fix(openai): route compaction through Codex auth provider

[funmerlin]

Summary

• Problem: when an openai/gpt-5.5 session reaches the embedded/context-engine compaction path after a stale or missing Codex thread binding, compaction can resolve auth against the direct openai provider and fail with missing OPENAI_API_KEY even though the selected runtime uses Codex OAuth.
• Solution: resolve the selected OpenAI runtime provider before compaction model/auth lookup, so Codex-authenticated OpenAI sessions compact through openai-codex.
• What changed: compaction now uses the selected runtime provider for model/auth resolution, preserves direct OpenAI API-key routing when no Codex auth profile is configured, uses the persisted/selected runtime for context-window lookup, and honors configured OpenAI Responses server compaction thresholds during preflight gating.
• What did NOT change (scope boundary): this does not repair stale/missing Codex thread bindings, does not change startup provider auth prewarm defaults, does not touch hook scheduling/status/reset behavior, and does not address unrelated encrypted-reasoning retry/429 behavior.

AI-assisted: yes. This patch was prepared with Codex, with focused local test verification.

Motivation

• Related prior work: Fix OpenAI compaction runtime routing #85413 identified the same core failure mode and was directionally correct: stale/missing Codex thread binding can push compaction into a fallback path that resolves openai/gpt-5.5 as direct OpenAI API-key auth instead of the selected Codex OAuth runtime.
• Why this PR deviates from Fix OpenAI compaction runtime routing #85413: that draft mixed the compaction auth-route fix with broader startup/provider-auth-prewarm defaults, hook scheduling, runtime plugin loading, status/reset behavior, and other review surfaces. Those may be valid changes, but they are not required to fix this incident and make the auth-sensitive review harder.
• This PR keeps the central compaction routing fix, preserves direct OpenAI API-key behavior, adds the missing production threshold logic behind the threshold tests, and leaves unrelated startup/default/runtime behavior unchanged.

Change Type (select all)

• Bug fix
• Feature
• Refactor required for the fix
• Docs
• Security hardening
• Chore/infra

Scope (select all touched areas)

• Gateway / orchestration
• Skills / tool execution
• Auth / tokens
• Memory / storage
• Integrations
• API / contracts
• UI / DX
• CI/CD / infra

Linked Issue/PR

• Closes #
• Related Fix OpenAI compaction runtime routing #85413
• This PR fixes a bug or regression

Real behavior proof (required for external PRs)

• Behavior or issue addressed: Codex OAuth OpenAI compaction fallback should resolve against openai-codex, not direct openai API-key auth; OpenAI API-key-only compaction should remain on openai; preflight compaction should not run earlier than configured OpenAI Responses server compaction thresholds.
• Real environment tested: local OpenClaw checkout on macOS, built with pnpm build, installed into the LaunchAgent-pinned OpenClaw path, restarted gateway, real Discord channel sessions using Merlin/main with openai/gpt-5.5 via Codex OAuth.
• Exact steps or command run after this patch: pnpm build; npm install -g /Users/merlin/openclaw --prefix /Users/merlin/.nvm/versions/node/v24.13.0; openclaw gateway restart; continued a long-running Discord #claw-enhance session until timeout-recovery compaction triggered. Focused tests were also run with node scripts/run-vitest.mjs src/agents/openai-codex-routing.test.ts src/agents/pi-embedded-runner/compact.hooks.test.ts src/auto-reply/reply/agent-runner-memory.test.ts plus git diff --check.
• Evidence after fix (screenshot, recording, terminal capture, console output, redacted runtime log, linked artifact, or copied live output): PR comment with copied redacted live runtime logs: fix(openai): route compaction through Codex auth provider #86408 (comment). Key after-fix line: 2026-05-25T19:18:05.519+02:00 [timeout-compaction] compaction succeeded for openai-codex/gpt-5.5; retrying prompt. Session transcript also contains a type=compaction record at the same timestamp. Focused Vitest reported Test Files 4 passed (4) and Tests 135 passed (135); git diff --check exited cleanly.
• Observed result after fix: a real oversized Codex OAuth Discord session compacted successfully through openai-codex/gpt-5.5, then retried the prompt and completed with session state status=done, modelProvider=openai-codex, compactionCount=6, and post-compaction memory sync. The prior direct provider=openai/gpt-5.5 / No_API_key_found_for_provider_openai failure did not recur for that channel after the patched build was installed. Unit coverage also confirms Codex-auth-configured OpenAI compaction resolves openai-codex before auth lookup, direct OpenAI API-key compaction remains openai, persisted Codex runtime context-window lookup uses openai-codex, and server-threshold gating defers/runs preflight at the configured threshold.
• What was not tested: full pnpm check / full test suite were not run in this local proof pass; the live proof covered timeout-recovery compaction rather than a separate clean budget/preflight success.
• Proof limitations or environment constraints: one timeout-recovery attempt in the same session timed out, but that failure also routed through provider=openai-codex/gpt-5.5, not direct openai/gpt-5.5, so the auth-provider regression stayed fixed even in the failure case.
• Before evidence (optional but encouraged): the exact same Discord channel/session previously logged stale thread binding followed by context-engine fallback on provider=openai/gpt-5.5 and No_API_key_found_for_provider_openai on 2026-05-24 at 22:40:14 CEST.

Root Cause (if applicable)

• Root cause: embedded compaction resolved the compaction target's raw model provider before applying the selected/persisted runtime provider. For OpenAI model refs using Codex OAuth, that let fallback compaction ask direct openai auth for an API key instead of using openai-codex.
• Missing detection / guardrail: there was no regression test asserting that direct compaction resolves the selected Codex runtime provider before auth, no direct-OpenAI preservation test for the same path, and preflight threshold tests were not backed by production threshold logic.
• Contributing context (if known): current main already avoids some Codex automatic compaction fallback behavior, but direct embedded/context-engine compaction still needed auth-route consistency.

Regression Test Plan (if applicable)

• Coverage level that should have caught this:
  • Unit test
  • Seam / integration test
  • End-to-end test
  • Existing coverage already sufficient
• Target test or file: src/agents/openai-codex-routing.test.ts, src/agents/pi-embedded-runner/compact.hooks.test.ts, src/auto-reply/reply/agent-runner-memory.test.ts.
• Scenario the test should lock in: Codex-auth OpenAI compaction uses openai-codex; direct OpenAI compaction remains openai; persisted Codex runtime context sizing uses openai-codex; OpenAI Responses server thresholds are honored by production preflight gating.
• Why this is the smallest reliable guardrail: it exercises the model/auth selection seam directly without requiring a live Codex account or a gateway restart.
• Existing test that already covers this (if any): N/A
• If no new test is added, why not: N/A

User-visible / Behavior Changes

Codex OAuth users should no longer see fallback compaction ask for a direct OpenAI API key when the selected runtime/auth route is Codex. Direct OpenAI API-key-only setups remain routed through openai.

Diagram (if applicable)

Before:
openai/gpt-5.5 + Codex runtime -> fallback compaction -> openai auth -> missing OPENAI_API_KEY

After:
openai/gpt-5.5 + configured Codex auth -> fallback compaction -> openai-codex auth -> Codex OAuth route
openai/gpt-5.5 + direct OpenAI only -> fallback compaction -> openai auth -> API-key route

Security Impact (required)

• New permissions/capabilities? (Yes/No) No
• Secrets/tokens handling changed? (Yes/No) Yes
• New/changed network calls? (Yes/No) No
• Command/tool execution surface changed? (Yes/No) No
• Data access scope changed? (Yes/No) No
• If any Yes, explain risk + mitigation: auth provider selection changes for compaction only. The routing predicate requires an explicit/configured Codex auth profile before mapping openai to openai-codex, and tests cover both Codex OAuth and direct OpenAI API-key preservation.

Repro + Verification

Environment

• OS: macOS
• Runtime/container: local checkout
• Model/provider: openai/gpt-5.5, openai-codex/gpt-5.5
• Integration/channel (if any): N/A for local tests
• Relevant config (redacted): tests cover auth.order.openai-codex, auth.profiles with provider openai-codex, and direct OpenAI with no Codex auth profile.

