fix(doctor): point Codex asset warning at migrate plan

[steipete]

Summary

• Point the Codex-native asset doctor warning at openclaw migrate plan codex, the registered preview command for provider migrations.
• Update the focused doctor warning regression test and changelog credit.

Verification
Behavior addressed: openclaw doctor no longer recommends the stale/ambiguous openclaw migrate codex --dry-run form for Codex asset inventory.
Real environment tested: local macOS source checkout.
Exact steps or command run after this patch: node scripts/run-vitest.mjs src/commands/doctor/shared/codex-native-assets.test.ts; git diff --check; .agents/skills/autoreview/scripts/autoreview --mode local
Evidence after fix: the Codex native asset warning test now expects the canonical openclaw migrate plan codex command.
Observed result after fix: focused test passed, diff check passed, autoreview reported no accepted/actionable findings.
What was not tested: live doctor run against a real Codex home.

Fixes #84948

[clawsweeper]

Codex review: needs real behavior proof before merge.

Latest ClawSweeper review: 2026-05-22 12:12 UTC / May 22, 2026, 8:12 AM ET.

Workflow note: Future ClawSweeper reviews update this same comment in place.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

Summary
The PR updates the Codex native-asset doctor warning and its focused regression test to recommend openclaw migrate plan codex, with a changelog entry.

Reproducibility: yes. from source inspection and the linked release report. Both the old dry-run form and the new migrate plan codex form reach resolveMigrationProvider, so a setup where the Codex provider is absent still reproduces the same missing-provider failure.

PR rating
Overall: 🧂 unranked krab
Proof: 🧂 unranked krab
Patch quality: 🧂 unranked krab
Summary: The PR is not quality-ready because proof is test-only and the patch leaves the linked provider-resolution failure intact.

Rank-up moves:

• Update the warning logic and tests so the recommendation accounts for missing Codex migration provider availability.
• Add redacted terminal output or logs from a real openclaw doctor run showing the after-fix warning behavior.

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

Real behavior proof
Needs real behavior proof before merge: The PR body only lists focused tests/checks and explicitly skips a live doctor run; the contributor should add redacted terminal output or logs from real openclaw doctor, then update the PR body for re-review.

Risk before merge

• Merging as-is could make the linked report look fixed while installs without a registered Codex migration provider still fail with Unknown migration provider "codex".
• The PR body gives focused test/check results but no redacted terminal output or logs from a real openclaw doctor run showing the corrected warning in the affected setup.

Maintainer options:

1. Decide the mitigation before merge
   Keep the canonical migrate plan wording only when the Codex migration provider is resolvable, and otherwise guide users to install/enable/update the Codex plugin or inspect openclaw migrate list; prove the path with regression coverage plus real doctor output.
2. Pause or close
   Do not merge this PR until maintainers decide whether the risk is worth taking.

Next step before merge
This protected PR needs human review plus contributor real-behavior proof and a functional fix to provider-availability guidance before merge; it is not a safe repair-automation candidate while proof is missing.

Security
Cleared: The diff only changes CLI warning text, one focused test expectation, and changelog text; I found no concrete security or supply-chain regression.

Review findings

• [P2] Gate the Codex migration recommendation on provider availability — src/commands/doctor/shared/codex-native-assets.ts:204

Review details

Best possible solution:

Keep the canonical migrate plan wording only when the Codex migration provider is resolvable, and otherwise guide users to install/enable/update the Codex plugin or inspect openclaw migrate list; prove the path with regression coverage plus real doctor output.

Do we have a high-confidence way to reproduce the issue?

Yes, from source inspection and the linked release report. Both the old dry-run form and the new migrate plan codex form reach resolveMigrationProvider, so a setup where the Codex provider is absent still reproduces the same missing-provider failure.

Is this the best way to solve the issue?

No. Updating the command spelling is a useful part of the cleanup, but the maintainable fix must make the doctor guidance provider-availability-aware before recommending a Codex migration command.

Label justifications:

• P2: This is a normal-priority CLI doctor guidance fix with a narrow code path and limited blast radius, but the proposed patch does not yet solve the linked failure.
• rating: 🧂 unranked krab: Current PR rating is 🧂 unranked krab because proof is 🧂 unranked krab, patch quality is 🧂 unranked krab, and The PR is not quality-ready because proof is test-only and the patch leaves the linked provider-resolution failure intact.
• status: 📣 needs proof: The PR needs real behavior proof before ClawSweeper can clear the contributor ask. Needs real behavior proof before merge: The PR body only lists focused tests/checks and explicitly skips a live doctor run; the contributor should add redacted terminal output or logs from real openclaw doctor, then update the PR body for re-review.

