fix(status): reduce deep status manifest scans

[vincentkoc]

Summary

• Reuse the gateway startup plugin metadata snapshot for compatible direct metadata loads so deep status paths avoid repeatedly restatting bundled plugin manifests.
• Carry bundled manifests discovered during plugin discovery into channel catalog metadata instead of rereading plugin roots.
• Cache runtime labels within a single status summary and degrade memory deep status cleanly when local embedding/vector dependencies are unavailable.

Verification

• pnpm test:serial src/plugins/current-plugin-metadata-snapshot.test.ts src/plugins/channel-catalog-registry.test.ts
• pnpm test:serial extensions/memory-core/src/memory/index.test.ts
• pnpm build
• Crabbox synthetic proof: tbx_01kr0a6wr3s6qdrgyphqsx6z1m, Actions run 25475688574
  • status --deep: exit 0, ~5.2s, ~40.8k fs ops
  • memory status --deep: exit 0, ~2.5s
  • gateway trace down to ~512k fs ops from the reported ~3.15M
• Crabbox changed gate: tbx_01kr0at0bvxkqap6r93e29200d, Actions run 25475964101, pnpm check:changed exit 0

[clawsweeper]

Codex review: needs maintainer review before merge.

Summary
The branch reuses plugin metadata snapshots/manifests for status paths, bounds memory file discovery with memorySearch.sync.maxFileScanEntries, limits sessions hydration, caches runtime labels, and adds IO audit scripts, tests, docs, and changelog entries.

Reproducibility: yes. Source inspection of current main shows the session hydration and memory discovery hot paths, and the PR body provides Crabbox IO counts for the affected commands.

Real behavior proof
Not applicable: The external contributor proof gate does not apply to this maintainer PR; the body nevertheless includes terminal-style verification, Crabbox run IDs, and IO counts.

Next step before merge
Maintainer-authored protected draft/dirty PR needs human rebase and config-contract review; there is no narrow automated repair lane to queue from this review.

Security
Cleared: No concrete security or supply-chain regression was found; the new scripts are opt-in local audit tooling and the diff does not alter dependency, workflow, release, package-resolution, or secret-permission surfaces.

Review details

Best possible solution:

Rebase onto current main, preserve the default-discovery snapshot compatibility guard, settle the scan-cap config contract, rerun the targeted tests plus build and changed gate, then merge if maintainer review stays clean.

Do we have a high-confidence way to reproduce the issue?

Yes. Source inspection of current main shows the session hydration and memory discovery hot paths, and the PR body provides Crabbox IO counts for the affected commands.

Is this the best way to solve the issue?

Yes, pending maintainer review. Reusing the current metadata snapshot, carrying bundled manifests forward, and limiting pre-display hydration are narrow fixes, but the branch needs a clean rebase and config approval before it is the best mergeable form.

What I checked:

• Protected maintainer PR state: Provided live context shows authorAssociation=MEMBER, the protected maintainer label, draft=true, mergeable=false, head cbfd1ac, and 33 changed files. (cbfd1ac98e3c)
• Current session command hydrates before limiting: Current main builds full display rows and resolves runtime labels for every matching session entry before selecting the newest rows, matching the PR's stated hot path. (src/commands/sessions.ts:280, 8a66694c5efa)
• PR limits session candidates first: The PR head collects bounded SessionCommandCandidate entries before JSON/display hydration, directly reducing work for large stores. (src/commands/sessions.ts:118, cbfd1ac98e3c)
• Current memory file discovery is uncapped: Current main calls walkDirectory for memory file discovery without a scan-entry budget, so large extraPaths can fan out heavily. (packages/memory-host-sdk/src/host/internal.ts:122, 8a66694c5efa)
• PR adds scan budgeting: The PR head threads maxScanEntries through memory file discovery and reports budget-exhausted or walk-truncated events. (packages/memory-host-sdk/src/host/internal.ts:169, cbfd1ac98e3c)
• Current-main guard to preserve on rebase: Current main has requireDefaultDiscoveryContext coverage for metadata snapshot reuse, including tests rejecting default-discovery reuse for snapshots created with plugin load paths. (src/plugins/current-plugin-metadata-snapshot.test.ts:116, 8a66694c5efa)

Likely related people:

• vincentkoc: Local history and the PR commits point Vincent at the central sessions/status/plugin metadata/memory performance paths, including the current-main adjacent performance commit and this focused follow-up branch. (role: introduced behavior and recent maintainer; confidence: high; commits: 7eaabc0b3bd3, 16d608a4b548, 16c0d566c0bf; files: src/commands/sessions.ts, src/commands/status.summary.ts, src/plugins/plugin-metadata-snapshot.ts)
• shakkernerd: Current main has Shakker's same-day metadata reuse guard work on the snapshot compatibility surface this PR must preserve during rebase. (role: recent adjacent maintainer; confidence: medium; commits: a7cc9e8a56fe, 835b88460600, ee7da913462b; files: src/plugins/current-plugin-metadata-snapshot.ts, src/plugins/current-plugin-metadata-snapshot.test.ts, src/secrets/provider-env-vars.ts)
• Takhoffman: Local history shows Tak's earlier plugin registry reuse scoping work adjacent to the metadata snapshot and gateway-method reuse behavior touched by this PR. (role: adjacent plugin/status maintainer; confidence: medium; commits: c0d4c07b888f; files: src/plugins)

Remaining risk / open question:

• The PR is draft and mergeable=false/dirty, so the current-main metadata reuse guard must be reconciled before merge.
• The new memorySearch.sync.maxFileScanEntries user-facing config default changes indexing scope and needs maintainer config-contract approval.
• The reported Crabbox proof was inspected from the PR body but not rerun during this read-only review.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 8a66694c5efa.

Re-review progress:

• State: Complete
• Detail: The targeted re-review finished, the durable review comment was updated, and the synced verdict was routed.
• Run: https://github.com/openclaw/clawsweeper/actions/runs/25485031649
• Updated: 2026-05-07T08:40:34.326Z