Skip to content

fix: guard tool event callbacks (AI-assisted)#81696

Merged
clawsweeper[bot] merged 1 commit into
openclaw:mainfrom
enjoylife1243:codex/tool-event-callback-guard
Jun 19, 2026
Merged

fix: guard tool event callbacks (AI-assisted)#81696
clawsweeper[bot] merged 1 commit into
openclaw:mainfrom
enjoylife1243:codex/tool-event-callback-guard

Conversation

@enjoylife1243

@enjoylife1243 enjoylife1243 commented May 14, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Problem: tool progress callbacks during tool event emission could throw synchronously or reject asynchronously.
  • Why it matters: a failing observer/progress callback could interrupt tool-start handling or leak an unhandled rejection in gateway runs.
  • What changed: wrapped tool execution phase and per-run agent event callbacks in best-effort guards that log warning failures without interrupting tool processing.
  • What did NOT change (scope boundary): global agent event emission, tool execution semantics, and result payload shaping are unchanged.

Change Type (select all)

  • Bug fix
  • Feature
  • Refactor required for the fix
  • Docs
  • Security hardening
  • Chore/infra

Scope (select all touched areas)

  • Gateway / orchestration
  • Skills / tool execution
  • Auth / tokens
  • Memory / storage
  • Integrations
  • API / contracts
  • UI / DX
  • CI/CD / infra

Linked Issue/PR

  • Closes #
  • Related #
  • This PR fixes a bug or regression

Real behavior proof (required for external PRs)

  • Behavior or issue addressed: tool-start progress callbacks can no longer crash or interfere with tool event handling when they throw or reject.
  • Real environment tested: local macOS OpenClaw checkout, Node 22.19.0, running this PR branch at commit 65de17d9e09cabf804eca4050943f34e35ff2166.
  • Exact steps or command run after this patch:
    • git rev-parse HEAD
    • node --import tsx --input-type=module <<'NODE' ...runtime callback proof script... NODE
    • node scripts/run-vitest.mjs src/agents/embedded-agent-subscribe.handlers.tools.test.ts -- --run
    • node_modules/.bin/oxlint --tsconfig config/tsconfig/oxlint.core.json src/agents/embedded-agent-subscribe.handlers.tools.ts
    • node_modules/.bin/oxlint --tsconfig config/tsconfig/oxlint.core.json src ui packages
    • git diff --check
  • Evidence after fix (screenshot, recording, terminal capture, console output, redacted runtime log, linked artifact, or copied live output):
$ git rev-parse HEAD
65de17d9e09cabf804eca4050943f34e35ff2166

$ node --import tsx --input-type=module <<'NODE' ...runtime callback proof script... NODE
OpenClaw runtime callback proof
head: 65de17d9e09cabf804eca4050943f34e35ff2166
production import: src/agents/embedded-agent-subscribe.handlers.tools.ts
sync throw probe:
  tool metadata recorded: true
  item starts recorded: 2
  active items: command:tool-sync-throw, tool:tool-sync-throw
  warnings captured: 4
  warning kinds: execution-phase, agent-event, agent-event, agent-event
async rejection probe:
  tool metadata recorded: true
  item starts recorded: 2
  active items: command:tool-async-reject, tool:tool-async-reject
  warnings captured: 3
  warning kinds: agent-event, agent-event, agent-event
unhandled rejections observed: 0

$ node scripts/run-vitest.mjs src/agents/embedded-agent-subscribe.handlers.tools.test.ts -- --run
[test] starting test/vitest/vitest.agents.config.ts

 RUN  v4.1.7 /Users/xuyi/Projects/openclaw


 Test Files  1 passed (1)
      Tests  49 passed (49)
   Start at  12:23:21
   Duration  997ms (transform 403ms, setup 86ms, import 475ms, tests 372ms, environment 0ms)

[test] passed 1 Vitest shard in 3.82s

$ node_modules/.bin/oxlint --tsconfig config/tsconfig/oxlint.core.json src/agents/embedded-agent-subscribe.handlers.tools.ts
# no output; exit 0

$ node_modules/.bin/oxlint --tsconfig config/tsconfig/oxlint.core.json src ui packages
# no output; exit 0

