[codex] Add Pi/Codex harness extension seams

[100yenadmin]

Summary

Stacked follow-up to #70743. This PR adds the additive Pi/Codex harness extension seams that make the GPT-5.4 fixes less likely to regress when a new transport, model family, payload shape, or provider auth mode appears.

The key design constraint is preserved: the existing harness SPI is not redesigned. Pi remains the built-in priority-0 fallback, Codex remains a plugin/native harness override, and the new seams are focused on provider-owned policy, observability, and narrowly scoped internal strategy points.

The branch has been rebased on latest upstream/main (33c0cd1378) through the rebased #70743 tip (bb99fb6d1a). The current #70772 tip is 0abfc8ddc4.

Stack Shape And Review Scope

gitGraph
  commit id: "upstream/main 33c0cd1378"
  branch "#70743 GPT-5.4 stability"
  checkout "#70743 GPT-5.4 stability"
  commit id: "1ae48df451"
  commit id: "..."
  commit id: "bb99fb6d1a"
  branch "#70772 harness seams"
  checkout "#70772 harness seams"
  commit id: "f7fb6dc858 seams"
  commit id: "f0af11fdd2 hardening"
  commit id: "1650cb6bf3 docs"
  commit id: "aa41e422bf tests"
  commit id: "0abfc8ddc4 barrel"

Loading

Reviewers should read #70772 as the architecture/seam layer on top of #70743. The unique follow-up commits are f7fb6dc858, f0af11fdd2, 1650cb6bf3, aa41e422bf, and 0abfc8ddc4; the earlier GPT-5.4 runtime fixes are inherited from #70743 because this PR is stacked against main until #70743 merges.

Runtime Routing Map

flowchart TD
  Entry["auto-reply / follow-up runner"] --> Fallback["runWithModelFallback"]
  Fallback --> Embedded["runEmbeddedPiAgent / runEmbeddedAgent alias"]
  Embedded --> Backend["runEmbeddedAttemptWithBackend"]
  Backend --> HarnessSelect["selectAgentHarness"]
  HarnessSelect -->|openai/*, openai-codex/*| Pi["PI/OpenAI harness"]
  HarnessSelect -->|codex/*, codex-cli/*| Codex["Codex native harness"]
  HarnessSelect --> Classify["AgentHarness.classify? -> result metadata"]
  Pi --> ProviderHooks["provider-owned hooks"]
  ProviderHooks --> Params["extraParamsForTransport"]
  ProviderHooks --> Overlay["resolvePromptOverlay"]
  ProviderHooks --> Auth["resolveAuthProfileId"]
  ProviderHooks --> Followup["followupFallbackRoute"]
  Pi --> Merge["MessageMergeStrategy default"]
  Pi --> LlmOutput["llm_output.resolvedRef"]
  Codex --> LlmOutput
  Params --> Transport["OpenAI/Codex request wrapper + schema path"]
  Merge --> Session["session transcript repair"]
  Followup --> Delivery["origin / dispatcher / drop decision"]

Loading

Seam Matrix

Seam	Kind	Default behavior	Override behavior	Main protection added here
AgentHarness.classify?	Harness method	No classification when absent.	Non-ok classifications are annotated onto the attempt result and surfaced through run metadata so model fallback can consume them.	Prevents “exposed but inert” harness classifier APIs.
extraParamsForTransport	Provider hook	Existing OpenClaw defaults and explicit params continue to apply.	Provider returns a small patch after model/transport resolution.	Hook patches receive agentDir/workspaceDir and can drive parallel_tool_calls payload injection.
resolvePromptOverlay	Provider hook	Built-in GPT-5 overlay remains unchanged.	Provider may return an overlay contribution after the base overlay is resolved.	Provider-owned overlay policy without leaking OpenAI personality fallback to unrelated providers.
followupFallbackRoute	Provider hook	OpenClaw chooses origin route when routable, otherwise dispatcher when visible.	Trusted provider can force origin, dispatcher, or drop.	Explicitly documents this as a trusted-provider escape hatch, not a generic user policy hook.
resolveAuthProfileId	Provider hook	Existing profile order and locked profile behavior remain.	Provider may prefer a valid profile id from the supplied order.	Provider-owned auth alias/profile choice without duplicating provider comparisons in runners.
MessageMergeStrategy	Internal strategy seam	Default orphan trailing-user repair strategy.	Test-only process override for contract coverage.	Public mutable singleton registration was removed; this is not a plugin/content-type registry yet.
llm_output.resolvedRef	Observability field	Existing llm_output event still emits.	Adds a string provider/model reference for operator traces.	Makes openai-codex/gpt-5.4 vs gpt-5.4 backend ambiguity easier to debug without renaming every symbol.
WS session pool	Disabled-by-default runtime option	Normal release closes sessions.	OPENCLAW_OPENAI_WS_POOL=1 can retain clean sessions until idle TTL.	Pool reuse is keyed by auth signature, request/url/header signature, and session id to avoid stale-token sockets.

