fix: align Codex cron bootstrap context

[jalehman]

What

Align Codex app-server cron bootstrap handling with pi harness cron behavior by forwarding the payload-controlled bootstrap context mode through isolated cron execution, including the CLI path, and by disabling native Codex project-doc injection for lightweight runs.

Why

Codex cron compatibility should come from the same runtime bootstrap policy contract used by pi harness cron runs, not from Codex-specific instructions telling the model which workspace files to avoid. Lightweight Codex cron turns also need to suppress Codex-native AGENTS.md loading so workspace memory files are not pulled in indirectly.

Changes

• Forward cron bootstrap mode to CLI
• Honor payload lightContext value
• Suppress Codex project docs
• Remove Codex-only cron prompt
• Cover embedded and CLI paths

Testing

• pnpm test extensions/codex/src/app-server/thread-lifecycle.test.ts extensions/codex/src/app-server/run-attempt.test.ts
• pnpm test extensions/codex/src/app-server/run-attempt.test.ts src/cron/isolated-agent/run.session-key-isolation.test.ts
• git diff --check
• pnpm check:changed

Real behavior proof

• Behavior or issue addressed: Lightweight Codex app-server cron turns were still receiving /Users/phaedrus/clawd/AGENTS.md, causing the model to read workspace memory/bootstrap files before running exact-command cron payloads.
• Real environment tested: Josh's live local OpenClaw gateway on macOS, running from /Users/phaedrus/Projects/clawdbot at daf6850720 against cron 379c81df-a568-4646-bd71-eee26ff91f00 (Daily jalehman assigned PR review brief) with payload.lightContext: true.
• Exact steps or command run after this patch: Updated and rebuilt clawdbot, reran the live cron through the gateway, then inspected the live cron config and Codex rollout transcript under /Users/phaedrus/.openclaw/agents/main/agent/codex-home/sessions/2026/05/14/rollout-2026-05-14T07-25-50-019e26e1-2628-7a03-9580-33f7fb01a378.jsonl.
• Evidence after fix (screenshot, recording, terminal capture, console output, redacted runtime log, linked artifact, or copied live output): Copied live terminal output from the rollout inspection showed baseHasAGENTS=false, baseHasMemoryFiles=false, hasAgentsMessage=false, hasMemoryReads=false, and the only command call was cd /Users/phaedrus/Projects/openclaw && /Users/phaedrus/clawd/scripts/jalehman-assigned-pr-brief.py.
• Observed result after fix: The 2026-05-14 07:25 America/Los_Angeles cron run did not inject /Users/phaedrus/clawd/AGENTS.md, did not read SOUL.md, USER.md, PROJECTS.md, MEMORY.md, day logs, or entity summaries, and ran the exact requested brief script directly.
• What was not tested: A future scheduled boundary run was not separately waited for after the manual live rerun; the same persisted cron job was rerun through the live gateway after the patch.
• Before evidence (optional but encouraged): Pre-fix live rollout rollout-2026-05-14T07-18-10-019e26da-21d0-7de1-80aa-75f463042dbb.jsonl included # AGENTS.md instructions for /Users/phaedrus/clawd and model-issued commands reading SOUL.md, USER.md, PROJECTS.md, MEMORY.md, memory files, and entity summaries before the exact cron command.

[clawsweeper]

Codex review: needs maintainer review before merge.

Summary
The PR forwards lightweight cron bootstrap context through isolated CLI execution, disables Codex native project-doc loading for lightweight app-server threads, removes Codex cron turn instructions, updates focused tests, and adds a changelog entry.

Reproducibility: yes. source-reproducible. Current main omits lightweight cron bootstrap fields on the CLI path and CLI bootstrap preparation, while the bootstrap contract and cron docs say lightweight cron skips workspace bootstrap injection.

Real behavior proof
Sufficient (live_output): The PR body includes after-fix live-output proof from a macOS OpenClaw gateway cron rerun showing no AGENTS/memory injection and only the intended command execution.

Next step before merge
Needs maintainer approval for the protected runtime-policy change; there is no narrow repair defect for ClawSweeper to fix in the reviewed diff.

