Skip to content

Feature Request: message:sent and message:received hook events for output validation #12914

New issue
New issue
Closed
Closed
Feature Request: message:sent and message:received hook events for output validation#12914
Labels
enhancementNew feature or request
@joegra2003

Description

@joegra2003
joegra2003
opened on Feb 9, 2026

Summary

Request for message:sent and message:received internal hook events, enabling deterministic output validation before message delivery.

Motivation

We built a Door Guard hook that injects verified date/time/day-of-week into the agent's bootstrap context (agent:bootstrap event). This solves the input side — giving the LLM correct facts so it doesn't hallucinate dates.

However, LLMs are non-deterministic and sometimes ignore their own instructions regardless of how clearly specified. We need an output side guard that can:

  1. Intercept responses before delivery to messaging channels
  2. Programmatically validate content (e.g., verify any day-of-week mention matches date +%A)
  3. Block and re-prompt the LLM if violations are detected (with corrected context)
  4. Fall back to a safe message after N retries

Current State

The hooks docs list message:sent and message:received as "Future Events" (planned but not implemented). The agent:bootstrap hook works great for input injection, but there's no way to validate/block output before it reaches the user.

Proposed Hook API

// message:pre-send — fires BEFORE delivery, can block/modify
api.registerHook('message:pre-send', async (event) => {
  const content = event.context.content;
  
  // Example: verify day-of-week mentions
  const dayPattern = /(monday|tuesday|wednesday|thursday|friday|saturday|sunday)/gi;
  const matches = content.match(dayPattern);
  if (matches) {
    const { stdout } = await exec('date +%A');
    const actualDay = stdout.trim().toLowerCase();
    for (const match of matches) {
      if (match.toLowerCase() !== actualDay) {
        event.block(); // Prevent delivery
        event.requeue('Your response mentioned "' + match + '" but today is ' + actualDay);
        return;
      }
    }
  }
});

// message:sent — fires AFTER delivery (for logging/audit)
api.registerHook('message:sent', async (event) => {
  await auditLog.append(event.context);
});

Use Cases

  • Date/time verification — catch wrong day-of-week before it reaches the user
  • PII leakage prevention — block responses containing another user's personal data in group chats
  • Content safety — programmatic output filtering that can't be bypassed by prompt injection
  • Audit logging — immutable record of all sent messages
  • Message routing validation — ensure responses go to the correct recipient

Context

We have a full proposal with architecture options at: https://github.com/openclaw/openclaw/discussions (can share if helpful). The key insight is that LLM-based guardrails fail because they're non-deterministic too — we need deterministic code running between the LLM and the send channel.

This is the missing piece for production-grade safety in OpenClaw deployments.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions