Fix ACP session model reporting in sessions list

[cyan-ember]

Summary

• read the ACP runtime model from session entry ACP metadata when resolving session model identity
• avoid falling back to the configured default model for ACP session rows when no explicit ACP model is known
• add regression coverage for ACP session model reporting in sessions list

Closes #54640

Testing

• pnpm exec vitest run --config vitest.gateway.config.ts src/gateway/session-utils.test.ts -t ACP
• full src/gateway/session-utils.test.ts currently has one unrelated existing failure in uses persisted active subagent runs when the local worker only has terminal snapshots

[greptile-apps]

Greptile Summary

This PR fixes ACP session model reporting in the sessions list by reading the runtime model from acp.runtimeOptions.model in session metadata and intentionally avoiding the fallback to the configured default model for ACP sessions when no explicit model is known.

Key changes:

• Three new private helpers (resolveSessionModelIdentityLiteral, resolveSessionModelIdentityLiteralWithProvider, resolveExplicitSessionModelIdentityRef) factor out model-resolution logic cleanly, keeping each piece small and testable.
• buildGatewaySessionRow now dispatches on isAcpSessionKey(key): ACP sessions use resolveExplicitSessionModelIdentityRef (returns undefined when no model is recorded), while regular sessions continue using resolveSessionModelIdentityRef (always returns a model, falling back to DEFAULT_MODEL).
• resolveSessionModelIdentityRef itself also gains the ACP runtimeOptions.model check, making it useful as a general-purpose resolver when called directly.
• Two new test suites provide regression coverage: one confirming ACP runtime model takes priority over configured defaults, another confirming that ACP sessions without a known model leave modelProvider/model as undefined rather than inheriting the default.
• One minor style nit: isAcpSessionKey(key) is evaluated twice in buildGatewaySessionRow and could be cached in a local variable.

Confidence Score: 5/5

• Safe to merge — the fix is narrowly scoped to ACP session key detection, backed by targeted regression tests, and the refactor leaves all existing behaviour unchanged.
• The change is small and well-contained: a new dispatch path for ACP keys plus three private helpers. Existing tests continue to pass, two new tests directly cover the bug and the regression. The only finding is a trivial style nit (duplicate isAcpSessionKey call) that has no correctness impact.
• No files require special attention.

Prompt To Fix All With AI

This is a comment left during a code review.
Path: src/gateway/session-utils.ts
Line: 1180-1184

Comment:
**Duplicate `isAcpSessionKey` call**

`isAcpSessionKey(key)` is called twice with the same argument on lines 1180 and 1184. Since the result is pure (string ops only — `trim`, `toLowerCase`, `startsWith`), it's cheap, but caching it in a local variable would make the intent clearer and avoid any future drift if the key value were somehow mutable.

```suggestion
  const isAcp = isAcpSessionKey(key);
  const resolvedModel = isAcp
    ? resolveExplicitSessionModelIdentityRef(cfg, entry, subagentRun?.model)
    : resolveSessionModelIdentityRef(cfg, entry, sessionAgentId, subagentRun?.model);
  const modelProvider = resolvedModel?.provider;
  const model = resolvedModel?.model ?? (isAcp ? undefined : DEFAULT_MODEL);
```

How can I resolve this? If you propose a fix, please make it concise.

_{Reviews (1): Last reviewed commit: "Fix ACP session model reporting in sessi..." | Re-trigger Greptile}

[greptile-apps]

Duplicate isAcpSessionKey call

isAcpSessionKey(key) is called twice with the same argument on lines 1180 and 1184. Since the result is pure (string ops only — trim, toLowerCase, startsWith), it's cheap, but caching it in a local variable would make the intent clearer and avoid any future drift if the key value were somehow mutable.