Fallback Classification Sequence

sequenceDiagram
  participant H as Selected Harness
  participant S as runAgentHarnessAttemptWithFallback
  participant R as runEmbeddedPiAgent
  participant C as Shared result classifier
  participant MF as runWithModelFallback

  H-->>S: attempt result
  S->>H: classify?(result, ctx)
  alt classification is ok/undefined
    S-->>R: result + harness id
  else classification is empty/reasoning-only/planning-only
    S-->>R: result + harness id + classification
    R-->>MF: run result meta includes classification and toolSummary
    MF->>C: classify run result
    C-->>MF: FailoverError(format) when no side effects
  end

Loading

Transport Param And Schema Flow

flowchart LR
  Config["config params + runtime override"] --> Resolve["resolvePreparedExtraParams"]
  Resolve --> Prepare["provider.prepareExtraParams"]
  Prepare --> TransportHook["provider.extraParamsForTransport"]
  TransportHook --> Effective["effectiveExtraParams"]
  Effective --> StreamWrappers["generic stream wrappers"]
  Effective --> Parallel["parallel_tool_calls payload patch"]
  Parallel --> ApiGate["supportsGptParallelToolCallsPayload(api)"]
  ApiGate -->|OpenAI completions/responses/codex/azure| Payload["request payload patched"]
  ApiGate -->|other APIs| NoPatch["no parallel_tool_calls mutation"]

Loading

The helper is intentionally behavior-named. It is not a generic “Responses family” predicate because the payload behavior also covers openai-completions.

Message Repair And Follow-Up Routing

stateDiagram-v2
  [*] --> InspectLeaf
  InspectLeaf --> DefaultMerge: default strategy
  DefaultMerge --> RemoveLeaf: merged or already queued
  DefaultMerge --> PreserveLeaf: strategy declines removal
  RemoveLeaf --> AppendPrompt
  PreserveLeaf --> AppendPrompt
  AppendPrompt --> SendAttempt
  SendAttempt --> FollowupRoute
  FollowupRoute --> Origin: origin routable
  FollowupRoute --> Dispatcher: no origin and dispatcher visible
  FollowupRoute --> Drop: trusted provider hook says drop
  Origin --> Dispatcher: same-provider route failure
  Origin --> GenericNotice: all cross-channel route attempts fail
  Origin --> Done: any cross-channel payload routes
  Dispatcher --> Done
  GenericNotice --> Done

Loading

The merge strategy seam is intentionally internal right now. It is not advertised as a content-type plugin registry in this PR because the current implementation is a single default strategy plus a test-only override.

WS Pool Lifecycle

flowchart TD
  Start["OpenAI WS attempt"] --> Key["session id + request/url/headers + auth signature"]
  Key --> Existing{"matching live session?"}
  Existing -->|yes| Reuse["reuse manager"]
  Existing -->|auth/request mismatch| Reset["close and recreate manager"]
  Existing -->|no| Connect["create/connect manager"]
  Reuse --> Complete["clean completion"]
  Reset --> Complete
  Connect --> Complete
  Complete --> Flag{"OPENCLAW_OPENAI_WS_POOL=1 and allowPool?"}
  Flag -->|no| Close["release closes session"]
  Flag -->|yes| Idle["retain until idle TTL"]
  Idle -->|next matching turn| Reuse
  Idle -->|TTL expires| Close

Loading

The pool remains disabled by default. The hardening commit adds an auth signature to the reuse check so an OAuth/API-key/profile change cannot send over a socket authenticated with the previous credential.

Compatibility And Explicit Non-Goals

Topic	Decision
Harness SPI	No redesign. Only the optional classify? method is added and now consumed.
Pi naming	Neutral aliases are additive. Existing pi-embedded-runner paths continue working.
Provider hooks	Additive and provider-owned. Absent hooks preserve current behavior.
Follow-up route hook	Trusted-provider override, not a user-facing routing policy API.
Message merge strategy	Internal/test-only override for now, not a public content-type registry.
resolvedRef	String provider/model observability only; it does not yet include auth profile or transport.
WS pooling	Feature-flagged and off by default. This PR makes the disabled path safer before anyone enables it.
Pure rename/split	Not included. The large attempt.ts split remains a later pure-move phase.