Security
Cleared: The diff changes TypeScript bootstrap parameter plumbing, Codex thread config, tests, and changelog text without adding dependencies, CI permissions, secret handling, downloads, or external code execution sources.

Review details

Best possible solution:

Land the narrow field-threading and Codex project-doc suppression once maintainers accept the cron prompt-policy change and final checks are green.

Do we have a high-confidence way to reproduce the issue?

Yes, source-reproducible. Current main omits lightweight cron bootstrap fields on the CLI path and CLI bootstrap preparation, while the bootstrap contract and cron docs say lightweight cron skips workspace bootstrap injection.

Is this the best way to solve the issue?

Yes for the parameter plumbing and native project-doc suppression; they align Codex and CLI execution with the existing bootstrap contract. The cron prompt removal is plausible but should be approved as a maintainer runtime-policy decision.

Acceptance criteria:

• node scripts/run-vitest.mjs extensions/codex/src/app-server/thread-lifecycle.test.ts extensions/codex/src/app-server/run-attempt.test.ts
• node scripts/run-vitest.mjs extensions/codex/src/app-server/run-attempt.test.ts src/cron/isolated-agent/run.session-key-isolation.test.ts
• git diff --check
• pnpm check:changed or Testbox equivalent before landing

What I checked:

• Current main CLI cron gap: On current main, the isolated cron CLI branch calls runCliAgent without bootstrapContextMode or bootstrapContextRunKind, while the embedded branch in the same executor already passes cron bootstrap context fields. (src/cron/isolated-agent/run-executor.ts:159, 83d7ab0d362f)
• Current main CLI prepare gap: prepareCliRunContext resolves bootstrap context without forwarding context mode or run kind, so CLI-backed cron runs cannot honor lightweight cron context from those params. (src/agents/cli-runner/prepare.ts:161, 83d7ab0d362f)
• Existing bootstrap contract: applyContextModeFilter intentionally returns an empty file set for lightweight cron/default runs, which matches the requested behavior. (src/agents/bootstrap-files.ts:177, 83d7ab0d362f)
• Documented expected behavior: The cron docs define --light-context as skipping workspace bootstrap file injection. Public docs: docs/automation/cron-jobs.md. (docs/automation/cron-jobs.md:130, 83d7ab0d362f)
• Current main Codex app-server behavior: Current main builds Codex thread config without a lightweight-run override and still injects a cron-specific collaboration prompt, which the PR deliberately changes. (extensions/codex/src/app-server/thread-lifecycle.ts:475, 83d7ab0d362f)
• PR diff behavior: The PR head adds CLI bootstrap fields, passes them through cron execution, sets project_doc_max_bytes: 0 for lightweight Codex threads, removes the cron-only collaboration instructions, and records a changelog fix. (src/cron/isolated-agent/run-executor.ts:128, d6d6738914c0)

Likely related people:

• @jalehman: Recent merged history on Codex app-server lifecycle includes Codex cron compatibility and related MCP/thread context work, so the PR author is also connected to current-main feature history beyond this branch. (role: recent Codex app-server area contributor; confidence: high; commits: 6395117142e8, 1ee0d51e92f6, b55d9fa4660b; files: extensions/codex/src/app-server/thread-lifecycle.ts, extensions/codex/src/app-server/run-attempt.test.ts)
• @steipete: Recent path history shows repeated maintenance on Codex app-server threads, CLI runner/bootstrap-adjacent paths, and isolated cron execution. (role: adjacent runtime owner; confidence: high; commits: 8a406528b40e, 916015590219, 35da7d2c992c; files: extensions/codex/src/app-server/thread-lifecycle.ts, src/cron/isolated-agent/run-executor.ts, src/agents/cli-runner/prepare.ts)

Remaining risk / open question:

• Removing the Codex-specific cron collaboration prompt is a runtime-policy change that should be accepted by the protected maintainer review path.
• The posted real-environment proof covers a manual rerun of the persisted cron job, not waiting for the next scheduled boundary run.
• Several broader CI checks were still in progress when sampled.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 83d7ab0d362f.

[pashpashpash]

Thanks Josh. I reviewed this from first principles and found no issues. Moving lightweight Codex cron handling into the runtime bootstrap and app-server config path is the right fix, and the embedded, CLI, and app-server coverage looks sufficient to me.