Refine OpenClaw adapter: method mapping, command extraction, and approval gating

[Neuro-Rift]

User description

Motivation

• Improve resilience of the NeuroRift→OpenClaw bridge to varying tool call shapes so RPC method routing is consistent across payload variants.
• Ensure high-risk approval logic evaluates real shell commands instead of scanning full JSON blobs to reduce false positives.
• Restrict interactive approval gating to actual execution operations to avoid blocking benign read/write/process calls.

Description

• Added a centralized TOOL_METHOD_MAP with aliases (e.g. terminal, file_read, file_write, workflow_state) and used it in _map_method so tool types map robustly to OpenClaw RPCs.
• Implemented _extract_command_preview to pull actual command text from common keys (command, cmd, shell, input or nested payload) for accurate risk detection.
• Scoped approval forwarding to exec RPCs only by running the ExecutionApprovalForwarder check only when the mapped method is exec.
• All changes are contained in integrations/openclaw/openclaw_gateway_adapter.py and preserve existing behavior for non-exec operations.

Testing

• Ran python3 -m py_compile integrations/openclaw/openclaw_gateway_adapter.py which completed successfully.

---

Codex Task

---

CodeAnt-AI Description

Map tool calls correctly, extract real commands, and gate approvals only for executions

What Changed

• Tool call types are mapped to the correct RPC method consistently (e.g., terminal → exec, file_read → read, file_write → write, workflow_state → process)
• For execution (exec) calls the adapter now extracts the actual command text from common keys (command, cmd, shell, input or payload) so risk checks use the real command instead of the whole JSON
• Approval checks are run only for exec operations; non-exec calls (read/write/process) are no longer blocked by execution approval and exec denials produce an rpc.reject with an approval_required message

Impact

✅ Fewer false approval blocks for non-execution operations
✅ Clearer execution risk detection and approval decisions
✅ More accurate rejection messages when executions are denied

💡 Usage Guide

Checking Your Pull Request

Every time you make a pull request, our system automatically looks through it. We check for security issues, mistakes in how you're setting up your infrastructure, and common code problems. We do this to make sure your changes are solid and won't cause any trouble later.

Talking to CodeAnt AI

Got a question or need a hand with something in your pull request? You can easily get in touch with CodeAnt AI right here. Just type the following in a comment on your pull request, and replace "Your question here" with whatever you want to ask:

@codeant-ai ask: Your question here

This lets you have a chat with CodeAnt AI about your pull request, making it easier to understand and improve your code.

Example

@codeant-ai ask: Can you suggest a safer alternative to storing this secret?

Preserve Org Learnings with CodeAnt

You can record team preferences so CodeAnt AI applies them in future reviews. Reply directly to the specific CodeAnt AI suggestion (in the same thread) and replace "Your feedback here" with your input:

@codeant-ai: Your feedback here

This helps CodeAnt AI learn and adapt to your team's coding style and standards.

Example

@codeant-ai: Do not flag unused imports.

Retrigger review

Ask CodeAnt AI to review the PR again, by typing:

@codeant-ai: review

Check Your Repository Health

To analyze the health of your code repository, visit our dashboard at https://app.codeant.ai. This tool helps you identify potential issues and areas for improvement in your codebase, ensuring your repository maintains high standards of code health.

Summary by CodeRabbit

Release Notes

• Bug Fixes

  • Fixed approval workflow to apply selectively to command execution operations instead of all requests
  • Enhanced command preview extraction with improved fallback handling and error safety

• Refactor

  • Centralized tool call method mapping for consistent operation type handling
  • Optimized command preview derivation for improved reliability and accuracy

[codeant-ai]

CodeAnt AI is reviewing your PR.

[greptile-apps]

Your free trial has ended. If you'd like to continue receiving code reviews, you can add a payment method here.

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5d354a3 and 4d1aeea.

📒 Files selected for processing (1)

• integrations/openclaw/openclaw_gateway_adapter.py

---

📝 Walkthrough

Walkthrough

This change refactors the OpenClaw gateway adapter to centralize tool-to-RPC method mapping, extract command previews intelligently, and conditionally apply approval logic only for execution operations, replacing unconditional approval with smart filtering.

Changes

Cohort / File(s)

Summary

OpenClaw Gateway Adapter Refactoring integrations/openclaw/openclaw_gateway_adapter.py

Added TOOL_METHOD_MAP constant for centralized tool type-to-RPC method translation. Introduced _extract_command_preview() static method to safely derive command previews with fallback logic. Modified _map_method to use the mapping constant. Updated _build_rpc_frame to conditionally perform approval only when rpc_method is "exec", returning rpc.reject frames on denial, and using extracted previews instead of raw JSON.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 A rabbit hops through logic trees so bright,
Mapping tools to methods, what a sight!
Previews extracted with care and grace,
Approvals now conditional—a safer place.
In one file's heart, smart refactoring takes flight! ✨

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch codex/integrate-neurorift-with-openclaw-gateway-h559hk

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[deepsource-io]

DeepSource Code Review

We reviewed changes in 5d354a3...4d1aeea on this pull request. Below is the summary for the review, and you can see the individual issues we found as inline review comments.

See full review on DeepSource ↗

PR Report Card

Overall Grade   Focus Area: Complexity

Security   Reliability   Complexity   Hygiene

Code Review Summary

Analyzer	Status	Updated (UTC)	Details
Python		Feb 27, 2026 12:14p.m.	Review ↗

[codeant-ai]

Nitpicks 🔍

🔒 No security issues identified

⚡ Recommended areas for review Sensitive information _extract_command_preview falls back to json.dumps(tool_call, ...) when no command field is found. That serialized payload is later sent to external channels (Discord/Telegram) by the approval forwarder and may contain secrets or sensitive data. This could leak API keys, tokens, or PII. Approval robustness The adapter calls approval_forwarder.evaluate(...) without error handling or timeout handling at call site. If evaluate raises or takes too long, the adapter may fail or stall the websocket loop. Consider handling exceptions and timeouts explicitly. Method mapping The new centralized TOOL_METHOD_MAP is good, but _map_method uses the raw type value as-is. This may miss matches for different casing or unexpected types (e.g., None, integers). Consider normalizing the value and expanding aliases or a safe default strategy.

[codeant-ai]

CodeAnt AI finished reviewing your PR.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 4d1aeea0c1

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Prefer payload command over input for risk approval

For exec calls that include both a descriptive input string and the real shell command under payload.command, _extract_command_preview returns input first, so high-risk checks can miss dangerous commands (e.g. rm -rf ...) and incorrectly auto-approve execution. This regression is specific to mixed-shape payloads and weakens the approval gate compared with scanning the full tool-call JSON.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Handle non-string tool types before method lookup

_map_method now does TOOL_METHOD_MAP.get(call_type, "process"), which raises TypeError when type is a dict/list (possible with variant or malformed websocket payloads). The previous equality-chain safely fell back to process; this change can now crash _build_rpc_frame and terminate the adapter loop on a single bad event.

Useful? React with 👍 / 👎.