Full review comments:

• [P2] Gate the Codex migration recommendation on provider availability — src/commands/doctor/shared/codex-native-assets.ts:204
  This warning can fire from Codex runtime/plugin config and personal Codex assets even when the Codex migration provider is not registered. The new openclaw migrate plan codex recommendation still flows through resolveMigrationProvider, so the linked setup will continue to fail with Unknown migration provider "codex" instead of getting a usable inventory path.
  Confidence: 0.94

Overall correctness: patch is incorrect
Overall confidence: 0.94

What I checked:

• PR diff changes only the warning text and expectation: The provided PR diff changes the doctor warning from openclaw migrate codex --dry-run to openclaw migrate plan codex and updates the matching focused test expectation, without adding provider-availability handling. (src/commands/doctor/shared/codex-native-assets.ts:204, b50f2dbbd937)
• Doctor warning is triggered by Codex config/assets, not migration provider availability: Current main scans Codex native assets and emits the warning once hits exist; this path does not check whether the Codex migration provider can be resolved before recommending a migrate command. (src/commands/doctor/shared/codex-native-assets.ts:184, ebfb834dcdad)
• Both old and new command forms resolve the provider through the same plan path: migratePlanCommand calls createMigrationPlanWithProgress, which calls createMigrationPlan; the default migrate <provider> --dry-run path also delegates to migratePlanCommand, so changing the spelling does not avoid provider resolution. (src/commands/migrate.ts:284, ebfb834dcdad)
• Missing provider still throws the linked error class: resolveMigrationProvider throws Unknown migration provider "<id>" when the requested provider is not registered, which matches the linked report's failure for codex. (src/commands/migrate/providers.ts:12, ebfb834dcdad)
• Codex migration provider is plugin-owned: The Codex plugin registers the codex migration provider and advertises the migrationProviders contract, so a setup without that provider available can still fail after this PR's text-only change. (extensions/codex/index.ts:43, ebfb834dcdad)
• Provider lookup can return undefined when the contract/plugin is unavailable: Current main resolves migration provider plugins through manifest-contract runtime resolution and returns undefined when no matching provider can be loaded. (src/plugins/migration-provider-runtime.ts:84, ebfb834dcdad)

Likely related people:

• pashpashpash: GitHub path history shows commits 027ea5f08bd9c93b91e4ddc25edc842bab61bbd0 and 02fe0d8978dbf5b7acc4529d505b31f044fdf481 on the Codex native asset warning/runtime routing area. (role: introduced behavior; confidence: high; commits: 027ea5f08bd9, 02fe0d8978db; files: src/commands/doctor/shared/codex-native-assets.ts)
• kevinslin: GitHub path history shows repeated work on Codex migration provider behavior and readiness gating, including native plugin migration and app readiness changes. (role: Codex migration area contributor; confidence: high; commits: a1ac559ed7e6, 9ff5250792e6, 78644bc6de91; files: extensions/codex/src/migration/provider.ts, src/commands/migrate/providers.ts)
• giodl73-repo: GitHub path history for src/commands/migrate/providers.ts shows recent work on resolved provider options, adjacent to the provider resolution path this PR depends on. (role: recent migrate command contributor; confidence: medium; commits: 8eb0a1777f08; files: src/commands/migrate/providers.ts)
• steipete: GitHub path history shows prior plugin config access refactor work in the migration provider path, and this PR is also authored from that account; routing confidence is lower than for the Codex-specific history owners. (role: adjacent plugin config contributor; confidence: low; commits: 7f3f108521f4; files: src/commands/migrate/providers.ts)

Codex review notes: model gpt-5.5, reasoning high; reviewed against ebfb834dcdad.

[clawsweeper]

ClawSweeper PR egg

🎁 Pass real behavior proof to wake the egg and unlock a hatchable treat.

Where did the egg go?

• The egg game starts only after the PR passes the real-behavior proof check.
• Before that, no creature or rarity is rolled. The treat waits for real proof.
• This is still just collectible flavor: proof affects review readiness, not creature quality.