research(auth+media): auth profiles and media understanding architecture

[alexey-pelykh]

Context

The auth profiles system (auth-profiles.json, provider-auth.ts, onboarding credential collection) and media understanding subsystem were inherited from OpenClaw's model-provider architecture. RemoteClaw is middleware — it spawns CLI agents, it doesn't make model API calls itself.

With runtimeEnv (#375) handling CLI credential injection via config, and CLIs handling multimodal input natively, both systems are redundant.

Prerequisite spike

Before gutting media understanding, verify that CLI agents can receive media (images, audio, video) via their NDJSON/streaming-JSON interfaces:

• Claude CLI: Can images be passed via --print streaming JSON? Base64? File paths?
• Gemini CLI: Multimodal input via --prompt or stdin?
• Codex CLI: --image flag works with JSON output mode? Multiple images?
• Audio/video: Do any CLIs accept audio or video input? What happens when a user sends a voice message on WhatsApp?

The spike determines whether media passthrough is straightforward or needs a thin adapter layer (e.g., saving media to temp files and passing paths).

What to remove

Media understanding subsystem

• src/media-understanding/ — entire directory (runner, entries, providers, attachments, types, resolve, defaults, errors, output-extract)
• Media understanding config in schema (tools.mediaUnderstanding)
• Related test files

Auth profile infrastructure

• src/agents/auth-profiles/ — entire directory (store, types, constants, profiles, oauth, paths, display, doctor, session-override)
• src/agents/auth-profiles.ts — barrel re-export
• src/agents/auth-health.ts — auth health summary
• src/agents/provider-auth.ts — provider auth resolution (resolveApiKeyForProvider, resolveEnvApiKey, resolveModelAuthMode, resolveModelAuthLabel, etc.)
• src/agents/api-key-rotation.ts — API key rotation (only used by media understanding)

Onboarding credential collection

• src/commands/onboard-auth.credentials.ts — writeOAuthCredentials, setAnthropicApiKey, setGeminiApiKey, etc.
• src/wizard/onboarding.ts — promptRuntimeCredential() flow (API key / auth token prompts)
• src/commands/onboard-auth.config-*.ts — provider-specific config helpers
• src/commands/configure.gateway-auth.ts — gateway auth profile upserts

Auth profile consumers

• src/commands/doctor-auth.ts — deprecated profile detection + health display
• src/commands/agent.ts — ensureAuthProfileStore(), clearSessionAuthProfileOverride()
• src/auto-reply/reply/directive-handling.auth.ts — /auth directive handler
• src/auto-reply/reply/commands-status.ts — resolveModelAuthLabel() display
• src/auto-reply/status.ts — resolveModelAuthMode() status display
• src/auto-reply/reply/agent-runner.ts — auth mode checks
• src/auto-reply/reply/get-reply-run.ts — session auth profile override
• src/cron/isolated-agent/run.ts — session auth profile override
• src/infra/provider-usage.auth.ts — provider usage auth resolution
• src/commands/agents.commands.add.ts — upsertAuthProfile() during agent add
• src/commands/channels/list.ts — loadAuthProfileStore()
• src/plugins/types.ts — AuthProfileCredential type import

Config/schema fields

• auth.profiles in config schema
• Session entry fields: authProfileOverride, providerOverride, modelOverride

What replaces it

• CLI credential injection: runtimeEnv config (feat(runtime): add runtimeEnv config for CLI process environment variables #375)
• Media processing: CLIs handle multimodal input natively (pending spike confirmation)
• Onboarding: Simplified to: pick runtime → set runtimeEnv → done
• Status display: Show whether runtimeEnv has expected env var for configured runtime

Related

• feat(runtime): add runtimeEnv config for CLI process environment variables #375 — runtimeEnv config field (prerequisite)
• fix(middleware): CLIRuntimeBase silently discards stderr when CLI exits with error #374 — stderr swallowing (independent)
• 4452b2de02 — model management gut (precedent)

[alexey-pelykh]

Spike Results: CLI Media Capabilities

Research completed across all 4 supported CLI runtimes. Summary:

Per-Runtime Findings

Runtime	Media Input Method	Status	Notes
Claude	--input-format stream-json with base64 tool_result image blocks on stdin	⚠️ Works but requires refactor	Current --print flag doesn't support media. Would need to switch to streaming-JSON stdin mode and construct image content blocks with type: "image", source: { type: "base64", media_type, data }. Only images supported — no audio/video.
Gemini	@path inline syntax in prompt text	✅ Best support	Natively handles images, audio, video, and PDF via file path references inline in the prompt (e.g., Describe @image.png). Best headless multimodal support of all runtimes.
Codex	--image <path> flag	❌ Broken in JSON mode	Flag exists but upstream bug (codex#5773) — --image is silently ignored when --json output mode is active. Images only work in interactive TTY mode.
OpenCode	--file <path> flag	❌ Broken upstream	Flag exists but hardcodes text/plain MIME type for all files (source), so binary media is sent as text. Images/audio/video won't work.

Current Media Understanding Pipeline (OpenClaw Heritage)

The existing pipeline converts all media to text descriptions before the CLI ever sees them:

Channel plugin (WhatsApp/Telegram/etc.)
  → MsgContext { MediaPath, MediaUrl, MediaType }
  → applyMediaUnderstanding()  [in auto-reply path, NOT ChannelBridge]
    → calls vision/audio APIs directly (Anthropic, Google, Deepgram)
    → generates text description
    → prepends to ctx.Body
  → CLI agent receives text-only prompt

Key finding: media understanding runs in the auto-reply path, not in ChannelBridge.handle(). The bridge path (used by agent command) never processes media — it only receives message.text.

Architectural Implications

1. Gemini is the only runtime with reliable headless media passthrough. Claude requires a significant stdin refactor. Codex and OpenCode are broken upstream.

2. For non-Gemini runtimes, media→text conversion is still needed. Options:

   • Keep a thin media-to-text layer (but without the full OpenClaw provider infrastructure — use the configured CLI's own API or a dedicated service)
   • Delegate to channel plugins (plugin-level parseMessage hook that converts media before it reaches the bridge)
   • Save media to temp files and let each runtime handle it natively (only works for Gemini currently)

3. The current auth profiles system IS the media understanding dependency. resolveApiKeyForProvider() in provider-auth.ts is used by the media understanding runner to make direct API calls. Once media understanding is gutted, auth profiles lose their last real consumer.

Recommendation

• Phase 1 (feat(runtime): add runtimeEnv config for CLI process environment variables #375): Add runtimeEnv — unblocks credential injection without auth profiles
• Phase 2: Gut auth profiles (they have no consumers once media understanding is removed)
• Phase 3: Gut media understanding, replacing it with:
  • For Gemini runtime: save media to temp file, pass @path in prompt
  • For other runtimes: thin media→text conversion using the runtime's own API key (from runtimeEnv) — much simpler than the current multi-provider infrastructure
  • Long-term: revisit as Codex/OpenCode fix upstream media bugs

Spike Checklist Update

• Claude CLI: Can images be passed via streaming JSON? Yes, via --input-format stream-json base64 blocks — but requires refactoring away from --print
• Gemini CLI: Multimodal input? Yes, via @path inline syntax — best support
• Codex CLI: --image works with JSON mode? No — upstream bug, silently ignored in --json mode
• Audio/video: Only Gemini supports audio/video/PDF natively. Claude is image-only. Codex/OpenCode broken.

[alexey-pelykh]

Revised architectural findings — auth system repurpose, not gut

After deeper analysis, the scope of this issue should change from "gut auth profiles + media understanding" to a more surgical restructuring.

Key insights

1. Auth system is mis-wired, not useless. The profile store could serve as the unified credential backend for:

   • CLI runtime env var injection (now via runtimeEnv from feat(runtime): add runtimeEnv config for CLI process environment variables #375, but could be auto-populated from auth profiles — repairing the broken auth→env bridge)
   • TTS API keys (currently resolved independently in src/tts/tts.ts:resolveTtsApiKey via config + env vars — bypasses auth profiles entirely)
   • STT API keys (currently buried inside media understanding's resolveApiKeyForProvider())
   • Key rotation across all consumers

2. Media understanding should be decomposed, not gutted wholesale:

   • STT (speech→text) = middleware concern, same layer as TTS. Voice messages on WhatsApp/Telegram need transcription before any runtime sees them. Runtime-agnostic — every CLI needs text input. Should be extracted into a standalone stt/ module parallel to tts/.
   • Image/video understanding = runtime-dependent. Gemini handles natively (@path). Claude can with refactoring (stdin stream-json). Codex/OpenCode broken upstream. Should be delegated to the AgentRuntime where possible, with a fallback text-description path for runtimes that can't handle binary media.

3. TTS has its own credential resolution (resolveTtsApiKey reads from messages.tts.{provider}.apiKey config + env vars) that completely bypasses the auth profile system. This is a fragmentation issue — credentials for the same providers (OpenAI, ElevenLabs) live in different config locations with different resolution logic. This may have been fixed upstream in OpenClaw — needs investigation.

Revised architecture target

Auth Profile Store (unified credential backend)
  ├── runtimeEnv injection → CLI child process env vars
  ├── TTS keys (ElevenLabs, OpenAI)
  ├── STT keys (Deepgram, Whisper, etc.)
  └── key rotation across all consumers

Middleware layer (runtime-agnostic)
  ├── STT: voice message → text (extracted from media-understanding/)
  ├── TTS: text → voice reply (already exists in tts/)
  └── future pre-processing

AgentRuntime layer (runtime-dependent)
  ├── Image/video passthrough (Gemini: native, Claude: needs stdin refactor)
  └── Fallback: image→text description for runtimes that can't handle binary

Revised scope for this issue

Instead of "gut auth profiles + media understanding":

• Extract STT from src/media-understanding/ into standalone src/stt/ middleware module (parallel to src/tts/)
• Move image/video understanding responsibility to AgentRuntime interface (add capability check + passthrough or fallback)
• Remove dead parts: multi-provider vision runner infrastructure that duplicates what CLIs do natively
• Investigate TTS credential fragmentation — why does TTS bypass auth profiles? Check if upstream OpenClaw fixed this
• Unify credential resolution: auth profiles as single source of truth for all API keys
• Repair auth→env bridge (auth profile entries → runtimeEnv auto-population)
• Keep auth profile store as credential backend (do NOT gut)

Related

• feat(runtime): add runtimeEnv config for CLI process environment variables #375 — runtimeEnv config field (implemented)
• fix(auto-reply): buildChannelMessage never populates mediaUrls field #384 — buildChannelMessage never populates mediaUrls

[alexey-pelykh]

TTS credential fragmentation — upstream design gap, not regression

Verified against upstream OpenClaw (openclaw/main:src/tts/tts.ts): TTS has always bypassed auth profiles. The upstream resolveTtsApiKey is identical to ours — reads from config.elevenlabs.apiKey || process.env.ELEVENLABS_API_KEY with zero auth profile integration. This was never fixed upstream.

The fragmentation

The same provider keys (OpenAI, ElevenLabs) can live in two different config locations with two different resolution paths:

Consumer	Credential source	Resolution function
Media understanding	Auth profiles (auth-profiles.json)	resolveApiKeyForProvider() in provider-auth.ts
TTS	Config (messages.tts.{provider}.apiKey) + env vars	resolveTtsApiKey() in tts/tts.ts
CLI runtimes	runtimeEnv config (#375)	resolveCliRuntimeEnv() in runtime-factory.ts

Three separate credential silos for overlapping providers, with no unified onboarding, no rotation, and no single source of truth.

Implication for this issue

When unifying credentials under the auth profile store (as proposed in the revised scope), TTS should be migrated to use the same credential backend — with config/env as fallbacks for backwards compat.

[alexey-pelykh]

Extracted work items — multimodal AgentRuntime support

Decomposed the multimodal media support into three layered issues:

1. feat(middleware): add multimodal media attachments to AgentRuntime contract #385 — AgentRuntime multimodal contract: Add MediaAttachment type, media field to AgentExecuteParams (inbound) and AgentRunResult (outbound), AgentMediaEvent to the event stream, and mediaCapabilities declaration to the AgentRuntime interface.

2. feat(runtimes): implement multimodal I/O for each CLI runtime #386 — Per-runtime multimodal implementation: Each CLI runtime implements media I/O according to its actual capabilities:

   • Claude: --input-format stream-json stdin refactor (images only)
   • Gemini: @path inline syntax (images/audio/video/PDF)
   • Codex: blocked by upstream bug (no media)
   • OpenCode: blocked by upstream bug (no media)

3. feat(middleware): propagate multimodal media through ChannelBridge and auto-reply #387 — Middleware multimodal propagation: Wire media end-to-end through ChannelBridge and auto-reply:

   • Inbound: channel media → ChannelMessage.mediaUrls → ChannelBridge → runtime capability check → passthrough or fallback
   • Outbound: AgentMediaEvent / AgentRunResult.media → ReplyPayload.mediaUrl → channel delivery
   • STT extraction into standalone src/stt/ module (middleware concern, parallel to TTS)

Dependency chain

#385 (contract) → #386 (runtimes) → #387 (propagation)
                                   ↗
#384 (mediaUrls wiring fix) ──────╯