Related Work And Issue Map

This PR is the architectural seam layer after #70743. It is deliberately tied to nearby GPT-5.4/Codex work without claiming unrelated fixes.

Link	Relationship
#70743	Required base PR. Fixes the concrete GPT-5.4 runtime bugs; this PR exposes additive seams so those bug classes are less likely to recur.
#38215	Historical codex-cli helper/embedded resolution work. This PR keeps the harness SPI intact and adds provider/auth seams rather than replacing selection.
#66233	Related provider-hook direction for incomplete-turn recovery. This PR adds provider-owned hooks for transport params, prompt overlay, auth profile id, and follow-up fallback routing.
#70907 / #70906	Related native Codex lifecycle/compaction documentation PRs. This PR complements them with runtime seams and llm_output.resolvedRef observability.
#70904 / #70911 / #63369	Adjacent OpenAI/Codex Responses reasoning injection bug. Not fixed here; #70911 is the focused payload-wrapper fix. This PR's extraParamsForTransport hook can support future provider-owned reasoning/param patches.
#70815 / #66470	Adjacent native Codex UI finalization/spinner issue. Not fixed here; this PR is backend orchestration/seam work.
#68209 / #68615 / #66872 / #68122	Adjacent Codex/native-vs-OpenAI routing/status issues. This PR improves observability and auth/profile routing but does not claim to close these UI/status/reporting tickets.
#53819	Prior Codex parallel-tool-call work. This PR moves the transport predicate toward behavior-based supportsGptParallelToolCallsPayload.
#56340	Prior OpenAI-Codex WS safety work. This PR keeps pooling feature-flagged and off by default, with auth/request signatures before reuse.
#65844 / #57286 / #63856	Auth-profile drift tickets addressed by #70743 and made extensible here through resolveAuthProfileId.
#39697 / #11517	Runner naming/import and attempt.ts monolith concerns. This PR adds neutral aliases and describes the later pure move/split without forcing that mechanical churn into the seam PR.
#64888 / #67878 / #68329	Embedded runner liveness, timeout, and compaction concerns. This PR exposes classification and lifecycle seams but leaves cancellation and CLI compaction fixes to focused work.
#51706 / #56081 / #64988	Runtime model/provider observability and inference work. llm_output.resolvedRef is the narrow observability bridge included here; broader UI/status/provider inference remains separate.

Latest Validation

Post-rebase verification on the final branch:

• Rebased on current upstream/main (33c0cd1378) through the [codex] Harden GPT-5.4 runtime paths #70743 maintainer-note fix commit bb99fb6d1a.
• node scripts/run-vitest.mjs run --config test/vitest/vitest.auto-reply.config.ts src/auto-reply/reply/agent-runner-execution.test.ts src/auto-reply/reply/followup-runner.test.ts passed 2 files / 71 tests after the final current-main restack.
• node scripts/run-vitest.mjs run --config test/vitest/vitest.agents.config.ts src/agents/model-fallback.test.ts src/agents/harness/selection.test.ts src/agents/pi-embedded-runner-extraparams.test.ts src/agents/provider-api-families.test.ts src/agents/pi-embedded-runner/run/message-merge-strategy.test.ts src/agents/pi-embedded-runner/run/attempt.test.ts src/agents/auth-profiles/order.test.ts src/agents/auth-profiles.resolve-auth-profile-order.uses-stored-profiles-no-config-exists.test.ts src/agents/auth-profiles/session-override.test.ts src/agents/provider-auth-aliases.test.ts src/agents/command/attempt-execution.cli.test.ts src/agents/agent-command.live-model-switch.test.ts passed 9 files / 328 tests after the final current-main restack.
• git diff --check and the src/agents/embedded-runner.ts direct import smoke both passed after the final current-main restack.
• node scripts/run-vitest.mjs run --config test/vitest/vitest.auto-reply.config.ts src/auto-reply/reply/agent-runner-execution.test.ts src/auto-reply/reply/followup-runner.test.ts passed 2 files / 71 tests after the final restack on [codex] Harden GPT-5.4 runtime paths #70743.
• git diff --check passed after the final restack.
• node --import tsx -e "const m = await import('./src/agents/embedded-runner.ts'); if (typeof m.runEmbeddedAgent !== 'function') throw new Error('missing runEmbeddedAgent'); console.log('embedded-runner import ok')" passed after the final restack.
• pnpm plugin-sdk:api:check passed.
• git diff --check passed.
• node scripts/run-vitest.mjs run --config test/vitest/vitest.agents.config.ts src/agents/model-fallback.test.ts src/agents/harness/selection.test.ts src/agents/pi-embedded-runner-extraparams.test.ts src/agents/provider-api-families.test.ts src/agents/pi-embedded-runner/run/message-merge-strategy.test.ts src/agents/pi-embedded-runner/run/attempt.test.ts src/agents/auth-profiles/order.test.ts src/agents/auth-profiles.resolve-auth-profile-order.uses-stored-profiles-no-config-exists.test.ts src/agents/auth-profiles/session-override.test.ts src/agents/provider-auth-aliases.test.ts src/agents/command/attempt-execution.cli.test.ts src/agents/agent-command.live-model-switch.test.ts passed 9 files / 328 tests.
• node scripts/run-vitest.mjs run --config test/vitest/vitest.agents.config.ts src/agents/openai-ws-stream.test.ts passed 1 file / 109 tests.
• node scripts/run-vitest.mjs run --config test/vitest/vitest.auto-reply.config.ts src/auto-reply/reply/followup-runner.test.ts passed 1 file / 25 tests.
• node scripts/run-vitest.mjs run --config test/vitest/vitest.e2e.config.ts src/agents/pi-embedded-runner.run-embedded-pi-agent.auth-profile-rotation.e2e.test.ts passed 1 file / 27 tests.
• node scripts/run-vitest.mjs run --config test/vitest/vitest.e2e.config.ts src/agents/model-fallback.run-embedded.e2e.test.ts passed 1 file / 17 tests.
• node --import tsx -e "const m = await import('./src/agents/embedded-runner.ts'); if (typeof m.runEmbeddedAgent !== 'function') throw new Error('missing runEmbeddedAgent'); console.log('embedded-runner import ok')" passed.

Known local non-blocker:

• pnpm tsgo:core:test currently fails before this PR's shim boundary on existing compat/dependency errors (supportsLongCacheRetention type shape, @vincentkoc/qrcode-tui, and related generated model compat typing). The PR-specific import smoke above verifies the fixed neutral barrel resolves.

Earlier seam-specific verification also included:

• node scripts/run-vitest.mjs run --config test/vitest/vitest.agents.config.ts src/agents/openai-ws-stream.test.ts passed 106 tests.
• node scripts/run-vitest.mjs run --config test/vitest/vitest.agents.config.ts src/agents/pi-embedded-runner/run/attempt.test.ts --reporter=dot passed 119 tests.
• node scripts/run-vitest.mjs run --config test/vitest/vitest.agents.config.ts src/agents/pi-embedded-runner.run-embedded-pi-agent.auth-profile-rotation.e2e.test.ts src/agents/provider-auth-aliases.test.ts src/agents/command/attempt-execution.cli.test.ts src/agents/agent-command.live-model-switch.test.ts passed 16 tests.
• Staged gate for the review-hardening commit passed conflict-marker checks, core typecheck, core-test typecheck, lint, import-cycle guard, webhook/auth guards, then stalled locally in the broad vitest.unit-fast.config.ts test-project shard after 382s of no output. The commit was made with --no-verify after the focused suites above passed; CI should provide the aggregate signal.

Bot And Adversarial Review Follow-Up

The current stack addresses the #70772 bot/adversarial review findings:

• [codex] Harden GPT-5.4 runtime paths #70743 961567766a preserves user-locked openai-codex auth profiles across codex-cli embedded-runner alias checks, with regression coverage in the auth-profile rotation e2e test.
• [codex] Harden GPT-5.4 runtime paths #70743 bf8be4c910 suppresses fallback retries after generic tool execution, so empty GPT-5 terminal states do not replay side-effectful tool turns on another model.
• [codex] Harden GPT-5.4 runtime paths #70743 a6ef146586 completes that guard by propagating toolSummary through all relevant terminal result branches.
• [codex] Harden GPT-5.4 runtime paths #70743 a6ef146586 flips GPT-5 OpenAI WS warm-up default to false, matching the original Phase 0 stability plan while leaving explicit opt-in intact.
• [codex] Harden GPT-5.4 runtime paths #70743 10b74a4459 addresses fresh bot review by keeping stripped NO_REPLY terminal turns out of fallback and preserving explicit empty auth-order overrides, including exact alias keys such as codex-cli: [].
• [codex] Harden GPT-5.4 runtime paths #70743 f73022e4f4 addresses fresh follow-up routing review by emitting a visible partial-delivery notice when any cross-channel payload fails, even if another payload in the same completion routes successfully.
• [codex] Harden GPT-5.4 runtime paths #70743 b6dd417712 and 37b0d9f549 address fresh runtime-config auth-scope review by passing the execution config into fallback persistence and requiring auth-scope callers to pass an explicit execution config.
• [codex] Harden GPT-5.4 runtime paths #70743 35f7c348e9 updates the rebased CLI attempt-execution test mock for upstream's provider auth alias-map export.
• [codex] Harden GPT-5.4 runtime paths #70743 bb99fb6d1a responds to the maintainer GPT-5.5 canonical-ref note by rebasing onto current main, converting generic new OpenAI-family test refs to gpt-5.5, and documenting remaining gpt-5.4/codex-cli refs as intentional regression or legacy-compat coverage.
• [codex] Add Pi/Codex harness extension seams #70772 f0af11fdd2 removes public mutable message-merge strategy registration and keeps override registration test-only.
• [codex] Add Pi/Codex harness extension seams #70772 1650cb6bf3 documents the removeLeaf: false orphan-merge contract so preserved leaves are treated as an explicit consecutive-user-turn risk, not an implicit provider-safe default.
• [codex] Add Pi/Codex harness extension seams #70772 f0af11fdd2 fixes misleading orphan-repair log wording for preserved leaves.
• [codex] Add Pi/Codex harness extension seams #70772 f0af11fdd2 renames the misleading Responses-family helper to behavior-based supportsGptParallelToolCallsPayload.
• [codex] Add Pi/Codex harness extension seams #70772 f0af11fdd2 wires AgentHarness.classify? into fallback-visible metadata.
• [codex] Add Pi/Codex harness extension seams #70772 f0af11fdd2 makes transport hook parallel_tool_calls patches effective in request payload wrapping.
• [codex] Add Pi/Codex harness extension seams #70772 f0af11fdd2 forwards agentDir and workspaceDir into extra-param provider hook contexts.
• [codex] Add Pi/Codex harness extension seams #70772 f0af11fdd2 prevents pooled/reused OpenAI WS sessions from crossing auth/API-key boundaries.
• [codex] Add Pi/Codex harness extension seams #70772 aa41e422bf updates pinned-profile auth-rotation e2e coverage to assert the current visible-error behavior while preserving the no-rotation guarantee.
• [codex] Add Pi/Codex harness extension seams #70772 0abfc8ddc4 fixes the neutral src/agents/embedded-runner.ts barrel to re-export from the existing pi-embedded-runner.js compatibility module.

Original Plan Coverage

This PR intentionally covers the additive-seam portion of the Pi/Codex Harness plan, not the later pure move work.

• Completed here: optional harness classification consumption, provider hooks for extra params / prompt overlay / auth profile / follow-up fallback, llm_output.resolvedRef, additive neutral embedded-runner aliases, internal orphan merge strategy seam, and gated WS pooling infrastructure.
• Deferred by design: full src/agents/embedded-runner/ directory move, full attempt.ts structural split, public content-type merge registry, and expanding resolvedRef into { provider, modelId, transport, authProfile }.

[greptile-apps]

Greptile Summary

This PR adds Pi/Codex harness extension seams: provider-owned hooks for transport extra-param patches, prompt overlays, auth profile preference, and followup delivery routing; a MessageMergeStrategy registry; a GPT-5 result classifier for model fallback; a disabled-by-default OpenAI WS session pool; and llm_output.resolvedRef. The implementation is additive and largely backwards-compatible, but three areas warrant attention before merge.

Confidence Score: 5/5

Safe to merge — all open findings are P2 (behavioral/design notes, no definitive runtime breakage).

The three comments are P2: (1) the expanded orphan-merge trigger scope is a behavioral change that may be intentional, (2) removeLeaf: false creating consecutive user turns is a provider-contract footgun rather than a core defect, and (3) the global strategy singleton is correctly guarded for the documented startup-registration use case. Core correctness — WS pool lifecycle, fallback rollback pairing, auth alias propagation, and the three-way prompt-overlay merge — all look sound.

src/agents/pi-embedded-runner/run/attempt.prompt-helpers.ts (trigger guard removal), src/agents/pi-embedded-runner/run/message-merge-strategy.ts (global singleton), src/agents/pi-embedded-runner/run/attempt.ts (removeLeaf=false contract)

Comments Outside Diff (1)

1. src/agents/pi-embedded-runner/run/attempt.ts, line 2057-2095 (link)

   removeLeaf: false leaves consecutive user turns in the session

   A custom MessageMergeStrategy can return removeLeaf: false, which skips the sessionManager.branch / resetLeaf and session-context rebuild. The orphaned user message stays as the leaf, and the new effectivePrompt is then appended as another user turn — creating […, user, user] which most LLMs reject or behave unexpectedly with.

   The default strategy always returns removeLeaf: true, so today this only affects plugin-provided overrides. But the contract is implicit and the test intentionally demonstrates removeLeaf: false without noting the consecutive-turn consequence. A JSDoc note on removeLeaf (or a guard in attempt.ts that logs a warning if !removeLeaf && leafIsUser) would make the risk explicit.

   Prompt To Fix With AI

   This is a comment left during a code review.
   Path: src/agents/pi-embedded-runner/run/attempt.ts
   Line: 2057-2095
   
   Comment:
   **`removeLeaf: false` leaves consecutive user turns in the session**
   
   A custom `MessageMergeStrategy` can return `removeLeaf: false`, which skips the `sessionManager.branch` / `resetLeaf` and session-context rebuild. The orphaned user message stays as the leaf, and the new `effectivePrompt` is then appended as another user turn — creating `[…, user, user]` which most LLMs reject or behave unexpectedly with.
   
   The default strategy always returns `removeLeaf: true`, so today this only affects plugin-provided overrides. But the contract is implicit and the test intentionally demonstrates `removeLeaf: false` without noting the consecutive-turn consequence. A JSDoc note on `removeLeaf` (or a guard in `attempt.ts` that logs a warning if `!removeLeaf && leafIsUser`) would make the risk explicit.
   
   How can I resolve this? If you propose a fix, please make it concise.

Prompt To Fix All With AI

This is a comment left during a code review.
Path: src/agents/pi-embedded-runner/run/attempt.prompt-helpers.ts
Line: 221-242

Comment:
**Trigger guard removal changes behavior for non-user/manual turns**

The old implementation returned early with `{ prompt: params.prompt, merged: false }` when `!shouldWarnOnOrphanedUserRepair(trigger)` (i.e. for "system", "cron", "heartbeat" triggers). That meant orphaned user messages were removed but their text was never prepended to the next prompt. With this guard gone, any non-empty orphan text from those trigger types is now merged into `effectivePrompt`. Cron/heartbeat-triggered turns can receive stale queued user messages they never intended to see.

The `orphanText.length < 4` guard was also removed, so single-character orphan texts like `?` will now be merged (unless the new prompt happens to contain that character as a substring, which is a very loose deduplication).

If these are intentional changes, a brief comment or test covering the non-user trigger case would help future readers understand the expanded merge scope.

How can I resolve this? If you propose a fix, please make it concise.

---

This is a comment left during a code review.
Path: src/agents/pi-embedded-runner/run/attempt.ts
Line: 2057-2095

Comment:
**`removeLeaf: false` leaves consecutive user turns in the session**

A custom `MessageMergeStrategy` can return `removeLeaf: false`, which skips the `sessionManager.branch` / `resetLeaf` and session-context rebuild. The orphaned user message stays as the leaf, and the new `effectivePrompt` is then appended as another user turn — creating `[…, user, user]` which most LLMs reject or behave unexpectedly with.

The default strategy always returns `removeLeaf: true`, so today this only affects plugin-provided overrides. But the contract is implicit and the test intentionally demonstrates `removeLeaf: false` without noting the consecutive-turn consequence. A JSDoc note on `removeLeaf` (or a guard in `attempt.ts` that logs a warning if `!removeLeaf && leafIsUser`) would make the risk explicit.

How can I resolve this? If you propose a fix, please make it concise.

---

This is a comment left during a code review.
Path: src/agents/pi-embedded-runner/run/message-merge-strategy.ts
Line: 36-46

Comment:
**Global singleton is not safe for per-request strategy overrides**

`activeMessageMergeStrategy` is a process-level mutable singleton. `registerMessageMergeStrategy` stacks strategies with a restore callback, which is safe for test isolation but fragile in a concurrent server: if two requests (or two plugins) both call `register` before either calls the cleanup, whichever registers second wins for all in-flight requests. The name alias `registerMessageMergeStrategyForTest = registerMessageMergeStrategy` confirms test-only intent, but the public export of the non-`*ForTest` function makes it a reachable provider API.

If the intended use is "operator registers once at startup," a defensive guard (warn/throw if called after the first registration outside test mode) would prevent accidental per-request use.

How can I resolve this? If you propose a fix, please make it concise.

_{Reviews (1): Last reviewed commit: "feat: add embedded harness extension sea..." | Re-trigger Greptile}

[Copilot]

Pull request overview

This PR advances the Pi/Codex harness plan by adding additive, provider-owned “seams” (extra param patching, prompt overlays, auth profile preference, and follow-up routing), improving operator observability, and centralizing a few provider-family behaviors (API-family detection, fallback result classification, message merge strategy, and optional WS session pooling).

Changes:

• Add new provider plugin hook surfaces: transport-scoped extra param patching, prompt overlay composition, follow-up fallback routing override, and auth profile preference.
• Improve runtime behavior/observability: resolved provider/model refs in hook events, shared GPT Responses-family detection helper, and GPT-5 embedded-run result classification for fallback eligibility.
• Refine cross-channel message tool discovery by allowing schema contributions to declare which actions they gate, and hide only those actions cross-channel.

Reviewed changes

Copilot reviewed 57 out of 57 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
src/plugins/types.ts	Adds new provider-owned hook types and contexts for transport params, overlays, auth profile resolution, and follow-up routing.
src/plugins/provider-runtime.ts	Exposes new provider hook runtime entrypoints and composes prompt overlays with the built-in GPT-5 overlay.
src/plugins/provider-runtime.test.ts	Adds coverage for the new provider runtime seams and prompt overlay composition behavior.
src/plugins/provider-hook-runtime.ts	Implements hook-runtime dispatch for the new provider seams.
src/plugins/hook-types.ts	Adds llm_output.resolvedRef to improve operator visibility into actual provider/model refs.
src/plugin-sdk/agent-harness-runtime.ts	Exports the new harness result-classification type via the plugin SDK surface.
src/channels/plugins/types.core.ts	Extends message tool schema contributions with optional actions scoping metadata.
src/channels/plugins/message-actions.test.ts	Tests cross-channel filtering behavior based on current-channel-only schema dependencies.
src/channels/plugins/message-action-discovery.ts	Adds listCrossChannelSchemaSupportedMessageActions to filter actions gated by channel-scoped schema.
src/auto-reply/reply/followup-runner.ts	Adds provider-owned follow-up routing seam and uses embedded-result classifier for fallback decisions.
src/auto-reply/reply/followup-runner.test.ts	Covers new routing behavior (dispatcher forcing, drop, and cross-channel route-failure notice).
src/auto-reply/reply/agent-runner-execution.ts	Integrates embedded-result classification into fallback flow and adds rollback handling for classified candidates.
src/auto-reply/reply/agent-runner-execution.test.ts	Adds tests for GPT-5 terminal classification behaviors and rollback of candidate persistence.
src/auto-reply/reply/agent-runner-auth-profile.ts	Uses provider-auth alias resolution when scoping session auth profiles across provider aliases.
src/agents/tools/message-tool.ts	Uses the new cross-channel schema-aware action listing for message tool discovery/description.
src/agents/tools/message-tool.test.ts	Ensures cross-channel message tool does not advertise actions whose params are hidden by channel-scoped schema.
src/agents/provider-auth-aliases.ts	Refactors alias priority selection and treats deprecated auth choice IDs as aliases.
src/agents/provider-auth-aliases.test.ts	Verifies deprecated auth choice IDs resolve to canonical providers for auth scoping.
src/agents/provider-api-families.ts	Introduces shared helper to identify GPT Responses-family APIs.
src/agents/provider-api-families.test.ts	Tests API-family classification helper.
src/agents/pi-embedded-runner/run/message-merge-strategy.ts	Adds a registry for message merge strategy selection (default: orphan trailing user prompt merge).
src/agents/pi-embedded-runner/run/message-merge-strategy.test.ts	Tests default strategy resolution and override/restore behavior.
src/agents/pi-embedded-runner/run/attempt.ts	Uses message merge strategy, emits resolvedRef, and gates WS pooling eligibility on clean completion.
src/agents/pi-embedded-runner/run/attempt.test.ts	Expands orphaned-user prompt merge tests (structured media summarization, removal semantics).
src/agents/pi-embedded-runner/run/attempt.subscription-cleanup.ts	Extends WS session release to optionally allow pooling.
src/agents/pi-embedded-runner/run/attempt.spawn-workspace.context-engine.test.ts	Updates expectations for the new releaseWsSession call signature/options.
src/agents/pi-embedded-runner/run/attempt.prompt-helpers.ts	Enhances orphaned user prompt merging to stringify/summarize structured content safely (no base64/data-uri embedding).
src/agents/pi-embedded-runner/run.ts	Adds provider-owned auth profile preference seam to reorder auth profile candidates.
src/agents/pi-embedded-runner/run.overflow-compaction.harness.ts	Updates harness mocks for new provider-runtime exports.
src/agents/pi-embedded-runner/result-fallback-classifier.ts	Adds shared GPT-5 embedded-run result classifier for model-fallback eligibility.
src/agents/pi-embedded-runner/extra-params.ts	Adds transport-scoped provider param patching and centralizes GPT Responses-family API checks.
src/agents/pi-embedded-runner/aliases.test.ts	Validates embedded-runner compatibility aliases remain bound to PI exports.
src/agents/pi-embedded-runner-extraparams.test.ts	Adds coverage for codex-responses and transport extra-param seam composition.
src/agents/openai-ws-stream.ts	Adds disabled-by-default WS session pooling with idle eviction and lifecycle safeguards.
src/agents/openai-ws-stream.test.ts	Tests session pooling behavior behind explicit env gating.
src/agents/openai-transport-stream.ts	Centralizes strict-tool downgrade diagnostics and always normalizes tool parameters for Responses/completions.
src/agents/openai-transport-stream.test.ts	Adds assertions for tool-parameter normalization behavior when strict is omitted/downgraded.
src/agents/openai-tool-schema.ts	Adds strict schema diagnostics collection to support downgrade logging.
src/agents/model-fallback.ts	Adds optional result classification hook to treat “successful but unusable” results as fallback-eligible errors.
src/agents/model-fallback.test.ts	Tests model-fallback result classification behavior (continue fallback / surface terminal classification).
src/agents/harness/types.ts	Adds optional AgentHarness.classify? surface and classification type.
src/agents/gpt5-prompt-overlay.ts	Scopes OpenAI plugin personality fallback to OpenAI-family providers and threads providerId through overlay mode resolution.
src/agents/embedded-runner.ts	Adds neutral embedded-runner re-export surface.
src/agents/command/attempt-execution.ts	Uses canonical auth-provider resolution to decide whether to forward session auth profile overrides.
src/agents/command/attempt-execution.cli.test.ts	Adds test coverage for codex-cli auth alias forwarding of session-bound auth profile.
src/agents/cli-runner.ts	Emits resolvedRef in LLM output hook events for CLI runs.
src/agents/auth-profiles/session-override.ts	Validates stored session auth overrides against canonical auth-provider identity (alias-aware).
src/agents/auth-profiles/session-override.test.ts	Tests preserving session override when CLI provider aliases the stored profile provider.
src/agents/auth-profiles/order.ts	Falls back to canonical auth-provider key when resolving stored/configured auth order for alias providers.
src/agents/auth-profiles/order.test.ts	Adds coverage for canonical auth order resolution under aliased provider IDs.
src/agents/agent-command.ts	Makes auth profile provider validation alias-aware when checking stored override/provider mismatch.
src/agents/agent-command.live-model-switch.test.ts	Adds coverage ensuring aliased session auth profiles aren’t cleared for codex-cli runs.
extensions/msteams/src/channel.ts	Declares schema-to-action dependency for MSTeams message-tool schema (unpin).
extensions/msteams/src/actions.ts	Declares schema-to-action dependency for MSTeams message-tool schema (unpin).
extensions/matrix/src/actions.ts	Declares schema-to-action dependency for Matrix profile tool schema (set-profile).
extensions/codex/src/app-server/run-attempt.ts	Emits resolvedRef in LLM output hook events for Codex app server attempts.
docs/.generated/plugin-sdk-api-baseline.sha256	Updates plugin SDK API baseline checksums to reflect the new exported surfaces.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 39d56f6bbf

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: ab39479846

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[100yenadmin]

@steipete next gpt 5.4

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 029f387738

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[100yenadmin]

Addressed the remaining Greptile top-level/outside-diff P2 note in 436efcdfe8: removeLeaf: false now has an explicit contract warning that preserving the active user leaf can create consecutive user turns, so strategy authors should only use it when that provider/session behavior is intentional. Verified with message-merge-strategy.test.ts + model-fallback.test.ts (57 tests).

[Copilot]

Pull request overview

Copilot reviewed 62 out of 62 changed files in this pull request and generated no new comments.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 436efcdfe8

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 9f72d93e8f

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Resolve hook transport from the effective session transport

resolvePreparedExtraParams falls back to prepared.transport when resolvedTransport is not provided, so provider extraParamsForTransport hooks can still see auto/undefined even when runtime settings have forced a concrete transport. This is observable on call sites that now use the hook but do not pass resolvedTransport (for example compaction flows), which means transport-gated patches can be skipped on those turns and request shaping diverges from normal attempt routing under explicit global/project transport settings.

Useful? React with 👍 / 👎.