$ git diff --check
# no output; exit 0
  • Observed result after fix: the current PR head directly imported the production tool-start handler and exercised a runtime callback boundary with a synchronous execution-phase throw, synchronous per-run agent-event throws, and asynchronous per-run agent-event rejections. Tool metadata and item starts were still recorded in both probes, warning-only callback failures were captured, and zero unhandled rejections were observed. The focused Vitest and static checks also pass on the same current head.
  • What was not tested: a live model/provider turn through a real chat channel. The runtime proof directly exercises the production tool-start event boundary changed by this patch.
  • Before evidence (optional but encouraged): current main directly invokes the same per-run callbacks with ctx.params.onExecutionPhase?.(...) and void ctx.params.onAgentEvent?.(...), so sync throws can escape and async rejections are not observed on that path. The proof above demonstrates the current PR head converts those callback failures into warning-only observer failures while preserving tool event handling.

Root Cause (if applicable)

  • Root cause: per-run progress callbacks were treated as best-effort with void, but synchronous throws still escaped and promise rejections were not caught.
  • Missing detection / guardrail: no regression covered throwing or rejecting tool-start progress callbacks.
  • Contributing context (if known): global agent-event listeners already guard synchronous listener failures, but the per-run callback path used by tool progress did not share that protection.

Regression Test Plan (if applicable)

  • Coverage level that should have caught this:
    • Unit test
    • Seam / integration test
    • End-to-end test
    • Existing coverage already sufficient
  • Target test or file: src/agents/pi-embedded-subscribe.handlers.tools.test.ts
  • Scenario the test should lock in: tool-start processing continues when progress callbacks throw or reject.
  • Why this is the smallest reliable guardrail: the bug is in the tool event handler boundary itself.
  • Existing test that already covers this (if any): N/A
  • If no new test is added, why not: N/A

User-visible / Behavior Changes

None.

Diagram (if applicable)

Before:
[tool_start] -> [progress callback throws/rejects] -> [handler abort or unhandled rejection]

After:
[tool_start] -> [progress callback throws/rejects] -> [warning logged] -> [tool event handling continues]

Security Impact (required)

  • New permissions/capabilities? No
  • Secrets/tokens handling changed? No
  • New/changed network calls? No
  • Command/tool execution surface changed? No
  • Data access scope changed? No
  • If any Yes, explain risk + mitigation: N/A

Repro + Verification

Environment

  • OS: macOS
  • Runtime/container: Node 22.19.0, local OpenClaw checkout
  • Model/provider: N/A
  • Integration/channel (if any): N/A
  • Relevant config (redacted): N/A

Steps

  1. Confirm the current PR head: git rev-parse HEAD.
  2. Run a runtime probe that imports src/agents/embedded-agent-subscribe.handlers.tools.ts and exercises sync-throwing plus async-rejecting progress callbacks against handleToolExecutionStart.
  3. Run the focused production-handler regression suite: node scripts/run-vitest.mjs src/agents/embedded-agent-subscribe.handlers.tools.test.ts -- --run.
  4. Run focused static validation:
    • node_modules/.bin/oxlint --tsconfig config/tsconfig/oxlint.core.json src/agents/embedded-agent-subscribe.handlers.tools.ts
    • node_modules/.bin/oxlint --tsconfig config/tsconfig/oxlint.core.json src ui packages
    • git diff --check

Expected

  • Tool-start handling records tool metadata and item events even when progress callbacks throw or reject.
  • Callback failures are logged as warnings.
  • No unhandled rejection is leaked from the async callback path.
  • Static checks accept the thenable-safe async guard.

Actual

  • Matches expected on current PR head 65de17d9e09cabf804eca4050943f34e35ff2166.

Evidence

  • Failing test/log before + passing after
  • Trace/log snippets
  • Screenshot/recording
  • Perf numbers (if relevant)

Human Verification (required)

What you personally verified (not just CI), and how:

  • Verified scenarios: local OpenClaw runtime at 65de17d9e09cabf804eca4050943f34e35ff2166, production handler import, sync execution-phase callback throw, sync per-run agent-event callback throw, async per-run agent-event callback rejection, existing tool event behavior, and the thenable-safe Promise.resolve(result).catch(...) guard.
  • Edge cases checked: promise rejection guard path, warning-only callback failure path, zero observed unhandled rejections, and static lint coverage for the touched handler.
  • What you did not verify: live provider/gateway turn through a real chat channel.

