nav/Dirigent
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: bypass DM sessions without metadata and make tool globally visible #4

Merged
hzhang merged 5 commits from fix/dm-bypass-and-tool-visibility into feat/whispergate-mvp 2026-02-27 15:30:12 +00:00
Conversation 0 Commits 5 Files Changed 3 +44 -9
zhi commented 2026-02-27 14:14:54 +00:00
Collaborator
Copy Link

Changes

1. DM session bypass (fixes no-reply on DM)

When neither senderId nor channelId can be extracted from the prompt, this is a DM session where OpenClaw does not inject untrusted conversation metadata. Previously these sessions hit rule_match_no_end_symbol and were silenced.

Fix: add early return in evaluateDecision — if both are missing, bypass the gate with dm_no_metadata_bypass reason and inject end-marker normally.

2. Tool visibility (fixes agents not seeing whispergateway_tools)

registerTool was called with { optional: true }, requiring each agent to have tools.allow: ["whispergate"]. Only main had this. Changed to { optional: false } so the tool is visible to all agents by default.

Affected agents: administrative-secretary, agent-resource-director, developer, operator, manager, mentor, recruiter, dispatcher.

## Changes ### 1. DM session bypass (fixes no-reply on DM) When neither `senderId` nor `channelId` can be extracted from the prompt, this is a DM session where OpenClaw does not inject untrusted conversation metadata. Previously these sessions hit `rule_match_no_end_symbol` and were silenced. Fix: add early return in `evaluateDecision` — if both are missing, bypass the gate with `dm_no_metadata_bypass` reason and inject end-marker normally. ### 2. Tool visibility (fixes agents not seeing whispergateway_tools) `registerTool` was called with `{ optional: true }`, requiring each agent to have `tools.allow: ["whispergate"]`. Only `main` had this. Changed to `{ optional: false }` so the tool is visible to all agents by default. Affected agents: administrative-secretary, agent-resource-director, developer, operator, manager, mentor, recruiter, dispatcher.
zhi added 1 commit 2026-02-27 14:14:54 +00:00
fix: bypass DM sessions without metadata and make tool globally visible f23d9049a7 
1. DM bypass: when neither senderId nor channelId can be extracted from
   the prompt (DM sessions lack untrusted conversation info), skip the
   no-reply gate and allow the message through with end-marker injection.

2. Tool visibility: change whispergateway_tools registration from
   optional=true to optional=false so all agents can see the tool
   without needing explicit tools.allow entries.
zhi added 1 commit 2026-02-27 14:25:14 +00:00
fix(installer): resolve plugin path relative to repo instead of hardcoded operator path f74b3978e7 
PLUGIN_PATH defaulted to /root/.openclaw/workspace-operator/... regardless
of which workspace the installer was run from. Now resolves relative to
the script location (../dist/whispergate).
zhi added 1 commit 2026-02-27 14:38:02 +00:00
fix(rules): strip trailing metadata blocks before checking end symbol 75d659787c 
getLastChar was checking the last character of the full event.prompt,
which includes Conversation/Sender metadata blocks appended by OpenClaw
after the actual message. This meant end symbols like 🔚 at the end of
the message body were invisible — the last char was always backtick or
whitespace from the metadata JSON block.

Fix: strip trailing '(untrusted metadata)' blocks before extracting
the last character. This only affects non-humanList senders (humanList
senders bypass end symbol check via human_list_sender reason).
zhi added 1 commit 2026-02-27 15:16:08 +00:00
fix: use configured endSymbols in injected prompt and exempt gateway keywords 3749de981f 
- buildEndMarkerInstruction() replaces hardcoded END_MARKER_INSTRUCTION,
  dynamically using the resolved policy's endSymbols
- Instruction now explicitly exempts gateway keywords (NO_REPLY, HEARTBEAT_OK)
  from requiring end symbols
- Export resolvePolicy from rules.ts for reuse in before_prompt_build hook
zhi added 1 commit 2026-02-27 15:20:07 +00:00
fix(rules): handle multi-byte emoji in getLastChar via Array.from 75f358001b 
getLastChar used t[t.length-1] which only gets the trailing surrogate
of emoji like 🔚 (U+1F51A, a surrogate pair in UTF-16). This meant
end symbol matching ALWAYS failed for emoji symbols, causing every
non-humanList message to hit rule_match_no_end_symbol -> no-reply.

Fix: use Array.from(t) to correctly split by Unicode code points.
hzhang merged commit 9047d3ad8f into feat/whispergate-mvp 2026-02-27 15:30:12 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
orion zhi nav
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: nav/Dirigent#4
Delete Branch "fix/dm-bypass-and-tool-visibility"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?