents/provider-request-config.ts:658, 3225ec43c887)
• PR implements the route-gated policy and coverage: The PR patch adds nvidia-native, buildNvidiaAttributionPolicy, endpoint-class based attributionProvider = "nvidia", and tests for official NVIDIA route injection, spoofing protection, and custom proxy non-injection. (src/agents/provider-attribution.ts:482, 304828b76e99)
• Related search did not find another canonical header item: GitHub issue search for the exact header found only this PR; broader NVIDIA NIM billing search surfaced unrelated NVIDIA provider/failover items rather than another owner for this header work.
• Real behavior proof remains test-only: The PR body reports targeted tests and changed checks, and explicitly states that no live NVIDIA API request was sent from the checkout. (304828b76e99)

Likely related people:

• steipete: Current-main blame for the provider attribution/request-policy paths points to recent provider-policy refactor work, and commit history shows repeated nearby provider attribution and manifest-routing changes. (role: recent area contributor; confidence: medium; commits: f441a569ea, b74f35ee6f97, d1b2d81752b8; files: src/agents/provider-attribution.ts, src/agents/provider-request-config.ts, extensions/nvidia/openclaw.plugin.json)
• vincentkoc: GitHub commit history for the central provider attribution file includes app-attribution and cold provider-metadata work, plus a NVIDIA metadata alignment commit. (role: adjacent provider attribution contributor; confidence: medium; commits: f1340be05150, 4fbc490fcaee, dcd665cd0510; files: src/agents/provider-attribution.ts, extensions/nvidia/openclaw.plugin.json)
• eleqtrizit: The merged NVIDIA provider support history introduced the bundled NVIDIA plugin, docs, onboarding, and tests that this PR extends with route metadata. (role: NVIDIA provider introducer; confidence: medium; commits: 9a0b43c47e30; files: extensions/nvidia/openclaw.plugin.json, docs/providers/nvidia.md)

Remaining risk / open question:

• No after-fix proof from an actual NVIDIA request is supplied; the PR body explicitly says live NVIDIA API traffic was not tested.
• The vendor billing-origin header contract still needs maintainer or vendor confirmation before treating the policy as accepted vendor-documented behavior.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 3225ec43c887.