fix(images): skip CLI image cache refs

[TurboTheTurtle]

Fixes the sticky-image reattachment portion of #86687.

Summary

• skip OpenClaw-written .openclaw-cli-images and openclaw-cli-images paths during prompt image-reference detection
• cover direct parser behavior for prior transcript cache paths, temporary cache paths, and file URLs
• add a CLI helper regression proving prior .openclaw-cli-images prompt text is not reloaded through loadImageFromRef

Scope note

This intentionally does not change the group-chat selective-reply policy. The issue review marks that half as needing a maintainer/product decision, while the sticky-image loop has a narrow source-proven fix.

Real behavior proof

Behavior or issue addressed: Prior OpenClaw-written CLI image cache paths in prompt history should not be detected or loaded as fresh user image references on later turns.

Real environment tested: Local OpenClaw checkout at /Users/andy/openclaw/openclaw-86687, branch fix/skip-cli-image-cache-86687, dependencies installed with pnpm install --frozen-lockfile.

Exact steps or command run after this patch: Ran pnpm exec tsx -e ... against the real detectImageReferences and loadPromptRefImages helpers using prior prompt text containing /workspace/.openclaw-cli-images/stale.png, then ran ClawSweeper's requested surrounding test suite.

Evidence after fix:

{
  "refs": [
    {
      "raw": "/workspace/current.png",
      "type": "path",
      "resolved": "/workspace/current.png"
    }
  ],
  "cacheOnlyLoadCount": 0,
  "cachePathDetected": false
}

Additional command output:

• node scripts/run-vitest.mjs src/agents/cli-runner.helpers.test.ts src/agents/embedded-agent-runner/run/images.test.ts src/auto-reply/reply/groups.test.ts src/config/silent-reply.test.ts --reporter dot -> 6 test files passed, 132 tests passed.

Observed result after fix: The stale .openclaw-cli-images transcript path was ignored, loadPromptRefImages returned zero images for a cache-only prompt, and an unrelated normal image path remained detectable.

What was not tested: I did not run a live Discord channel replay; the fix is scoped to the shared prompt image-reference detector used by the CLI image reload path.

Author attribution

If this PR is squash-merged or reworked, please preserve author attribution for Andy Ye <35905412+TurboTheTurtle@users.noreply.github.com> or include:

Co-authored-by: Andy Ye <35905412+TurboTheTurtle@users.noreply.github.com>

[clawsweeper]

Codex review: passed. Reviewed May 28, 2026, 12:35 AM ET / 04:35 UTC.

Summary
The PR updates image-reference detection to ignore OpenClaw CLI image cache directories and adds parser/helper regressions for cache-only prompt text.

PR surface: Source +13, Tests +45. Total +58 across 3 files.

Reproducibility: yes. Current main source shows cache-path prompt text flows from prepareCliPromptImagePayload through loadPromptRefImages into detectImageReferences, and the detector currently has no CLI cache-path exclusion.

Review metrics: none identified.

Merge readiness
Overall: 🦞 diamond lobster
Proof: 🦞 diamond lobster
Patch quality: 🦞 diamond lobster
Result: ready for maintainer review.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Next step before merge

• [P2] No repair lane is needed; the submitted PR is focused, automerge-opted, and has no actionable review findings.

Security
Cleared: The diff only changes local image-reference filtering and focused tests; it adds no dependency, workflow, credential, permission, or supply-chain surface.

Review details

Best possible solution:

Land the scoped detector/test fix after required merge gates, while keeping the separate group-chat selective-reply policy work tracked on #86687.

Do we have a high-confidence way to reproduce the issue?

Yes. Current main source shows cache-path prompt text flows from prepareCliPromptImagePayload through loadPromptRefImages into detectImageReferences, and the detector currently has no CLI cache-path exclusion.

Is this the best way to solve the issue?

Yes for the sticky-image half. Skipping the internal CLI cache directories in the shared detector is a narrow fix with direct parser/helper coverage; the group-chat selective-reply half remains a separate maintainer/product decision.

AGENTS.md: found and applied where relevant.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 771ddcf1846f.