Suggested change

	const resolvedModel = isAcpSessionKey(key)
	? resolveExplicitSessionModelIdentityRef(cfg, entry, subagentRun?.model)
	: resolveSessionModelIdentityRef(cfg, entry, sessionAgentId, subagentRun?.model);
	const modelProvider = resolvedModel?.provider;
	const model = resolvedModel?.model ?? (isAcpSessionKey(key) ? undefined : DEFAULT_MODEL);
	const isAcp = isAcpSessionKey(key);
	const resolvedModel = isAcp
	? resolveExplicitSessionModelIdentityRef(cfg, entry, subagentRun?.model)
	: resolveSessionModelIdentityRef(cfg, entry, sessionAgentId, subagentRun?.model);
	const modelProvider = resolvedModel?.provider;
	const model = resolvedModel?.model ?? (isAcp ? undefined : DEFAULT_MODEL);

Prompt To Fix With AI

This is a comment left during a code review.
Path: src/gateway/session-utils.ts
Line: 1180-1184

Comment:
**Duplicate `isAcpSessionKey` call**

`isAcpSessionKey(key)` is called twice with the same argument on lines 1180 and 1184. Since the result is pure (string ops only — `trim`, `toLowerCase`, `startsWith`), it's cheap, but caching it in a local variable would make the intent clearer and avoid any future drift if the key value were somehow mutable.

```suggestion
  const isAcp = isAcpSessionKey(key);
  const resolvedModel = isAcp
    ? resolveExplicitSessionModelIdentityRef(cfg, entry, subagentRun?.model)
    : resolveSessionModelIdentityRef(cfg, entry, sessionAgentId, subagentRun?.model);
  const modelProvider = resolvedModel?.provider;
  const model = resolvedModel?.model ?? (isAcp ? undefined : DEFAULT_MODEL);
```

How can I resolve this? If you propose a fix, please make it concise.

_{Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!}

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 70f78c9afb

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Preserve explicit modelProvider when runtime model is prefixed

When modelProvider is already stored (for example openrouter) and model contains a vendor prefix (anthropic/...), re-parsing model here overwrites the explicit provider with the prefix provider. Since buildGatewaySessionRow now goes through this helper, wrapper-backed sessions can be reported as direct-provider sessions, which corrupts modelProvider in the sessions list and can skew provider-specific cost/context resolution. Treat the explicit provider as authoritative instead of re-parsing prefixed model strings in this branch.

Useful? React with 👍 / 👎.

[openclaw-barnacle]

This pull request has been automatically marked as stale due to inactivity.
Please add updates or it will be closed.

[clawsweeper]

Codex review: needs real behavior proof before merge.

Summary
The PR changes gateway session-row model resolution so ACP sessions read entry.acp.runtimeOptions.model, avoid default-model fallback when no ACP model is known, and adds session-utils regression tests.

Reproducibility: yes. Source inspection gives a high-confidence current-main path: a gateway sessions.list ACP row with only entry.acp.runtimeOptions.model, or no ACP runtime model, still flows through the generic resolver and default-model fallback.

Real behavior proof
Needs real behavior proof before merge: The PR body provides test commands only, so it still needs redacted terminal output, logs, screenshot/video, or a linked artifact showing after-fix sessions.list behavior before merge. After adding proof, update the PR body; ClawSweeper should re-review automatically. If it does not, ask a maintainer to comment @clawsweeper re-review.

Next step before merge
Contributor or maintainer action remains: rework the branch for current ACP session semantics, fix the provider-preservation regression, and add real after-fix behavior proof.

Security
Cleared: The diff is limited to gateway session serialization and colocated tests, with no concrete security or supply-chain concern found.

Review findings

• [P1] Preserve explicit providers for prefixed models — src/gateway/session-utils.ts:1058-1060

Review details

Best possible solution:

Rework gateway sessions.list rows to avoid default-model fallback for ACP control-plane rows, preserve explicit providers, and align with the current entry.acp-gated ACP identity semantics covered by bridge-session controls.

Do we have a high-confidence way to reproduce the issue?

Yes. Source inspection gives a high-confidence current-main path: a gateway sessions.list ACP row with only entry.acp.runtimeOptions.model, or no ACP runtime model, still flows through the generic resolver and default-model fallback.

Is this the best way to solve the issue?

No. The PR targets the right bug, but it re-parses prefixed model strings even when an explicit provider is stored and needs rework against the current ACP sentinel/runtime metadata behavior.

