fix(codex): normalize dynamic tool progress results

[bdjben]

Summary

• normalize Codex dynamic tool progress results into TUI-compatible content arrays
• keep the existing tool start/result event path, but strip app-server protocol-only contentItems/success from verbose transcript payloads
• add regression coverage for dynamic tool start/result events

Testing

• pnpm exec vitest run extensions/codex/src/app-server/run-attempt.test.ts

Real behavior proof

• Behavior or issue addressed: In the Codex TUI, verbose full mode could receive dynamic tool progress but did not get result details in the standard tool-result shape the transcript renderer expects. This made verbose output collapse toward bare tool labels instead of useful tool content.
• Real environment tested: Local OpenClaw install on macOS with the Codex app-server runtime and TUI in verbose full mode.
• Exact steps or command run after this patch: Started the local OpenClaw TUI, switched to verbose full, and sent a Codex job that invoked runtime tools including shell/Python-style work.
• Evidence after fix:

Manual local TUI observation: verbose tool transcript updated live during the Codex job instead of staying at bare tool labels.
User-facing live validation from the same local setup: "verbose output now does appear and update (good)"

• Observed result after fix: Tool progress now appears and updates during the active Codex run, and result payloads are emitted as content: [{ type: "text", text: ... }], which is the TUI-compatible shape.

• What was not tested: This PR deliberately does not include or claim to fix /steer; steer behavior is still being investigated separately.

• Proof: See below screenshot of "/verbose full" working again after implementing this fix (and below it an image of "/verbose full" not working before the fix; the "not working" image shows very basic verbose mode blocks (perhaps of the kind that should show in the more simplified "/verbose on" mode), and even then, those blocks would not show up until manually submitting repeated "/verbose" commands:

• After:

- Before:

Note: this PR intentionally does not include any TUI /steer changes.

[clawsweeper]

Codex review: needs maintainer review before merge. Reviewed June 8, 2026, 10:54 AM ET / 14:54 UTC.

Summary
The PR changes Codex app-server dynamic tool progress result events to emit sanitized TUI-compatible content arrays, strip protocol-only contentItems and success from that event payload, and add regression coverage.

PR surface: Source +38, Tests +102. Total +140 across 3 files.

Reproducibility: yes. Current main sends dynamic tool progress results with contentItems and success, while the TUI and ACP paths extract visible output from result.content; the supplied screenshot shows the fixed TUI path rendering tool output.

Review metrics: none identified.

Merge readiness
Overall: 🦞 diamond lobster
Proof: 🦞 diamond lobster ✨ media proof bonus
Patch quality: 🦞 diamond lobster
Result: ready for maintainer review.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Risk before merge

• [P1] The author noted a separate verbose-mode refresh case where new user messages can still require toggling verbose modes; this PR should be treated as the dynamic-tool-result normalization, not a full verbose-mode follow-up.

Maintainer options:

1. Decide the mitigation before merge
   Merge the normalized app-server event shape after normal maintainer and CI handling, and track the remaining verbose refresh behavior separately if it still reproduces.
2. Pause or close
   Do not merge this PR until maintainers decide whether the risk is worth taking.

Next step before merge

• No ClawSweeper repair lane is needed because the reviewed diff has no discrete automated blocker; the next action is ordinary maintainer and CI handling.

Security
Cleared: The diff only changes Codex runtime event normalization and tests, keeps protocol output sanitized before transcript emission, and does not touch dependencies, workflows, scripts, credentials, or package metadata.

Review details

Best possible solution:

Merge the normalized app-server event shape after normal maintainer and CI handling, and track the remaining verbose refresh behavior separately if it still reproduces.

Do we have a high-confidence way to reproduce the issue?

Yes. Current main sends dynamic tool progress results with contentItems and success, while the TUI and ACP paths extract visible output from result.content; the supplied screenshot shows the fixed TUI path rendering tool output.

Is this the best way to solve the issue?

Yes. Normalizing once at the Codex app-server event boundary after sanitization is the narrowest maintainable fix; teaching generic TUI/ACP consumers about Codex contentItems would leak a Codex protocol shape into broader event consumers.

AGENTS.md: found and applied where relevant.

Codex review notes: model gpt-5.5, reasoning high; reviewed against e3ef136bca85.

Label changes

Label changes:

• add proof: sufficient: Contributor real behavior proof is sufficient. The PR body provides a real macOS OpenClaw TUI verbose-full run, and the inspected screenshot directly shows rendered tool output after the fix.
• add rating: 🦞 diamond lobster: Overall readiness is 🦞 diamond lobster; proof is 🦞 diamond lobster and patch quality is 🦞 diamond lobster.
• remove rating: 🐚 platinum hermit: Current PR rating is rating: 🦞 diamond lobster, so this older rating label is no longer current.

Label justifications:

• P2: This is a focused fix for a Codex verbose TUI regression with limited blast radius and no emergency data-loss, security, or availability signal.
• rating: 🦞 diamond lobster: Overall readiness is 🦞 diamond lobster; proof is 🦞 diamond lobster and patch quality is 🦞 diamond lobster.
• status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Sufficient (screenshot): The PR body provides a real macOS OpenClaw TUI verbose-full run, and the inspected screenshot directly shows rendered tool output after the fix.
• proof: sufficient: Contributor real behavior proof is sufficient. The PR body provides a real macOS OpenClaw TUI verbose-full run, and the inspected screenshot directly shows rendered tool output after the fix.
• proof: 📸 screenshot: Contributor real behavior proof includes screenshot evidence. The PR body provides a real macOS OpenClaw TUI verbose-full run, and the inspected screenshot directly shows rendered tool output after the fix.

Evidence reviewed

PR surface:

Source +38, Tests +102. Total +140 across 3 files.

View PR surface stats

Area	Files	Added	Removed	Net
Source	1	39	1	+38
Tests	2	104	2	+102
Docs	0	0	0	0
Config	0	0	0	0
Generated	0	0	0	0
Other	0	0	0	0
Total	3	143	3	+140

What I checked:

• Repository policy applied: Read the full root AGENTS.md and the scoped extensions/AGENTS.md; the Codex upstream-source gate and bundled extension boundary shaped this review. (AGENTS.md:10, e3ef136bca85)
• Current main still has the mismatch: Current main emits result: sanitizeCodexToolResponse(progressResponse) for dynamic tool progress, which preserves Codex protocol fields instead of producing the TUI result-content shape. (extensions/codex/src/app-server/run-attempt.ts:1720, e3ef136bca85)
• TUI expects result.content: The TUI forwards data.result to the tool renderer, and the renderer only extracts visible output from result.content; a protocol-only contentItems payload renders as empty output. (src/tui/components/tool-execution.ts:42, e3ef136bca85)
• PR normalizes at the Codex event boundary: The PR sanitizes the dynamic tool response, maps sanitized contentItems into content, deletes contentItems and success, and emits that normalized result for progress events. (extensions/codex/src/app-server/run-attempt.ts:312, 0f291319fd96)
• Regression coverage checks the event contract: The added tests verify dynamic tool result events contain content, omit contentItems and success, and keep sanitized secret text out of emitted events. (extensions/codex/src/app-server/run-attempt.test.ts:1165, 0f291319fd96)
• Upstream Codex contract checked: The sibling Codex source defines dynamic tool responses as contentItems plus success, and inputText/inputImage are the supported output item variants. (../codex/codex-rs/app-server-protocol/schema/typescript/v2/DynamicToolCallResponse.ts:6, 0526cb56ac35)

Likely related people:

• steipete: Git history shows Peter Steinberger introduced and repeatedly hardened the Codex app-server control/lifecycle path that now emits these dynamic tool events. (role: introduced Codex app-server area; confidence: high; commits: 31a0b7bd42a5, 3b65e2302a55, 659bcc5e5b59; files: extensions/codex/src/app-server/run-attempt.ts)
• vincentkoc: Recent history on the same Codex app-server file includes auth/runtime refactors by Vincent Koc shortly before this change. (role: recent Codex app-server contributor; confidence: medium; commits: f1cc8f0cfc7c, 859eb0666282; files: extensions/codex/src/app-server/run-attempt.ts)
• Vignesh Natarajan: Recent TUI history includes multiple fixes around active-run routing, final output handling, and session-key aliases, which are adjacent to the verbose tool-event consumer path. (role: TUI event routing contributor; confidence: medium; commits: 61a0b0293104, 726ef48c2ac8, 9f2cb3b58212; files: src/tui/tui-event-handlers.ts)
• Jason (Json): Current-main blame on the dynamic tool progress emission and TUI tool-event lines points to a broad recent commit by Jason, so they are a useful routing candidate even though the commit covered many areas. (role: recent area contributor; confidence: medium; commits: 57e0bdaabe0a; files: extensions/codex/src/app-server/run-attempt.ts, src/tui/tui-event-handlers.ts, src/tui/components/tool-execution.ts)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

[bdjben]

Note: this largely fixes the verbose mode issue, but not fully. At times, a new user message sent in the TUI does not show its verbose mode content until the user toggles verbose modes once or twice.

[byungskers]

This normalization looks like the right fix for the TUI contract mismatch. One thing I'm unsure about: toTranscriptToolResultContentItem() currently falls back to { type: "text", text: "" } for any non-inputText / non-imageUrl item. That keeps the shape TUI-friendly, but it also silently drops any future Codex output variant. Would it be worth either preserving an explicit placeholder / metadata marker, or constraining this helper to the known output union so new upstream item types fail loudly in tests instead of degrading to an empty text block?

[bdjben]

Hmm. I'm not sure that any non-text codex output would be tui compliant anyway. The fail loudly vs quietly is worth noting, but I think getting verbose mode back up and running as is is critical; the rest can wait for another day. But something to think about!

[bdjben]

@clawsweeper re-run

[clawsweeper]

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

Re-review progress:

• State: Complete
• Detail: The targeted re-review finished, the durable review comment was updated, and the synced verdict was routed.
• Run: https://github.com/openclaw/clawsweeper/actions/runs/26987288739
• Updated: 2026-06-05T00:18:40.937Z

[bdjben]

@clawsweeper re-review

Updated in f33d0f1.

What changed:

• toTranscriptToolResult now maps transcript content from the sanitizeCodexToolResponse output, not raw contentItems.
• Tool progress result payloads stay TUI-compatible as content[] while omitting protocol-only success/contentItems.
• Added regression coverage for redacted dynamic tool output text and the full app-server progress event contract.

Local verification:

• node scripts/run-vitest.mjs run extensions/codex/src/app-server/run-attempt.dynamic-tools.test.ts
• node scripts/run-vitest.mjs run extensions/codex/src/app-server/run-attempt.test.ts
• node scripts/run-vitest.mjs run src/tui/tui-event-handlers.test.ts
• node scripts/run-oxlint.mjs --tsconfig config/tsconfig/oxlint.extensions.json extensions/codex/src/app-server/run-attempt.ts extensions/codex/src/app-server/run-attempt.dynamic-tools.test.ts extensions/codex/src/app-server/run-attempt.test.ts
• pnpm tsgo:extensions:test

[clawsweeper]

🦞🧹
ClawSweeper re-review requested.

I asked ClawSweeper to review this item again.
Action: item re-review queued (workflow sweep.yml, event repository_dispatch).
Result: the existing ClawSweeper review comment will be edited in place when the review finishes.

Re-review progress:

• State: Complete
• Detail: The targeted re-review finished, the durable review comment was updated, and the synced verdict was routed.
• Run: https://github.com/openclaw/clawsweeper/actions/runs/27099964120
• Updated: 2026-06-07T17:51:34.911Z

[shakkernerd]

Thanks @bdjben, merged this via squash.

This lands the Codex app-server normalization for dynamic tool progress results: emitted progress events now expose sanitized TUI-compatible result.content and omit protocol-only contentItems / success.

The remaining verbose-mode refresh/toggle behavior noted above looks separate from this event-shape fix and should be tracked separately if it still reproduces.