Label changes

Label changes:

• add rating: 🦞 diamond lobster: Overall readiness is 🦞 diamond lobster; proof is 🦞 diamond lobster and patch quality is 🦞 diamond lobster.
• add status: 🚀 automerge armed: This PR is in ClawSweeper's automerge lane. Sufficient (live_output): The PR body supplies after-fix live helper output showing stale CLI cache refs ignored while a normal image path remains detectable, plus focused test-suite output.
• remove rating: 🐚 platinum hermit: Current PR rating is rating: 🦞 diamond lobster, so this older rating label is no longer current.
• remove status: 👀 ready for maintainer look: Current PR status label is status: 🚀 automerge armed.

Label justifications:

• P1: The PR fixes the P1 sticky-image reattachment regression that can repeatedly leak stale image context into always-on agent turns.
• rating: 🦞 diamond lobster: Overall readiness is 🦞 diamond lobster; proof is 🦞 diamond lobster and patch quality is 🦞 diamond lobster.
• status: 🚀 automerge armed: This PR is in ClawSweeper's automerge lane. Sufficient (live_output): The PR body supplies after-fix live helper output showing stale CLI cache refs ignored while a normal image path remains detectable, plus focused test-suite output.
• proof: sufficient: Contributor real behavior proof is sufficient. The PR body supplies after-fix live helper output showing stale CLI cache refs ignored while a normal image path remains detectable, plus focused test-suite output.

Evidence reviewed

PR surface:

Source +13, Tests +45. Total +58 across 3 files.

View PR surface stats

Area	Files	Added	Removed	Net
Source	1	14	1	+13
Tests	2	45	0	+45
Docs	0	0	0	0
Config	0	0	0	0
Generated	0	0	0	0
Other	0	0	0	0
Total	3	59	1	+58

What I checked:

• Current main fallback path: On current main, prepareCliPromptImagePayload falls back to loadPromptRefImages when no fresh images are supplied, and loadPromptRefImages passes the whole prompt to detectImageReferences, which supports the linked sticky-image loop. (src/agents/cli-runner/helpers.ts:337, 771ddcf1846f)
• Current main detector behavior: The current detector accepts path and file URL image refs without any .openclaw-cli-images or openclaw-cli-images exclusion, so the reported cache-path prompt text is source-reproducible on main. (src/agents/embedded-agent-runner/run/images.ts:302, 771ddcf1846f)
• PR implementation: The branch adds isOpenClawCliImageCachePath and applies it before adding normal path refs and file URL refs, matching the requested sticky-image hot patch without changing config or provider routing. (src/agents/embedded-agent-runner/run/images.ts:102, 6c7ce38a539c)
• PR regression coverage: The patch adds detector tests for transcript, temporary cache, and file URL cache paths, plus a CLI helper test proving cache-only prompt text does not call loadImageFromRef or image sanitization. (src/agents/cli-runner.helpers.test.ts:39, 6c7ce38a539c)
• Contributor real behavior proof: The PR body includes after-fix helper output where only /workspace/current.png is detected, cacheOnlyLoadCount is 0, and cachePathDetected is false; it also reports the focused surrounding test command passing 132 tests. (6c7ce38a539c)
• CI and proof checks: GitHub check-run data for the PR head shows relevant node lanes succeeding and the real behavior proof check succeeding after the proof update; no blocking review comments were present. (6c7ce38a539c)

Likely related people:

• steipete: GitHub path history shows bb46b79d3c1479f194a90afcf3dd69a1858a7898 internalized the current image detector and related tests, and recent path history shows repeated CLI/agent image work by this author. (role: feature-history owner; confidence: high; commits: bb46b79d3c14, b9f975b64e80, 42033929d4d0; files: src/agents/embedded-agent-runner/run/images.ts, src/agents/embedded-agent-runner/run/images.test.ts, src/agents/cli-runner/helpers.ts)
• mbelinky: Recent merged work in 7299c5695317f74ddbe4a1a68efafd723a38c6c1 changed src/agents/cli-runner/helpers.ts around workspace/cwd handling, adjacent to the cache-path and workspace-scope behavior this PR touches. (role: recent adjacent contributor; confidence: medium; commits: 7299c5695317; files: src/agents/cli-runner/helpers.ts)
• Shakker: Earlier commits bbd3ccf8e68a48c3ffa77e1f7de56c7c31a77f80 and 5995c1b4a3a439677710f107b407a7a44f8ed909 added CLI image path reuse and argv coverage in the helper test surface extended by this PR. (role: adjacent test contributor; confidence: medium; commits: bbd3ccf8e68a, 5995c1b4a3a4; files: src/agents/cli-runner.helpers.test.ts)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

[clawsweeper]

ClawSweeper PR egg: ✨ hatched 💎 rare Cosmic Proofling. Rarity: 💎 rare. Trait: guards the happy path.

Details

Share on X: post this hatch
Copy: My PR egg hatched a 💎 rare Cosmic Proofling in ClawSweeper.
Hatchability:

• Merged PRs are hatchable.
• Open PRs are hatchable when they are status: 👀 ready for maintainer look, status: 🚀 automerge armed, or labeled clawsweeper:automerge.
• Closed unmerged PRs are hatchable only when one of those hatchable labels is still present in the durable record.

About:

• Eggs appear after real-behavior proof passes. They are collectible flavor only.
• Review momentum changes the shell state: follow-up work warms it, re-review makes it wobble, and a clean final review lets it hatch.
• The hatch is seeded from this repository and PR number, so the same PR keeps the same creature; the reviewed head SHA can only change safe visual details.
• Rarity is just collectible sparkle: 🥚 common, 🌱 uncommon, 💎 rare, ✨ glimmer, and 🌈 legendary.

[Takhoffman]

@clawsweeper visualize

[clawsweeper]

🦞👀
ClawSweeper visual brief is being prepared.

I queued a read-only visual pass. It will create or update one marker-backed visual brief comment and will not trigger close, merge, repair, label, or branch changes.

Lens: auto

[clawsweeper]

Source: #87501 (comment)
Visual model: gpt-5.5, reasoning low.

Visual brief

Requested lens: state
Advisory only: maintainers remain the final judges.

PR: #87501
Related issue: #86687

Before: stale image cache path becomes live image input again

Turn N
  user attaches image
        |
        v
  OpenClaw writes cache path
  /workspace/.openclaw-cli-images/stale.png
        |
        v
  transcript stores path text
        |
        v
Turn N+1, no new image
  prompt history includes prior cache path
        |
        v
  detectImageReferences()
        |
        v
  🐛 matches OpenClaw-written cache path
        |
        v
  loadPromptRefImages()
        |
        v
  ❌ stale image bytes reattached

After: OpenClaw-written cache refs are filtered

Turn N+1 prompt text
+----------------------------------------------+
| prior transcript cache path                  |
| /workspace/.openclaw-cli-images/stale.png    |
|                                              |
| current user image path                      |
| /workspace/current.png                       |
+----------------------------------------------+
           |
           v
 detectImageReferences()
           |
           +--> 💾 .openclaw-cli-images/...  -> ✅ ignored
           |
           +--> user/current image path       -> ✅ preserved

Patch shape

src/agents/embedded-agent-runner/run/images.ts
  + isOpenClawCliImageCachePath()
  + skip .openclaw-cli-images and openclaw-cli-images path parts
  + apply skip to normal paths and file:// paths

Tests added
  ✅ direct transcript cache path ignored
  ✅ temporary openclaw-cli-images path ignored
  ✅ file:// cache URL ignored
  ✅ CLI helper does not call loadImageFromRef for cache-only prompt

Scope boundary

Related issue #86687 has two reported regressions:

+-------------------------------+-------------------------------+
| Sticky image reattachment     | ✅ addressed by this PR        |
| Group-chat selective replies  | ⚠️ intentionally unchanged     |
+-------------------------------+-------------------------------+

Proof supplied

Input proof:
  prompt contains /workspace/.openclaw-cli-images/stale.png
  prompt also contains /workspace/current.png

Observed after fix:
  refs = [ /workspace/current.png ]
  cacheOnlyLoadCount = 0
  cachePathDetected = false

Reported test run:
  node scripts/run-vitest.mjs ... --reporter dot
  ✅ 6 files passed
  ✅ 132 tests passed

Legend: ✅ expected/proven; ❌ broken/dropped path; ⚠️ unresolved tradeoff; 🐛 confirmed pre-fix bug; 💾 persisted disk/cache state.

Maintainer ruling

Benefit: Stops OpenClaw-written CLI image cache paths from being re-detected as fresh user image references on later turns, while preserving ordinary image-path detection.

Risk: Path-part filtering may also ignore a user-authored image path if it intentionally lives inside a directory named .openclaw-cli-images or openclaw-cli-images.

Proof needed: Maintainer/CI confirmation on the submitted branch, plus any desired review that the directory-name filter is the right product boundary.

Recommended next action: Maintainer review of the narrow image-cache filter and its tests.

Question presented: Is skipping any path segment named .openclaw-cli-images or openclaw-cli-images the intended boundary for OpenClaw-owned image cache refs?

[Takhoffman]

@clawsweeper auto merge

[clawsweeper]

🦞🔧
ClawSweeper picked up the repair feedback.

Source: clawsweeper[bot]
Feedback: trusted ClawSweeper review contains P-severity findings (sha=6c7ce38a539c158ef4a96c82129711eab8536ece)
Action: repair worker queued. Run: https://github.com/openclaw/clawsweeper/actions/runs/26554925586
Model: gpt-5.5

I will update this PR branch, or open a safe credited replacement, if the repair worker finds a narrow fix.

Automerge progress:

• 2026-05-28 04:29:37 UTC review queued 6c7ce38a539c (queued)

• 2026-05-28 04:29:50 UTC review queued 6c7ce38a539c (queued)

• 2026-05-28 04:35:31 UTC review requested repair 6c7ce38a539c (trusted ClawSweeper review contains P-severity findings (sha=6c7ce38a539c158ef4...)

• 2026-05-28 04:35:56 UTC repair queued 6c7ce38a539c (autonomous) Run: https://github.com/openclaw/clawsweeper/actions/runs/26554925586

• 2026-05-28 04:37:09 UTC repair started (running) in 0s Run: https://github.com/openclaw/clawsweeper/actions/runs/26554925586 automerge-openclaw-openclaw-87501

• 2026-05-28 04:37:26 UTC validation plan (passed) in 17s Run: https://github.com/openclaw/clawsweeper/actions/runs/26554925586 pnpm check:changed; pnpm lint; pnpm check:test-types

• 2026-05-28 04:37:41 UTC Codex write preflight (passed) in 33s Run: https://github.com/openclaw/clawsweeper/actions/runs/26554925586 danger-full-access

• 2026-05-28 04:46:03 UTC Codex edit 1 5bfba6ae4a3a (complete) in 8m 55s Run: https://github.com/openclaw/clawsweeper/actions/runs/26554925586 exit 0

• 2026-05-28 04:54:12 UTC validation and review 1 c166f8b74d9a (base moved) in 17m 3s Run: https://github.com/openclaw/clawsweeper/actions/runs/26554925586 rebased

• 2026-05-28 04:54:48 UTC repair finished c166f8b74d9a (opened) in 17m 40s Run: https://github.com/openclaw/clawsweeper/actions/runs/26554925586 open_fix_pr

[Takhoffman]

@clawsweeper automerge

[clawsweeper]

🦞👀
ClawSweeper picked this up.

Command router queued. I will update this comment with the next step.

[clawsweeper]

ClawSweeper 🐠 reef update

Thanks for the contribution. The source branch was not safely writable by ClawSweeper, so it opened a replacement PR and kept the credit trail visible.

Why replacement: ClawSweeper could not update the source PR branch directly; GitHub did not grant sufficient push rights to the bot for that branch.
Replacement PR: #87523
Why close: this run explicitly closes the superseded source PR after the credited replacement PR is open, so review continues in one place.
Closing this source PR only because source-PR closing was explicitly enabled for this run.
The replacement PR carries the original credit trail forward.
Co-author credit kept:

• @TurboTheTurtle: Co-authored-by: Andy Ye 35905412+TurboTheTurtle@users.noreply.github.com

fish notes: model gpt-5.5, reasoning high; reviewed against c166f8b.