Full review comments:

• [P1] Preserve explicit providers for prefixed models — src/gateway/session-utils.ts:1058-1060
  When modelProvider is already stored, this branch should treat it as authoritative. Calling parseModelRef() on a prefixed model such as anthropic/claude-haiku-4.5 rewrites an explicit wrapper provider like openrouter to anthropic, so session rows can report the wrong provider and downstream catalog logic can use the wrong model family.
  Confidence: 0.9

Overall correctness: patch is incorrect
Overall confidence: 0.9

Acceptance criteria:

• node scripts/run-vitest.mjs src/gateway/session-utils.test.ts -t "ACP|resolveSessionModelIdentityRef|selected model display"
• node scripts/run-vitest.mjs src/gateway/session-utils.test.ts
• node scripts/crabbox-wrapper.mjs run ... --shell -- "pnpm check:changed"

What I checked:

• pr-scope-and-proof: The PR body says it changes ACP model resolution for gateway session rows and lists only Vitest commands as testing, with no terminal/log/screenshot/live output showing after-fix sessions.list behavior. (70f78c9afb07)
• gateway-sessions-list-path: Current main routes gateway sessions.list through listSessionsFromStoreAsync, which builds rows via buildGatewaySessionRow. (src/gateway/server-methods/sessions.ts:838, b180b8ae4833)
• current-main-generic-model-resolution: resolveSessionModelIdentityRef only reads top-level generic model fields and fallback refs; its type and body do not include entry.acp.runtimeOptions.model. (src/gateway/session-utils.ts:1486, b180b8ae4833)
• current-main-default-fallback: buildGatewaySessionRow still calls the generic resolver for every row and materializes resolvedModel.model ?? DEFAULT_MODEL, so an ACP row without generic model fields can still inherit a configured default model. (src/gateway/session-utils.ts:1710, b180b8ae4833)
• acp-runtime-model-contract: ACP session metadata carries runtimeOptions?: AcpSessionRuntimeOptions, and AcpSessionRuntimeOptions includes model?: string; ACP initialization passes the requested model into runtime options and persists effective runtime options into entry.acp. (src/config/sessions/types.ts:47, b180b8ae4833)
• adjacent-merged-work-not-complete-supersession: Merged ACP sessions work now overlays CLI openclaw sessions model display and gateway agentRuntime, but current gateway row model fields still come from rowModelProvider/rowModel; the adjacent work does not fully replace this PR's gateway model-field fix. (src/gateway/session-utils.ts:1791, b180b8ae4833)

Likely related people:

• efpiva: Authored merged ACP sessions model-display and runtime-metadata work that established the current entry.acp-gated sentinel/runtime overlay pattern adjacent to this gateway row path. (role: recent adjacent sessions/ACP contributor; confidence: high; commits: 207fb9951d67, 983064f5f819, 8d33eccdabbf; files: src/commands/sessions.ts, src/commands/sessions.acp-model-display.test.ts, src/agents/acp-runtime-overlay.ts)
• MonkeyLeeT: Authored the merged change that prefers transcript/live selected model metadata in session rows, which this PR must preserve while adding ACP-specific behavior. (role: adjacent session-list model behavior contributor; confidence: medium; commits: ebb919e311a0; files: src/gateway/session-utils.ts, src/gateway/session-utils.test.ts, src/gateway/server.sessions.gateway-server-sessions-a.test.ts)
• 91wan: Authored merged ACP model/thinking override propagation across the persisted runtimeOptions.model path that the PR wants gateway session rows to read. (role: ACP runtime-options contributor; confidence: medium; commits: bb2b68b34e30; files: src/acp/control-plane/manager.core.ts, src/acp/control-plane/runtime-options.ts, src/config/sessions/types.ts)

Remaining risk / open question:

• The branch predates merged ACP sentinel/runtime metadata work, so the gateway model-field semantics should be aligned with the current entry.acp-gated pattern during rework.
• No tests or live commands were run because this was a read-only review.

Codex review notes: model gpt-5.5, reasoning high; reviewed against b180b8ae4833.

[clawsweeper]

Codex review: needs changes before merge.

What this changes:

The PR updates gateway session model resolution and tests so ACP session rows read entry.acp.runtimeOptions.model and omit default-model fallback when no explicit ACP runtime model is known.

Required change before merge:

This is a narrow, valid gateway bug with a concrete blocking defect in the source PR and clear replacement/rework boundaries.

Review findings:

• [P1] Preserve explicit providers for prefixed models — src/gateway/session-utils.ts:1058-1060

Review details

Best possible solution:

Update the current gateway session-row resolver so ACP rows use explicit ACP runtime metadata when present, leave modelProvider and model absent when the ACP runtime model is unknown, and keep the existing generic-session provider preservation, transcript fallback, and display normalization behavior covered by focused regressions.