Steps

1. Configure an OpenAI model selection using Codex auth.
2. Force the embedded compaction path to resolve the model before auth.
3. Observe provider passed to model/auth resolution.

Expected

• Codex-auth OpenAI compaction resolves openai-codex.
• Direct OpenAI API-key compaction resolves openai.

Actual

• After this patch, focused tests observe the expected provider selection.

Evidence

• Failing test/log before + passing after
• Trace/log snippets
• Screenshot/recording
• Perf numbers (if relevant)

Focused verification:

Test Files  4 passed (4)
Tests  135 passed (135)

Human Verification (required)

What you personally verified (not just CI), and how:

• Verified scenarios: focused Vitest for OpenAI/Codex routing, embedded compaction provider selection, context-window provider selection, and preflight threshold gating.
• Edge cases checked: direct OpenAI API-key preservation when no Codex auth profile is configured; non-OpenAI providers are not rerouted.
• What you did not verify: full pnpm check / full test suite in this proof pass; a separate clean budget/preflight success distinct from timeout-recovery compaction.

Review Conversations

• I replied to or resolved every bot review conversation I addressed in this PR.
• I left unresolved only the conversations that still need reviewer or maintainer judgment.

If a bot review conversation is addressed by this PR, resolve that conversation yourself. Do not leave bot review conversation cleanup for maintainers.

Compatibility / Migration

• Backward compatible? (Yes/No) Yes
• Config/env changes? (Yes/No) No
• Migration needed? (Yes/No) No
• If yes, exact upgrade steps: N/A

Risks and Mitigations

• Risk: auth-sensitive provider routing can break Codex OAuth or direct OpenAI setups.
  • Mitigation: routing is narrowed to explicit/configured Codex auth and includes direct OpenAI preservation tests.
• Risk: live proof covered timeout-recovery compaction, while maintainers may still want a separate clean budget/preflight success.
  • Mitigation: the real session shows successful openai-codex/gpt-5.5 compaction and the same auth route on timeout failure; the exact proof log is linked in the PR comments.

[clawsweeper]

Codex review: needs maintainer review before merge. Reviewed May 25, 2026, 1:53 PM ET / 17:53 UTC.

Summary
The PR updates OpenAI/Codex compaction provider selection and preflight threshold gating, with focused regression tests for Codex OAuth, direct OpenAI, context-window lookup, and Responses server threshold behavior.

PR surface: Source +118, Tests +322. Total +440 across 8 files.

Reproducibility: yes. Source inspection shows current main resolves compaction model/auth against the raw OpenAI provider, and the PR discussion includes before-fix logs where fallback compaction used openai/gpt-5.5 and failed for missing direct OpenAI API-key auth.

Review metrics: 1 noteworthy metric.

• Config behavior surfaces: 0 added, 1 existing model parameter honored in preflight. The PR does not add a new config key, but it makes existing responsesCompactThreshold behavior affect local preflight compaction timing.

Merge readiness
Overall: 🐚 platinum hermit
Proof: 🦞 diamond lobster
Patch quality: 🐚 platinum hermit
Result: ready for maintainer review.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

• Run or wait for required changed checks covering the touched agents and auto-reply surfaces before merge.

Risk before merge

• Auth-provider selection during compaction is compatibility-sensitive: a wrong predicate can make Codex OAuth ask for a direct OpenAI key or make direct OpenAI API-key setups use Codex auth.
• The supplied proof and targeted tests are strong for the changed paths, but the PR body says full pnpm check or the full suite was not run in that local proof pass.

Maintainer options:

1. Merge after auth-route checks pass (recommended)
   Accept the scoped compaction routing change once required CI or changed-gate proof passes for the touched agents and auto-reply surfaces.
2. Ask for broader live preflight proof
   If maintainers want more runtime confidence, request a second live oversized preflight or timeout-compaction run that captures the provider route and session state after the latest head.
3. Pause for provider owner review
   If the auth-routing predicate should be a product/API decision rather than a bugfix, pause merge for an owner to confirm the Codex-vs-direct OpenAI selection contract.

