fix(embedded-runner): preserve provider errors on cleanup takeover

[clawsweeper]

Makes #84056 merge-ready for the ClawSweeper automerge loop.
The edit pass should inspect the live PR diff, review comments, and failing checks; rebase if needed; keep the contributor branch credited; and stop only when validation is green or an external blocker is proven.

ClawSweeper 🐠 replacement reef notes:

• Cluster: automerge-openclaw-openclaw-84056
• Source PRs: fix(embedded-runner): preserve provider errors on cleanup takeover #84056
• Credit: Source PR: fix(embedded-runner): preserve provider errors on cleanup takeover #84056
• Validation: pnpm check:changed
• Replacement reason: ClawSweeper could not update the source PR branch directly, so it opened a writable replacement PR instead.
• Automerge requested by: @Takhoffman

• Repair fallback: GitHub rejected the repair branch push because it updates workflow files and the ClawSweeper app token does not have workflows permission

Co-author credit kept:

• @abnershang: Co-authored-by: Abner Shang 75654486+abnershang@users.noreply.github.com

fish notes: model gpt-5.5, reasoning high; reviewed against e7d9d8c.

[clawsweeper]

Codex review: passed. Reviewed May 25, 2026, 11:05 PM ET / 03:05 UTC.

Summary
The PR preserves provider-facing embedded-runner prompt errors when cleanup detects session takeover, keeps the takeover signal fatal for fallback, and adds focused regressions.

PR surface: Source +52, Tests +92. Total +144 across 5 files.

Reproducibility: yes. Source inspection shows current main can let cleanup takeover replace a prior prompt/provider error and can normalize a provider-looking takeover wrapper before fallback sees it as coordination failure.

Review metrics: none identified.

Merge readiness
Overall: 🐚 platinum hermit
Proof: 🦞 diamond lobster
Patch quality: 🐚 platinum hermit
Result: ready for maintainer review.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

• none

Risk before merge

• Merging intentionally makes takeover-marked provider errors abort model fallback, so configured fallback models will not be tried when the visible provider message also looks failoverable.
• The proof is a runtime classifier probe plus focused embedded-runner/fallback harness coverage, not a forced live provider outage with an actual cleanup-race log.

Maintainer options:

1. Accept the fallback/session takeover contract (recommended)
   Merge after required checks if maintainers agree that a local cleanup takeover should abort model fallback even when the provider-facing message looks failoverable.
2. Pause for live cleanup-race proof
   Ask for a redacted runtime log or terminal artifact from an actual provider failure followed by cleanup takeover if boundary-level proof is not enough for this session-state path.

Next step before merge
No ClawSweeper repair lane is needed; the remaining path is exact-head merge gating and maintainer acceptance of the fallback/session-state risk.

Security
Cleared: The diff touches TypeScript agent runtime code and tests only; I found no concrete dependency, workflow, secret-handling, package, or supply-chain regression.

Review details

Best possible solution:

Land the narrow error-precedence and fallback-abort fix after exact-head merge gates if maintainers accept boundary-level proof for this internal session takeover race.

Do we have a high-confidence way to reproduce the issue?

Yes. Source inspection shows current main can let cleanup takeover replace a prior prompt/provider error and can normalize a provider-looking takeover wrapper before fallback sees it as coordination failure.

Is this the best way to solve the issue?

Yes. The patch is narrow: it preserves the provider-facing message while carrying the takeover identity/cause so fallback stops, and it covers cleanup-only takeover separately.

AGENTS.md: found and applied where relevant.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 0d23c3b4e133.

Label changes

Label changes:

• remove status: 👀 ready for maintainer look: Current PR status label is status: 🚀 automerge armed.

Label justifications:

• P2: This is a focused bug fix for an agent runtime fallback edge case with limited but real provider/session impact.
• merge-risk: 🚨 auth-provider: The PR changes when provider/model fallback aborts instead of trying configured fallback candidates.
• merge-risk: 🚨 session-state: The PR changes cleanup session-takeover precedence and preserves takeover state through the thrown error path.
• rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🦞 diamond lobster and patch quality is 🐚 platinum hermit.
• status: 🚀 automerge armed: This PR is in ClawSweeper's automerge lane. Sufficient (terminal): The source PR provides structured after-fix terminal output from a runtime fallback-classifier probe plus focused validation, and this replacement keeps that proof trail.
• proof: sufficient: Contributor real behavior proof is sufficient. The source PR provides structured after-fix terminal output from a runtime fallback-classifier probe plus focused validation, and this replacement keeps that proof trail.

Evidence reviewed

PR surface:

Source +52, Tests +92. Total +144 across 5 files.

View PR surface stats

Area	Files	Added	Removed	Net
Source	3	56	4	+52
Tests	2	92	0	+92
Docs	0	0	0	0
Config	0	0	0	0
Generated	0	0	0	0
Other	0	0	0	0
Total	5	148	4	+144

What I checked:

• Current main cleanup precedence still drops the provider error: Current main emits and rejects cleanupError ahead of promptError, so a cleanup-time session takeover can replace the earlier provider/prompt failure before the caller sees it. (src/agents/pi-embedded-runner/run/attempt.ts:5176, 0d23c3b4e133)
• Current main fallback can normalize takeover-marked provider-looking errors: runFallbackCandidate currently normalizes failoverable-looking errors before a local coordination check, so a takeover wrapper with a rate-limit-looking message can become provider failover. (src/agents/model-fallback.ts:257, 0d23c3b4e133)
• PR preserves the prompt error while carrying cleanup takeover: The PR synthesizes or captures cleanup takeover, emits diagnostics with the prompt error when preserving it, and throws a wrapper whose visible message is the provider error while the cause remains EmbeddedAttemptSessionTakeoverError. (src/agents/pi-embedded-runner/run/attempt.ts:5199, 050c779cfa61)
• PR checks coordination before failover normalization: The patch adds an early isNonProviderRuntimeCoordinationError check before coerceToFailoverError in runFallbackCandidate, preventing fallback from consuming another model after local session takeover. (src/agents/model-fallback.ts:261, 050c779cfa61)
• Focused regression coverage is present: The PR adds embedded-runner tests for prompt-error preservation and cleanup-only takeover, plus model-fallback coverage proving a takeover-carrying provider error aborts after one attempt. (src/agents/pi-embedded-runner/run/attempt.spawn-workspace.context-engine.test.ts:1317, 050c779cfa61)
• Source proof and replacement context were checked: The superseded source PR contains structured after-fix terminal proof for the runtime fallback classifier plus focused Vitest, tsgo, check:changed, and diff-check commands; this bot replacement preserves that credited work. (3240d6764653)

Likely related people:

• vincentkoc: Recent commits in the embedded-runner/session-fencing area and fallback/provider-resolution path make this a strong routing candidate for the session takeover and fallback boundary. (role: recent area contributor; confidence: high; commits: 2bb00f6726d4, a122d804dda8, 3c8d101f5a85; files: src/agents/pi-embedded-runner/run/attempt.ts, src/agents/pi-embedded-runner/run/attempt.session-lock.ts, src/agents/model-fallback.ts)
• steipete: Recent history for model fallback and failover classification includes multiple steipete-authored changes to fallback selection and failover signal behavior. (role: fallback and failover area contributor; confidence: medium; commits: f4ba9553c029, 8c49121ec881, 936c02e22c98; files: src/agents/model-fallback.ts, src/agents/failover-error.ts)
• jalehman: Recent embedded session write-lock work in the same takeover/fence area includes jalehman as a co-author or reviewer, which makes them useful for session-state contract review. (role: adjacent session-fencing reviewer/contributor; confidence: medium; commits: 1b77145687ca, cff5244a5b25; files: src/agents/pi-embedded-runner/run/attempt.ts, src/agents/pi-embedded-runner/run/attempt.session-lock.ts)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

[clawsweeper]

🦞✅
ClawSweeper is pausing this repair loop for human review.

Source: clawsweeper[bot]
Reason: No repair job is needed; the remaining action is normal automerge or maintainer handling after exact-head checks and risk acceptance.; Cleared: The diff touches TypeScript agent runtime code, tests, and changelog only; I found no concrete dependency, CI, secret-handling, package, or supply-chain regression. (sha=e7d9d8cafeb2c5040e220bae5a0054a7623a0adf)

Why human review is needed:
This item has security-sensitive risk. ClawSweeper is pausing instead of making an autonomous change that could affect trust, credentials, permissions, or exposure.

Recommended next action:
Have a maintainer review the security-sensitive detail and provide an explicit safe path before asking ClawSweeper to continue.

I added clawsweeper:human-review and left the final call with a maintainer.

[Takhoffman]

@clawsweeper re-review

[clawsweeper]

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

Re-review progress:

• State: Complete
• Detail: The targeted re-review finished, the durable review comment was updated, and the synced verdict was routed.
• Run: https://github.com/openclaw/clawsweeper/actions/runs/26420230102
• Updated: 2026-05-25T21:32:31.951Z

[clawsweeper]

ClawSweeper PR egg

✨ Hatched: 🥚 common Gilded Patch Peep

Hatch command

Comment @clawsweeper hatch when this PR is hatchable.

Hatchability rules:

• Merged PRs are hatchable.
• Open PRs are hatchable when they are status: 👀 ready for maintainer look, status: 🚀 automerge armed, or labeled clawsweeper:automerge.
• Closed unmerged PRs are hatchable only when one of those hatchable labels is still present in the durable record.

Rarity: 🥚 common.
Trait: sniffs out flaky tests.
Image traits: location status garden; accessory commit compass; palette plum, gold, and soft gray; mood bright-eyed; pose pointing at a small proof artifact; shell starlit enamel shell; lighting subtle sparkle highlights; background small review tokens.
Share on X: post this hatch
Copy: My PR egg hatched a 🥚 common Gilded Patch Peep in ClawSweeper.

What is this egg doing here?

• Eggs appear after the PR passes real-behavior proof. It is here for vibes, not verdicts: it does not change labels, ratings, merge decisions, or automation.
• The shell reacts to review momentum: open follow-up work warms it up, re-review makes it wobble, and a clean final review lets it hatch.
• Hatchability usually comes from sufficient real-behavior proof, no blocking P0/P1/P2 findings, no security attention needed, and clean correctness. A merged PR is already final, so merge makes the egg hatchable independently.
• The hatch is seeded from this repository and PR number, so the same PR keeps the same creature; the reviewed head SHA can only change safe visual details.
• Rarity is just collectible sparkle: 🥚 common, 🌱 uncommon, 💎 rare, ✨ glimmer, and 🌈 legendary.

[Takhoffman]

@clawsweeper automerge

[clawsweeper]

🦞✅
ClawSweeper merged this PR after the passing review.

Source: clawsweeper[bot]
Feedback: structured ClawSweeper verdict: pass (sha=050c779cfa613efc14f6bc7713fcaedde27b0f7c)
Merge status: merged by ClawSweeper automerge
Merged at: 2026-05-26T03:09:27Z
Merge commit: 7fbca96a0cda

What merged:

• The PR preserves provider-facing embedded-runner prompt errors when cleanup detects session takeover, keeps the takeover signal fatal for fallback, and adds focused regressions.
• PR surface: Source +52, Tests +92. Total +144 across 5 files.
• Reproducibility: yes. Source inspection shows current main can let cleanup takeover replace a prior prompt/p ... rror and can normalize a provider-looking takeover wrapper before fallback sees it as coordination failure.

Automerge notes:

• PR branch already contained follow-up commit before automerge: fix(embedded-runner): preserve takeover during fallback
• PR branch already contained follow-up commit before automerge: fix(clawsweeper): address review for automerge-openclaw-openclaw-8405…

The automerge loop is complete.

Automerge progress:

• 2026-05-26 02:43:31 UTC review queued e7d9d8cafeb2 (queued)

• 2026-05-26 02:44:21 UTC repair queued e7d9d8cafeb2 (autonomous) Run: https://github.com/openclaw/clawsweeper/actions/runs/26429268020

• 2026-05-26 02:47:00 UTC repair started (running) in 0s Run: https://github.com/openclaw/clawsweeper/actions/runs/26429268020 automerge-openclaw-openclaw-84056

• 2026-05-26 02:47:16 UTC validation plan (passed) in 16s Run: https://github.com/openclaw/clawsweeper/actions/runs/26429268020 pnpm check:changed; pnpm lint; pnpm check:test-types

• 2026-05-26 02:47:29 UTC Codex write preflight (passed) in 29s Run: https://github.com/openclaw/clawsweeper/actions/runs/26429268020 danger-full-access

• 2026-05-26 02:55:08 UTC Codex edit 1 50fa573b9802 (complete) in 8m 8s Run: https://github.com/openclaw/clawsweeper/actions/runs/26429268020 exit 0

• 2026-05-26 02:58:44 UTC validation and review 1 050c779cfa61 (base moved) in 11m 44s Run: https://github.com/openclaw/clawsweeper/actions/runs/26429268020 rebased

• 2026-05-26 02:59:12 UTC repair finished 050c779cfa61 (opened) in 12m 12s Run: https://github.com/openclaw/clawsweeper/actions/runs/26429268020 open_fix_pr

• 2026-05-26 03:09:15 UTC review passed 050c779cfa61 (structured ClawSweeper verdict: pass (sha=050c779cfa613efc14f6bc7713fcaedde27b0...)

• 2026-05-26 03:09:29 UTC merged 050c779cfa61 (merged by ClawSweeper automerge)