Full review comments:

• [P1] Preserve explicit providers for prefixed models — src/gateway/session-utils.ts:1058-1060
  When modelProvider is already stored, this branch should treat it as authoritative. Calling parseModelRef() on a prefixed model such as anthropic/claude-haiku-4.5 rewrites an explicit wrapper provider like openrouter to anthropic, so session rows can report the wrong provider and downstream cost/context logic can use the wrong catalog.
  Confidence: 0.9

Overall correctness: patch is incorrect
Overall confidence: 0.88

Acceptance criteria:

• pnpm test src/gateway/session-utils.test.ts -t "ACP|resolveSessionModelIdentityRef|selected model display"
• pnpm test src/gateway/session-utils.test.ts
• pnpm check:changed in Blacksmith Testbox before handoff

What I checked:

• pr-diff-scope: The PR changes only src/gateway/session-utils.ts and src/gateway/session-utils.test.ts, adding ACP runtime model lookup and regression tests for ACP rows with and without runtime model metadata. (src/gateway/session-utils.ts:1058, 70f78c9afb07)
• current-main-ignores-acp-model-metadata: On current main, resolveSessionModelIdentityRef only accepts generic model fields and does not read entry.acp.runtimeOptions.model; targeted search found no ACP runtime model lookup in src/gateway/session-utils.ts. (src/gateway/session-utils.ts:1204, e46dccb35374)
• current-main-default-fallback: buildGatewaySessionRow still builds resolvedModelIdentity with model: resolvedModel.model ?? DEFAULT_MODEL, so ACP rows without generic model metadata can inherit an unrelated configured default. (src/gateway/session-utils.ts:1420, e46dccb35374)
• acp-runtime-model-persisted-contract: ACP session metadata supports runtimeOptions?: AcpSessionRuntimeOptions, and AcpSessionRuntimeOptions includes model?: string; ACP session initialization passes requested models to the runtime and persists effective runtime options into session metadata. (src/config/sessions/types.ts:47, e46dccb35374)
• blocking-provider-regression: In the PR branch, resolveSessionModelIdentityLiteralWithProvider calls parseModelRef(trimmedModel, trimmedProvider) even when trimmedProvider is explicit; parseModelRef treats the first slash segment as the provider, so modelProvider: "openrouter" plus model: "anthropic/claude-haiku-4.5" becomes provider anthropic. (src/gateway/session-utils.ts:1058, 70f78c9afb07)
• security-review: The diff is limited to gateway session serialization and colocated tests; it does not touch workflows, dependency sources, lockfiles, install/build/release scripts, secrets handling, package metadata, downloaded artifacts, or generated/vendor code. (70f78c9afb07)

Likely related people:

• steipete: Recent current-main commits touched the central session-utils model metadata path and ACP/session-list routing adjacent to this PR. (role: recent maintainer and session-runtime metadata owner; confidence: high; commits: 8d78451e8b4f, e5dc0e6d15ea, 20ed5974957f; files: src/gateway/session-utils.ts, src/gateway/session-utils.test.ts, src/acp/control-plane/manager.core.ts)
• 91wan: Merged ACP Codex model/thinking override propagation touched the same persisted runtimeOptions.model path this PR needs to expose in sessions.list. (role: recent ACP runtime-options contributor; confidence: medium; commits: bb2b68b34e30; files: src/acp/control-plane/manager.core.ts, src/config/sessions/types.ts, extensions/acpx/src/runtime.ts)
• MonkeyLeeT: Merged fix: prefer transcript model in sessions list changed the session-list model identity path that this PR now needs to preserve while adding ACP-specific behavior. (role: adjacent session-list model behavior contributor; confidence: medium; commits: ebb919e311a0; files: src/gateway/session-utils.ts, src/gateway/session-utils.test.ts, src/gateway/server.sessions.gateway-server-sessions-a.test.ts)

Remaining risk / open question:

• The PR branch predates current main's transcript/runtime model selection changes, so a mechanical merge could lose current session-list behavior without a careful rework.
• No tests were run during this read-only review.

Codex review notes: model gpt-5.5, reasoning high; reviewed against e46dccb35374.