Review Conversations

  • I replied to or resolved every bot review conversation I addressed in this PR.
  • I left unresolved only the conversations that still need reviewer or maintainer judgment.

Compatibility / Migration

  • Backward compatible? Yes
  • Config/env changes? No
  • Migration needed? No
  • If yes, exact upgrade steps: N/A

Risks and Mitigations

  • Risk: callback failures are now warning-only in this observer path.
    • Mitigation: these callbacks are progress/telemetry observers; core tool event emission and state tracking still proceed.

@openclaw-barnacle openclaw-barnacle Bot added agents Agent runtime and tooling size: S triage: mock-only-proof Candidate: PR proof only shows tests, mocks, snapshots, lint, typecheck, or CI. labels May 14, 2026
@clawsweeper

clawsweeper Bot commented May 14, 2026

Copy link
Copy Markdown
Contributor

Codex review: passed. Reviewed June 19, 2026, 1:12 AM ET / 05:12 UTC.

Summary
This PR wraps embedded-agent tool-handler onExecutionPhase and per-run onAgentEvent emissions in best-effort warning guards and adds regression tests for throwing and rejecting callbacks.

PR surface: Source +31, Tests +44. Total +75 across 2 files.

Reproducibility: yes. Current main directly invokes the relevant callbacks in the tool-start and tool-event paths, so a throwing observer can interrupt the handler and a rejected async observer can leak unless guarded; I did not run a failing current-main repro in this read-only review.

Review metrics: 1 noteworthy metric.

  • Observer callback guards: 1 execution-phase path and 9 agent-event callback sites guarded. This shows the PR covers the tool handler's callback emissions rather than only the start-proof case.

Merge readiness
Overall: 🦞 diamond lobster
Proof: 🦞 diamond lobster
Patch quality: 🦞 diamond lobster
Result: ready for maintainer review.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Risk before merge

  • [P1] No live model/provider chat-channel turn was run; the supplied terminal proof directly exercises the production handler boundary, so the remaining uncertainty is integration-level only.
  • [P1] Lifecycle, assistant-stream, and compaction observer callbacks still use their existing paths; this PR intentionally scopes hardening to tool-handler callbacks.

Maintainer options:

  1. Decide the mitigation before merge
    Land the focused tool-callback guard after exact-head automerge checks and normal maintainer gates, and track any broader observer-callback policy separately if maintainers want that scope.
  2. Pause or close
    Do not merge this PR until maintainers decide whether the risk is worth taking.

Next step before merge

  • [P2] No repair lane is needed because there are no blocking review findings; the automerge-enabled PR can proceed through normal exact-head checks and maintainer gates.

Security
Cleared: The diff only changes TypeScript agent handler/test code and does not add dependencies, workflows, permissions, package metadata, network calls, or secret handling.

Review details

Best possible solution:

Land the focused tool-callback guard after exact-head automerge checks and normal maintainer gates, and track any broader observer-callback policy separately if maintainers want that scope.

Do we have a high-confidence way to reproduce the issue?

Yes. Current main directly invokes the relevant callbacks in the tool-start and tool-event paths, so a throwing observer can interrupt the handler and a rejected async observer can leak unless guarded; I did not run a failing current-main repro in this read-only review.

Is this the best way to solve the issue?

Yes. The PR is the narrowest maintainable fix for the stated tool-handler observer boundary: local wrappers match the callback types, preserve canonical event/state emissions, and avoid changing broader lifecycle or global event semantics.

AGENTS.md: found and applied where relevant.

Codex review notes: model internal, reasoning high; reviewed against 5e7a0b155808.

Label changes

Label changes:

  • add status: 🚀 automerge armed: This PR is in ClawSweeper's automerge lane. Sufficient (terminal): The PR body includes after-fix terminal output from a production-handler runtime probe plus focused tests and static checks on the same head.
  • remove status: 👀 ready for maintainer look: Current PR status label is status: 🚀 automerge armed.

Label justifications:

  • P2: This is a normal-priority agent/tool callback robustness bug fix with limited blast radius and no config, auth, dependency, migration, or stored-data surface.
  • rating: 🦞 diamond lobster: Overall readiness is 🦞 diamond lobster; proof is 🦞 diamond lobster and patch quality is 🦞 diamond lobster.
  • status: 🚀 automerge armed: This PR is in ClawSweeper's automerge lane. Sufficient (terminal): The PR body includes after-fix terminal output from a production-handler runtime probe plus focused tests and static checks on the same head.
  • proof: sufficient: Contributor real behavior proof is sufficient. The PR body includes after-fix terminal output from a production-handler runtime probe plus focused tests and static checks on the same head.
Evidence reviewed

PR surface:

Source +31, Tests +44. Total +75 across 2 files.

View PR surface stats
Area Files Added Removed Net
Source 1 41 10 +31
Tests 1 44 0 +44
Docs 0 0 0 0
Config 0 0 0 0
Generated 0 0 0 0
Other 0 0 0 0
Total 2 85 10 +75

What I checked:

Likely related people:

  • vincentkoc: Recent GitHub commit history for the tool handler and adjacent tests shows multiple current-main agent delivery changes by this person, and local blame on the current direct callback lines points to a current-main snapshot authored by Vincent Koc. (role: recent area contributor; confidence: medium; commits: fec6a0407f44, 43cef3a80ca1, 0ea08076c3b5; files: src/agents/embedded-agent-subscribe.handlers.tools.ts, src/agents/embedded-agent-subscribe.handlers.tools.test.ts)
  • sandieman2: Merged PR fix(reply): deliver final reply when queued follow-up claims session; scope dedupe to routed thread #90943 recently changed the same embedded-agent tool handler, tests, and run params while repairing reply/tool delivery behavior. (role: recent adjacent contributor; confidence: medium; commits: c67dc59b02b0; files: src/agents/embedded-agent-subscribe.handlers.tools.ts, src/agents/embedded-agent-subscribe.handlers.tools.test.ts, src/agents/embedded-agent-runner/run/params.ts)
  • steipete: Recent GitHub metadata shows nearby agent terminal/event work by this person, and they merged the adjacent tool/reply delivery PR touching this surface. (role: feature-history owner and adjacent merger; confidence: medium; commits: 0314819f918a, c67dc59b02b0; files: src/agents/embedded-agent-subscribe.handlers.tools.ts, src/agents/embedded-agent-subscribe.handlers.tools.test.ts, src/agents/embedded-agent-runner/run/params.ts)
What the crustacean ranks mean
  • 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
  • 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
  • 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
  • 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
  • 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
  • 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
  • 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works
  • ClawSweeper keeps one durable marker-backed review comment per issue or PR.
  • Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
  • A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
  • PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
  • Maintainers can also comment @clawsweeper review to request a fresh review only.
  • Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
  • Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
  • Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

@openclaw-barnacle openclaw-barnacle Bot added proof: supplied External PR includes structured after-fix real behavior proof. and removed triage: mock-only-proof Candidate: PR proof only shows tests, mocks, snapshots, lint, typecheck, or CI. labels May 14, 2026
@clawsweeper clawsweeper Bot added the proof: sufficient ClawSweeper judged the real behavior proof convincing. label May 14, 2026
@enjoylife1243

enjoylife1243 commented May 19, 2026

Copy link
Copy Markdown
Contributor Author

@steipete Hi, could you take a look when you have a moment? The checks are green and the real behavior proof is in place, so this PR is ready for human review.

@openclaw-barnacle

Copy link
Copy Markdown

This pull request has been automatically marked as stale due to inactivity.
Please add updates or it will be closed.

@openclaw-barnacle openclaw-barnacle Bot added the stale Marked as stale due to inactivity label Jun 2, 2026
@clawsweeper clawsweeper Bot added rating: 🦐 gold shrimp Decent PR readiness signal, but merge confidence is limited. status: 👀 ready for maintainer look ClawSweeper has no concrete contributor-facing blocker left for this PR. P2 Normal backlog priority with limited blast radius. labels Jun 2, 2026
@enjoylife1243 enjoylife1243 force-pushed the codex/tool-event-callback-guard branch from 6096302 to 0e74376 Compare June 4, 2026 03:10
@openclaw-barnacle openclaw-barnacle Bot removed the proof: sufficient ClawSweeper judged the real behavior proof convincing. label Jun 4, 2026
@clawsweeper clawsweeper Bot added rating: 🧂 unranked krab Not merge-ready due to missing proof or serious correctness/safety concerns. status: 📣 needs proof The PR needs real behavior proof before ClawSweeper can clear the contributor ask. and removed rating: 🦐 gold shrimp Decent PR readiness signal, but merge confidence is limited. status: 👀 ready for maintainer look ClawSweeper has no concrete contributor-facing blocker left for this PR. labels Jun 4, 2026
@enjoylife1243 enjoylife1243 force-pushed the codex/tool-event-callback-guard branch from 0e74376 to 44afadf Compare June 4, 2026 03:42
@enjoylife1243 enjoylife1243 force-pushed the codex/tool-event-callback-guard branch from 44afadf to 65de17d Compare June 4, 2026 04:22
@enjoylife1243

Copy link
Copy Markdown
Contributor Author

@clawsweeper re-review

@clawsweeper

clawsweeper Bot commented Jun 4, 2026

Copy link
Copy Markdown
Contributor

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

Re-review progress:

@clawsweeper clawsweeper Bot added rating: 🦪 silver shellfish Thin PR readiness signal; proof, validation, or implementation needs work. and removed rating: 🧂 unranked krab Not merge-ready due to missing proof or serious correctness/safety concerns. labels Jun 4, 2026
@enjoylife1243

Copy link
Copy Markdown
Contributor Author

@clawsweeper re-review

@clawsweeper clawsweeper Bot added proof: sufficient ClawSweeper judged the real behavior proof convincing. rating: 🐚 platinum hermit Good normal PR readiness with ordinary maintainer review expected. and removed rating: 🦪 silver shellfish Thin PR readiness signal; proof, validation, or implementation needs work. labels Jun 4, 2026
@clawsweeper clawsweeper Bot added status: 👀 ready for maintainer look ClawSweeper has no concrete contributor-facing blocker left for this PR. rating: 🌊 off-meta tidepool PR readiness rating does not apply to this item. proof: sufficient ClawSweeper judged the real behavior proof convincing. rating: 🐚 platinum hermit Good normal PR readiness with ordinary maintainer review expected. rating: 🦞 diamond lobster Very strong PR readiness with only minor maintainer review expected. and removed proof: sufficient ClawSweeper judged the real behavior proof convincing. rating: 🐚 platinum hermit Good normal PR readiness with ordinary maintainer review expected. status: 👀 ready for maintainer look ClawSweeper has no concrete contributor-facing blocker left for this PR. rating: 🌊 off-meta tidepool PR readiness rating does not apply to this item. rating: 🦞 diamond lobster Very strong PR readiness with only minor maintainer review expected. labels Jun 4, 2026
@openclaw-barnacle openclaw-barnacle Bot removed the stale Marked as stale due to inactivity label Jun 15, 2026
@clawsweeper clawsweeper Bot added rating: 🦞 diamond lobster Very strong PR readiness with only minor maintainer review expected. and removed rating: 🐚 platinum hermit Good normal PR readiness with ordinary maintainer review expected. labels Jun 15, 2026
@vincentkoc

Copy link
Copy Markdown
Member

/clownfish automerge

@openclaw-clownfish openclaw-clownfish Bot added clownfish:automerge Maintainer opted this Clownfish PR into bounded ClawSweeper-reviewed automerge clawsweeper:automerge Maintainer opted this PR into bounded ClawSweeper-reviewed automerge labels Jun 19, 2026
@openclaw-clownfish

Copy link
Copy Markdown
Contributor

Clownfish is on the reef for this PR. 🐠

I tagged clownfish:automerge and sent ClawSweeper over this exact head. If the sweep finds rough coral, failing checks, or needs-human, I will take another bounded repair lap and ask for a fresh review.

A maintainer can call /clownfish stop any time and I will drift this back to human review.

@vincentkoc

Copy link
Copy Markdown
Member

@clawsweeper approve

@clawsweeper

clawsweeper Bot commented Jun 19, 2026

Copy link
Copy Markdown
Contributor

🦞👀
ClawSweeper picked this up.

