Greptile Summary

This PR fixes a security issue where raw agent error messages — containing internal filesystem paths, OS usernames, and sandbox configuration details — were being forwarded verbatim to external channels (e.g., Discord). The fix replaces all raw error interpolation in user-facing fallback replies with static, generic strings, while preserving full error details in operator logs via defaultRuntime.error().

Key changes:

• Added an isSandboxOrSecurity classifier (/sandbox security|outside allowed roots/i) to show a slightly more descriptive "configuration error" message for that class of failures.
• All other unclassified errors now produce a fully generic "Agent failed before reply." message — no raw error text is ever sent to channels.
• Removed the now-unnecessary safeMessage/trimmedMessage variables that were previously used to sanitize and interpolate error details.
• The existing test case for "sandbox is not defined." validates the generic fallback correctly, but the new isSandboxOrSecurity-specific message ("Agent failed to start due to a configuration error...") has no test coverage — a case with e.g. "sandbox security violation" or "outside allowed roots" in the error string should be added.

Confidence Score: 4/5

• Safe to merge — the security fix is correct and the fallback chain is strictly safer than before; the only gap is missing test coverage for the new isSandboxOrSecurity branch.
• The logic change is minimal and directionally correct: raw error text is never forwarded to channels in any code path. The isSandboxOrSecurity classifier is additive (missing matches fall to the safe generic message), so the regex scope doesn't introduce regression risk. Score is 4 rather than 5 only because the new classifier branch lacks a dedicated test case.
• The test file (src/auto-reply/reply.triggers.trigger-handling.targets-active-session-native-stop.e2e.test.ts) is missing a test case that exercises the isSandboxOrSecurity branch in agent-runner-execution.ts.

This is a comment left during a code review.
Path: src/auto-reply/reply.triggers.trigger-handling.targets-active-session-native-stop.e2e.test.ts
Line: 153-163

Comment:
**Missing test case for `isSandboxOrSecurity` branch**

The test updates the expected output for `"sandbox is not defined."`, which correctly hits the generic fallback because `"sandbox is not defined."` doesn't match the new `/sandbox security|outside allowed roots/i` regex. However, the new `isSandboxOrSecurity` classifier branch — which produces the distinct `"⚠️ Agent failed to start due to a configuration error. Check \`openclaw logs --follow\` for details."` message — has no test coverage at all.

Consider adding a test case that exercises the actual patterns the regex targets, e.g.:

```suggestion
      const errorCases = [
        {
          error: "sandbox is not defined.",
          expected: "⚠️ Agent failed before reply. Check `openclaw logs --follow` for details.",
        },
        {
          error: "sandbox security violation: outside allowed roots /home/user/secret",
          expected:
            "⚠️ Agent failed to start due to a configuration error. Check `openclaw logs --follow` for details.",
        },
        {
          error: "Context window exceeded",
          expected:
            "⚠️ Context overflow — prompt too large for this model. Try a shorter message or a larger-context model.",
        },
      ] as const;
```

Without this, a future refactor of the regex could silently break the specific "configuration error" UX without any test catching it.

How can I resolve this? If you propose a fix, please make it concise.

_{Last reviewed commit: "fix: redact raw erro..."}