Next step before merge
No repair lane is needed; maintainer review should focus on CI/changed-gate proof and accepting the auth-provider merge risk.

Security
Cleared: The diff changes auth provider selection for compaction but does not add new permissions, storage, network calls, dependency sources, or secret exposure surfaces.

Review details

Best possible solution:

Land the scoped auth-route and threshold fix after required CI or changed-gate proof confirms the Codex OAuth and direct OpenAI preservation paths.

Do we have a high-confidence way to reproduce the issue?

Yes. Source inspection shows current main resolves compaction model/auth against the raw OpenAI provider, and the PR discussion includes before-fix logs where fallback compaction used openai/gpt-5.5 and failed for missing direct OpenAI API-key auth.

Is this the best way to solve the issue?

Yes. The PR uses the existing OpenAI/Codex routing helper in the compaction path, preserves direct OpenAI when Codex auth is not configured, and covers the previously noted server-threshold edge case.

AGENTS.md: found and applied where relevant.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 7cd15d249316.

Label changes

Label changes:

• add proof: sufficient: Contributor real behavior proof is sufficient. The PR supplies redacted live runtime logs from a real Discord gateway session showing successful after-fix compaction through openai-codex/gpt-5.5 and preserved session state.
• add rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🦞 diamond lobster and patch quality is 🐚 platinum hermit.
• add status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Sufficient (logs): The PR supplies redacted live runtime logs from a real Discord gateway session showing successful after-fix compaction through openai-codex/gpt-5.5 and preserved session state.
• remove rating: 🦐 gold shrimp: Current PR rating is rating: 🐚 platinum hermit, so this older rating label is no longer current.
• remove status: ⏳ waiting on author: Current PR status label is status: 👀 ready for maintainer look.

Label justifications:

• P2: This is a normal-priority auth-routing bugfix for long OpenAI/Codex sessions with focused blast radius.
• merge-risk: 🚨 auth-provider: The diff changes which provider's credentials compaction uses for OpenAI model refs under Codex runtime conditions.
• rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🦞 diamond lobster and patch quality is 🐚 platinum hermit.
• status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Sufficient (logs): The PR supplies redacted live runtime logs from a real Discord gateway session showing successful after-fix compaction through openai-codex/gpt-5.5 and preserved session state.
• proof: sufficient: Contributor real behavior proof is sufficient. The PR supplies redacted live runtime logs from a real Discord gateway session showing successful after-fix compaction through openai-codex/gpt-5.5 and preserved session state.

Evidence reviewed

PR surface:

Source +118, Tests +322. Total +440 across 8 files.

View PR surface stats

Area	Files	Added	Removed	Net
Source	5	142	24	+118
Tests	3	323	1	+322
Docs	0	0	0	0
Config	0	0	0	0
Generated	0	0	0	0
Other	0	0	0	0
Total	8	465	25	+440

What I checked:

• Current-main compaction source: Current main resolves the compaction target to provider directly from the raw compaction target, then passes that provider into model/auth resolution before applying the selected Codex runtime provider; that matches the reported direct-OpenAI auth failure path. (src/agents/pi-embedded-runner/compact.ts:499, 7cd15d249316)
• Current-main preflight source: Current main computes preflight compaction threshold only as contextWindowTokens - reserveTokensFloor - softThresholdTokens, so it does not account for configured OpenAI Responses server compaction thresholds. (src/auto-reply/reply/agent-runner-memory.ts:730, 7cd15d249316)
• OpenAI Responses contract evidence: The payload policy enables server compaction by default for direct openai Responses models unless explicitly disabled, and docs say responsesCompactThreshold overrides that server threshold. (src/agents/openai-responses-payload-policy.ts:282, 7cd15d249316)
• PR patch evidence: The PR patch adds selected runtime provider resolution before compaction model/auth lookup, preserves direct OpenAI when no Codex auth is configured, and adds threshold tests including the implicit direct-OpenAI server-compaction default in commit ac388fb. (src/agents/pi-embedded-runner/compact.ts:499, ac388fb5a90b)
• Real behavior proof: The PR body and comment fix(openai): route compaction through Codex auth provider #86408 (comment) include redacted live Discord gateway logs showing timeout compaction succeeded through openai-codex/gpt-5.5 and the prior direct openai/gpt-5.5 missing API-key failure did not recur. (ac388fb5a90b)
• History/provenance sample: Local blame for the central current-main lines points to 2e3b59b, a recent ClawSweeper-generated maintenance commit, so the local checkout does not expose deeper original feature history; related PR Fix OpenAI compaction runtime routing #85413 covers the same OpenAI compaction runtime-routing surface. (src/agents/openai-codex-routing.ts:171, 2e3b59bc5804)

Likely related people:

• clawsweeper[bot]: Local blame on current main attributes the central routing, compaction, and preflight threshold lines to recent generated maintenance commit 2e3b59b, though this is weak for original ownership. (role: recent area contributor; confidence: low; commits: 2e3b59bc5804; files: src/agents/openai-codex-routing.ts, src/agents/pi-embedded-runner/compact.ts, src/auto-reply/reply/agent-runner-memory.ts)
• VACInc: Authored the related open PR Fix OpenAI compaction runtime routing #85413 on the same OpenAI compaction runtime-routing and threshold surface, and is co-author on this PR's commits. (role: adjacent prior contributor; confidence: medium; commits: 1f4a358fca3d, ac388fb5a90b; files: src/agents/openai-codex-routing.ts, src/agents/pi-embedded-runner/compact.ts, src/auto-reply/reply/agent-runner-memory.ts)
• pfrederiksen: Reported the related stale Codex thread preflight compaction failure in Telegram inbound dispatch aborts when preflight compaction hits missing Codex thread #86211 and authored the companion stale-binding recovery PR fix: recover Codex binding after stale preflight compaction #86216. (role: adjacent reporter and repair contributor; confidence: medium; commits: a9ad8a918eba; files: src/auto-reply/reply/agent-runner-memory.ts, extensions/codex/src/conversation-binding.ts, extensions/codex/src/app-server/compact.ts)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

[clawsweeper]

ClawSweeper PR egg

✨ Hatched: 💎 rare Tiny Merge Sprite

Hatch command

Comment @clawsweeper hatch when this PR is hatchable.

Hatchability rules:

• Merged PRs are hatchable.
• Open PRs are hatchable when they are status: 👀 ready for maintainer look, status: 🚀 automerge armed, or labeled clawsweeper:automerge.
• Closed unmerged PRs are hatchable only when one of those hatchable labels is still present in the durable record.

Rarity: 💎 rare.
Trait: purrs at green checks.
Image traits: location status garden; accessory tiny test log scroll; palette moonlit blue and soft silver; mood bright-eyed; pose peeking out from the egg shell; shell polished stone shell; lighting tiny status-light glow; background subtle branch markers.
Share on X: post this hatch
Copy: My PR egg hatched a 💎 rare Tiny Merge Sprite in ClawSweeper.

What is this egg doing here?

• Eggs appear after the PR passes real-behavior proof. It is here for vibes, not verdicts: it does not change labels, ratings, merge decisions, or automation.
• The shell reacts to review momentum: open follow-up work warms it up, re-review makes it wobble, and a clean final review lets it hatch.
• Hatchability usually comes from sufficient real-behavior proof, no blocking P0/P1/P2 findings, no security attention needed, and clean correctness. A merged PR is already final, so merge makes the egg hatchable independently.
• The hatch is seeded from this repository and PR number, so the same PR keeps the same creature; the reviewed head SHA can only change safe visual details.
• Rarity is just collectible sparkle: 🥚 common, 🌱 uncommon, 💎 rare, ✨ glimmer, and 🌈 legendary.

[funmerlin]

Post-install real behavior proof from a live gateway/Discord run (partial, not yet a successful oversized compaction):

Setup:

• Built this branch locally with pnpm build.
• Installed it into the LaunchAgent-pinned global OpenClaw path with npm install -g /Users/merlin/openclaw --prefix /Users/merlin/.nvm/versions/node/v24.13.0.
• Restarted the gateway with openclaw gateway restart.
• Verified the live gateway was executing the patched checkout: post-restart log callsites point at /Users/merlin/openclaw/dist/..., not the previous package path.

Before-fix evidence from the same machine, same day:

2026-05-25T10:49:04.392+02:00 codex app-server compaction could not use thread binding recovery=missing_thread_binding
2026-05-25T10:49:04.395+02:00 native harness compaction could not use its session binding; falling back to context engine: no codex app-server thread binding
2026-05-25T10:49:06.661+02:00 [compaction-diag] ... provider=openai/gpt-5.5 ... outcome=failed ... detail=No_API_key_found_for_provider_openai_...

After-fix live run from Discord #merlins-tower on the patched gateway:

2026-05-25T12:17:34.504+02:00 codex app-server compaction could not use thread binding
sessionKey=agent:main:discord:channel:<redacted>
sessionId=e1580861-e3df-4680-a6f6-da33ebb822b1
threadId=019e5bc9-e4f6-7cb1-8fa9-c35e5086c91b
reason="thread not found: 019e5bc9-e4f6-7cb1-8fa9-c35e5086c91b"
recovery=stale_thread_binding
path=file:///Users/merlin/openclaw/dist/subsystem-BhMD7zU-.js:178:51

Follow-up checks for the post-fix 12:17-12:18 window found no native harness compaction could not use its session binding; falling back to context engine line and no [compaction-diag] ... provider=openai/gpt-5.5 ... No_API_key_found_for_provider_openai line. The next relevant line was:

2026-05-25T12:18:44.549+02:00 [session-resume] Injected continuity summary for agent:main:discord:channel:<redacted>

Persisted session state after the run was also on the Codex provider route:

{
  "status": "done",
  "abortedLastRun": false,
  "modelProvider": "openai-codex",
  "model": "gpt-5.5",
  "contextTokens": 272000,
  "totalTokensFresh": true,
  "compactionCount": 0,
  "authProfileOverride": "openai-codex:<redacted>"
}

Gateway health after the run:

{
  "ok": true,
  "durationMs": 2509,
  "eventLoop": { "degraded": false, "reasons": [] },
  "plugins": { "loaded": ["browser", "memory-core"], "errors": [] },
  "channelOrder": ["discord"]
}

Interpretation: this is useful real setup proof that the previously observed stale-binding path no longer continues into the old direct-OpenAI API-key failure on this patched gateway. It is still partial proof: this run hit a stale Codex app-server thread binding and then resumed via continuity summary; it does not prove a fully successful oversized Codex OAuth compaction through openai-codex. I am leaving the PR draft until we either capture that successful oversized compaction or maintainers decide this stale-binding negative proof is sufficient for the targeted regression.

[funmerlin]

Additional live proof from the long-running Discord #claw-enhance session:

Setup:

• Same patched local gateway/install as above.
• Real Discord channel session: agent:main:discord:channel:<redacted> (#claw-enhance).
• Same session had before-fix failure on 2026-05-24.

Before-fix failure for this exact session/channel:

2026-05-24T22:40:10.320+02:00 codex app-server compaction could not use thread binding recovery=stale_thread_binding
2026-05-24T22:40:10.322+02:00 native harness compaction could not use its session binding; falling back to context engine: thread not found: <redacted-thread-id>
2026-05-24T22:40:14.163+02:00 [compaction-diag] ... sessionKey=agent:main:discord:channel:<redacted> trigger=budget provider=openai/gpt-5.5 attempt=1 maxAttempts=1 outcome=failed ... detail=No_API_key_found_for_provider_openai_...

After-fix live compaction evidence from today:

2026-05-25T19:17:48.271+02:00 [timeout-compaction] LLM timed out with high prompt token usage (76%); attempting compaction before retry (attempt 1/2) diagId=ovf-mplgz2i6-AQyaSQ
2026-05-25T19:18:02.136+02:00 [pre-compaction-session-snapshot] Wrote /Users/merlin/.openclaw/workspace-main/memory/sessions/agent_main_discord_channel_<redacted>.md
2026-05-25T19:18:05.519+02:00 [timeout-compaction] compaction succeeded for openai-codex/gpt-5.5; retrying prompt
2026-05-25T19:18:05.520+02:00 post-compaction guard armed for 3 attempts
2026-05-25T19:18:09.059+02:00 qmd sync completed for agent "main" reason=post-compaction durationMs=3583

Session transcript also contains a real compaction record at the same timestamp:

2026-05-25T17:18:05.457Z type=compaction id=95f31814 parentId=<redacted>

Persisted session state after the successful run:

{
  "status": "done",
  "abortedLastRun": false,
  "modelProvider": "openai-codex",
  "model": "gpt-5.5",
  "contextTokens": 272000,
  "totalTokens": 236692,
  "totalTokensFresh": true,
  "compactionCount": 6,
  "authProfileOverride": "openai-codex:<redacted>",
  "authProfileOverrideCompactionCount": 5,
  "memoryFlushCompactionCount": 5
}

Observed result:

• The real oversized Codex OAuth Discord session compacted successfully through openai-codex/gpt-5.5.
• The prior direct provider=openai/gpt-5.5 / No_API_key_found_for_provider_openai failure did not recur for this channel after the patched build was installed.
• There was another timeout-recovery attempt in the same session that timed out, but it also used provider=openai-codex/gpt-5.5, not direct openai/gpt-5.5, so the auth-provider regression stayed fixed even in the failure case.

This satisfies the missing real behavior proof more directly than the earlier stale-binding-only evidence.

[funmerlin]

Addressed ClawSweeper P2 threshold feedback in ac388fb5a90:

• resolveResponsesServerCompactionThreshold now matches the OpenAI Responses payload policy: direct openai treats server compaction as enabled by default unless responsesServerCompaction is explicitly false; non-OpenAI providers still require explicit true.
• The existing defer-at-server-threshold test now covers responsesCompactThreshold without explicit responsesServerCompaction: true.
• Added explicit-false coverage proving local preflight threshold behavior is used when direct OpenAI server compaction is disabled.

Validation after the fix:

node scripts/run-vitest.mjs src/auto-reply/reply/agent-runner-memory.test.ts src/agents/openai-codex-routing.test.ts src/agents/pi-embedded-runner/compact.hooks.test.ts
Test Files  4 passed (4)
Tests  136 passed (136)

git diff --check
# clean

@clawsweeper re-review

[clawsweeper]

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

Re-review progress:

• State: Complete
• Detail: The targeted re-review finished, the durable review comment was updated, and the synced verdict was routed.
• Run: https://github.com/openclaw/clawsweeper/actions/runs/26413039139
• Updated: 2026-05-25T17:57:49.293Z

[steipete]

Maintainer rewrite/proof before landing:

Behavior addressed: selected runtime: "codex" OpenAI routing stays on openai-codex, while overflow compaction keeps the direct OpenAI API-key fallback only in the compaction-specific path.
Real environment tested: local checkout rebased on origin/main, plus GitHub CI on final head 097086e1ac0031b246d15bc766563599824f8e09.
Exact steps or command run after this patch:

• node scripts/run-vitest.mjs src/agents/openai-codex-routing.test.ts src/agents/pi-embedded-runner/compact.hooks.test.ts src/auto-reply/reply/agent-runner-memory.test.ts src/agents/pi-embedded-runner/run.incomplete-turn.test.ts src/agents/pi-embedded-runner/run.overflow-compaction.test.ts
• .agents/skills/autoreview/scripts/autoreview --mode local
• git diff --check
• GitHub CI run 26419812078
• GitHub CodeQL run 26419812024
• GitHub CodeQL Critical Quality run 26419812051
  Evidence after fix: targeted Vitest passed 8 files / 418 tests; autoreview reported no accepted/actionable findings; final GitHub CI, CodeQL, and Critical Quality runs completed successfully.
  Observed result after fix: PR is mergeable on final SHA 097086e1ac0031b246d15bc766563599824f8e09.
  What was not tested: no live Codex app-server/OAuth session was run; coverage is routing/unit/CI proof for the changed compaction and provider-selection surface.