Command router queued. I will update this comment with the next step.

@clawsweeper clawsweeper Bot added status: 🚀 automerge armed This PR is in ClawSweeper's automerge lane. and removed status: 👀 ready for maintainer look ClawSweeper has no concrete contributor-facing blocker left for this PR. labels Jun 19, 2026
@clawsweeper clawsweeper Bot merged commit 6368c11 into openclaw:main Jun 19, 2026
296 of 323 checks passed
@clawsweeper

clawsweeper Bot commented Jun 19, 2026

Copy link
Copy Markdown
Contributor

🦞✅
ClawSweeper merged this PR after the passing review.

Source: clawsweeper[bot]
Feedback: structured ClawSweeper verdict: pass (sha=65de17d9e09cabf804eca4050943f34e35ff2166)
Merge status: merged by ClawSweeper automerge
Merged at: 2026-06-19T05:13:36Z
Merge commit: 6368c1173ccf

What merged:

  • This PR wraps embedded-agent tool-handler onExecutionPhase and per-run onAgentEvent emissions in best-effort warning guards and adds regression tests for throwing and rejecting callbacks.
  • PR surface: Source +31, Tests +44. Total +75 across 2 files.
  • Reproducibility: yes. Current main directly invokes the relevant callbacks in the tool-start and tool-event ... sync observer can leak unless guarded; I did not run a failing current-main repro in this read-only review.

Automerge notes:

  • No ClawSweeper repair was needed after automerge opt-in.

The automerge loop is complete.

Automerge progress:

  • 2026-06-19 05:13:04 UTC review passed 65de17d9e09c (structured ClawSweeper verdict: pass (sha=65de17d9e09cabf804eca4050943f34e35ff2...)
  • 2026-06-19 05:13:39 UTC merged 65de17d9e09c (merged by ClawSweeper automerge)

github-actions Bot pushed a commit to Desicool/openclaw that referenced this pull request Jun 19, 2026
Summary:
- This PR wraps embedded-agent tool-handler onExecutionPhase and per-run onAgentEvent emissions in best-effort warning guards and adds regression tests for throwing and rejecting callbacks.
- PR surface: Source +31, Tests +44. Total +75 across 2 files.
- Reproducibility: yes. Current main directly invokes the relevant callbacks in the tool-start and tool-event  ... sync observer can leak unless guarded; I did not run a failing current-main repro in this read-only review.

Automerge notes:
- No ClawSweeper repair was needed after automerge opt-in.

Validation:
- ClawSweeper review passed for head 65de17d.
- Required merge gates passed before the squash merge.

Prepared head SHA: 65de17d
Review: openclaw#81696 (comment)

Co-authored-by: xuyi1243 <maginaxwhz@gmail.com>
cxbAsDev pushed a commit to cxbAsDev/openclaw that referenced this pull request Jun 23, 2026
Summary:
- This PR wraps embedded-agent tool-handler onExecutionPhase and per-run onAgentEvent emissions in best-effort warning guards and adds regression tests for throwing and rejecting callbacks.
- PR surface: Source +31, Tests +44. Total +75 across 2 files.
- Reproducibility: yes. Current main directly invokes the relevant callbacks in the tool-start and tool-event  ... sync observer can leak unless guarded; I did not run a failing current-main repro in this read-only review.

Automerge notes:
- No ClawSweeper repair was needed after automerge opt-in.

Validation:
- ClawSweeper review passed for head 65de17d.
- Required merge gates passed before the squash merge.

Prepared head SHA: 65de17d
Review: openclaw#81696 (comment)

Co-authored-by: xuyi1243 <maginaxwhz@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

agents Agent runtime and tooling clawsweeper:automerge Maintainer opted this PR into bounded ClawSweeper-reviewed automerge clownfish:automerge Maintainer opted this Clownfish PR into bounded ClawSweeper-reviewed automerge P2 Normal backlog priority with limited blast radius. proof: sufficient ClawSweeper judged the real behavior proof convincing. proof: supplied External PR includes structured after-fix real behavior proof. rating: 🦞 diamond lobster Very strong PR readiness with only minor maintainer review expected. size: S status: 🚀 automerge armed This PR is in ClawSweeper's automerge lane.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants