UI: send docs markdown links to public docs

[dahifi]

Summary

• Normalize Control UI markdown docs-root links to https://docs.openclaw.ai/....
• Preserve real Mission Control app routes and API/media links such as /usage, /chat, and /api/....
• Add regression coverage for inline markdown docs links and markdown sidebar docs links.

Test Plan

• node scripts/run-vitest.mjs ui/src/ui/markdown.test.ts -t "docs-root|nested docs links|markdown sidebars|keeps app-relative links navigable"
• node scripts/run-vitest.mjs ui/src/ui/markdown.test.ts ui/src/ui/views/cron.test.ts ui/src/ui/views/agents.test.ts ui/src/ui/views/chat.test.ts
• pnpm check

Fixes #89465

— Seraphel

[clawsweeper]

Codex review: needs real behavior proof before merge. Reviewed June 2, 2026, 10:33 AM ET / 14:33 UTC.

Summary
This PR adds Control UI markdown normalization that rewrites docs-root relative links to https://docs.openclaw.ai/... while preserving app/API routes, plus regression tests for inline markdown and markdown sidebars.

PR surface: Source +79, Tests +39. Total +118 across 2 files.

Reproducibility: yes. The current-main markdown sanitizer leaves root-relative hrefs unchanged, and the linked issue shows those docs paths resolving against the Mission Control origin instead of the public docs host; I did not run a live browser repro in this read-only review.

Review metrics: none identified.

Merge readiness
Overall: 🧂 unranked krab
Proof: 🧂 unranked krab
Patch quality: 🐚 platinum hermit
Result: blocked until real behavior proof is added.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

• [P1] Add redacted Mission Control proof showing a docs markdown link opens https://docs.openclaw.ai/... and app/API links such as /usage, /chat, and /api/... stay on the app/API path.

Proof guidance:

• [P1] Needs real behavior proof before merge: Missing: the PR body lists tests but no after-fix real Mission Control proof; add redacted browser/terminal evidence and update the PR body to trigger a fresh ClawSweeper review, or ask a maintainer to comment @clawsweeper re-review.

Mantis proof suggestion
A short browser proof would materially show the visible Mission Control link target behavior that tests alone do not demonstrate. A maintainer can ask Mantis to capture proof by posting a new PR comment that starts with the OpenClaw Mantis account mention, followed by:

visual task: verify Mission Control markdown docs links like /concepts/agent-workspace open docs.openclaw.ai while /usage, /chat, and /api/... remain app/API routes.

Risk before merge

• [P1] The PR has no after-fix real browser proof yet; before merge, reviewers still need a redacted Mission Control run showing a docs-root link opens docs.openclaw.ai while /usage, /chat, and /api/... remain app/API links.

Maintainer options:

1. Decide the mitigation before merge
   Land the shared markdown-renderer normalization after CI and real Mission Control proof confirm public docs links and preserved app/API routes.
2. Pause or close
   Do not merge this PR until maintainers decide whether the risk is worth taking.

Next step before merge

• [P1] Needs contributor real behavior proof and normal maintainer review rather than an automated repair; I found no discrete code finding for ClawSweeper to fix.

Security
Cleared: No concrete security or supply-chain concern found; the diff only changes sanitized markdown href normalization and tests, with no dependency, workflow, secret, or permission changes.

Review details

Best possible solution:

Land the shared markdown-renderer normalization after CI and real Mission Control proof confirm public docs links and preserved app/API routes.

Do we have a high-confidence way to reproduce the issue?

Yes. The current-main markdown sanitizer leaves root-relative hrefs unchanged, and the linked issue shows those docs paths resolving against the Mission Control origin instead of the public docs host; I did not run a live browser repro in this read-only review.

Is this the best way to solve the issue?

Yes. The shared sanitizer hook is the right fix boundary because chat, cron, side-result, skills, and markdown sidebar surfaces all render through toSanitizedMarkdownHtml; the PR still needs real browser proof before merge.

AGENTS.md: found and applied where relevant.

Codex review notes: model gpt-5.5, reasoning high; reviewed against c8d21fe7f05b.

Label changes

Label changes:

• add P2: This is a normal-priority user-facing UI navigation bug fix with limited blast radius and a clear linked issue.
• add rating: 🧂 unranked krab: Overall readiness is 🧂 unranked krab; proof is 🧂 unranked krab and patch quality is 🐚 platinum hermit.
• add status: 📣 needs proof: The PR needs real behavior proof before ClawSweeper can clear the contributor ask. Needs real behavior proof before merge: Missing: the PR body lists tests but no after-fix real Mission Control proof; add redacted browser/terminal evidence and update the PR body to trigger a fresh ClawSweeper review, or ask a maintainer to comment @clawsweeper re-review.

Label justifications:

• P2: This is a normal-priority user-facing UI navigation bug fix with limited blast radius and a clear linked issue.
• rating: 🧂 unranked krab: Overall readiness is 🧂 unranked krab; proof is 🧂 unranked krab and patch quality is 🐚 platinum hermit.
• status: 📣 needs proof: The PR needs real behavior proof before ClawSweeper can clear the contributor ask. Needs real behavior proof before merge: Missing: the PR body lists tests but no after-fix real Mission Control proof; add redacted browser/terminal evidence and update the PR body to trigger a fresh ClawSweeper review, or ask a maintainer to comment @clawsweeper re-review.

Evidence reviewed

PR surface:

Source +79, Tests +39. Total +118 across 2 files.

View PR surface stats

Area	Files	Added	Removed	Net
Source	1	79	0	+79
Tests	1	39	0	+39
Docs	0	0	0	0
Config	0	0	0	0
Generated	0	0	0	0
Other	0	0	0	0
Total	2	118	0	+118

What I checked:

• Repository policy read: Root AGENTS.md, ui/AGENTS.md, and the relevant docs guide were read; the root review/proof policy and docs public-host guidance affected this review. (AGENTS.md:1, c8d21fe7f05b)
• Current main still has the bug path: Current main validates anchor hrefs against window.location.href, then keeps the original root-relative href while adding rel/target attributes; there is no docs-host normalization on main. (ui/src/ui/markdown.ts:168, c8d21fe7f05b)
• PR implementation evidence: The PR head adds normalizeDocsRootHref, allowlists docs root segments, preserves known Control UI app paths and /api/, and applies the normalized public-docs href inside the sanitizer hook. (ui/src/ui/markdown.ts:204, bfe1eecda11c)
• PR regression coverage: The PR adds tests for /concepts/agent-workspace public-docs rewriting, nested /channels/discord docs rewriting, /usage, /chat, and /api/... preservation, and markdown-sidebar rendering. (ui/src/ui/markdown.test.ts:585, bfe1eecda11c)
• Shared renderer callers: Chat messages, cron job markdown, side-result text, skill content, and markdown sidebars all use toSanitizedMarkdownHtml, so fixing the sanitizer hook is the right shared boundary for the reported surfaces. (ui/src/ui/views/markdown-sidebar.ts:30, c8d21fe7f05b)
• Docs contract evidence: The docs guide says docs are hosted at https://docs.openclaw.ai and internal docs links stay root-relative for Mintlify, which supports normalizing those links when rendered inside Mission Control. Public docs: docs/AGENTS.md. (docs/AGENTS.md:5, c8d21fe7f05b)

Likely related people:

• vincentkoc: Recent current-main history for ui/src/ui/markdown.ts includes two markdown streaming/performance commits immediately before this PR's surface. (role: recent markdown renderer contributor; confidence: medium; commits: 0c3644cb2477, 732748c8c5cb; files: ui/src/ui/markdown.ts)
• BunsDev: Path history shows the markdown-it replacement and security-related URL scheme allowlisting work on the shared markdown renderer. (role: markdown renderer migration contributor; confidence: medium; commits: 9315302516fb, cb58e45130a8; files: ui/src/ui/markdown.ts, ui/src/ui/markdown.test.ts)
• steipete: Recent history includes UI lint/format maintenance and markdown sidebar history, and the current main commit is authored by Peter Steinberger. (role: recent UI and docs area contributor; confidence: medium; commits: 304e2c83c01f, d328a0d7a0da, c8d21fe7f05b; files: ui/src/ui/markdown.ts, ui/src/ui/views/markdown-sidebar.ts)
• BryanTegomoh: Recent path history added the host-local markdown link safety behavior adjacent to this PR's sanitizer hook changes. (role: adjacent markdown sanitizer contributor; confidence: medium; commits: fc2d2d595ccc; files: ui/src/ui/markdown.ts, ui/src/ui/markdown.test.ts)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.