6ce1058296
* feat: wire codex diagnostics feedback * fix: harden codex diagnostics hints * fix: neutralize codex diagnostics output * fix: tighten codex diagnostics safeguards * fix: bound codex diagnostics feedback output * fix: tighten codex diagnostics throttling * fix: confirm codex diagnostics uploads * docs: clarify codex diagnostics add-on * fix: route diagnostics through core command * fix: tighten diagnostics authorization * fix: pin diagnostics to bundled codex command * fix: limit owner status in plugin commands * fix: scope diagnostics confirmations * fix: scope codex diagnostics cooldowns * fix: harden codex diagnostics ownership scopes * fix: harden diagnostics command trust and display * fix: keep diagnostics command trust internal * fix: clarify diagnostics exec boundary * fix: consume codex diagnostics confirmations atomically * test: include codex diagnostics binding metadata * test: use string codex binding timestamps * fix: keep reserved command trust host-only * fix: harden diagnostics trust and resume hints * wire diagnostics through exec approval * fix: keep diagnostics tests aligned with bundled root trust * fix telegram diagnostics owner auth * route trajectory exports through exec approval * fix trajectory exec command encoding * fix telegram group owner auth * fix export trajectory approval hardening * fix pairing command owner bootstrap * fix telegram owner exec approvals * fix: make diagnostics approval flow pasteable * fix: route native sensitive command followups * fix: invoke diagnostics exports with current cli * fix: refresh exec approval protocol models * fix: list codex diagnostics from thread bindings * fix: fold codex diagnostics into exec approval * fix: preserve diagnostics approval line breaks * docs: clarify diagnostics codex workflow
7.1 KiB
summary, read_when, title
| summary | read_when | title | ||||
|---|---|---|---|---|---|---|
| Export redacted trajectory bundles for debugging an OpenClaw agent session |
|
Trajectory bundles |
Trajectory capture is OpenClaw's per-session flight recorder. It records a
structured timeline for each agent run, then /export-trajectory packages the
current session into a redacted support bundle.
Use it when you need to answer questions like:
- What prompt, system prompt, and tools were sent to the model?
- Which transcript messages and tool calls led to this answer?
- Did the run time out, abort, compact, or hit a provider error?
- Which model, plugins, skills, and runtime settings were active?
- What usage and prompt-cache metadata did the provider return?
If you are filing a broad support report for a live Gateway issue, start with
/diagnostics. Diagnostics collects the
sanitized Gateway bundle and, for OpenAI Codex harness sessions, can also send
Codex feedback to OpenAI servers after approval. Use /export-trajectory when
you specifically need the detailed per-session prompt, tool, and transcript
timeline.
Quick start
Send this in the active session:
/export-trajectory
Alias:
/trajectory
OpenClaw writes the bundle under the workspace:
.openclaw/trajectory-exports/openclaw-trajectory-<session>-<timestamp>/
You can choose a relative output directory name:
/export-trajectory bug-1234
The custom path is resolved inside .openclaw/trajectory-exports/. Absolute
paths and ~ paths are rejected.
Trajectory bundles can contain prompts, model messages, tool schemas, tool results, runtime events, and local paths. The chat slash command therefore runs through exec approval every time. Approve the export once when you intend to create the bundle; do not use allow-all. In group chats, OpenClaw sends the approval prompt and export result to the owner privately instead of posting the trajectory details back to the shared room.
For local inspection or support workflows, you can also run the approved command path directly:
openclaw sessions export-trajectory --session-key "agent:main:telegram:direct:123" --workspace .
Access
Trajectory export is an owner command. The sender must pass the normal command authorization checks and owner checks for the channel.
What gets recorded
Trajectory capture is on by default for OpenClaw agent runs.
Runtime events include:
session.startedtrace.metadatacontext.compiledprompt.submittedmodel.fallback_step, including the source model, next model, failure reason/detail, chain position, and whether fallback advanced, succeeded, or exhausted the chainmodel.completedtrace.artifactssession.ended
Transcript events are also reconstructed from the active session branch:
- user messages
- assistant messages
- tool calls
- tool results
- compactions
- model changes
- labels and custom session entries
Events are written as JSON Lines with this schema marker:
{
"traceSchema": "openclaw-trajectory",
"schemaVersion": 1
}
Bundle files
An exported bundle can contain:
| File | Contents |
|---|---|
manifest.json |
Bundle schema, source files, event counts, and generated file list |
events.jsonl |
Ordered runtime and transcript timeline |
session-branch.json |
Redacted active transcript branch and session header |
metadata.json |
OpenClaw version, OS/runtime, model, config snapshot, plugins, skills, and prompt metadata |
artifacts.json |
Final status, errors, usage, prompt cache, compaction count, assistant text, and tool metadata |
prompts.json |
Submitted prompts and selected prompt-building details |
system-prompt.txt |
Latest compiled system prompt, when captured |
tools.json |
Tool definitions sent to the model, when captured |
manifest.json lists the files present in that bundle. Some files are omitted
when the session did not capture the corresponding runtime data.
Capture location
By default, runtime trajectory events are written beside the session file:
<session>.trajectory.jsonl
OpenClaw also writes a best-effort pointer file beside the session:
<session>.trajectory-path.json
Set OPENCLAW_TRAJECTORY_DIR to store runtime trajectory sidecars in a
dedicated directory:
export OPENCLAW_TRAJECTORY_DIR=/var/lib/openclaw/trajectories
When this variable is set, OpenClaw writes one JSONL file per session id in that directory.
Session maintenance removes trajectory sidecars when their owning session entry is pruned, capped, or evicted by the sessions disk budget. Runtime files outside the sessions directory are removed only when the pointer target still proves it belongs to that session.
Disable capture
Set OPENCLAW_TRAJECTORY=0 before starting OpenClaw:
export OPENCLAW_TRAJECTORY=0
This disables runtime trajectory capture. /export-trajectory can still export
the transcript branch, but runtime-only files such as compiled context,
provider artifacts, and prompt metadata may be missing.
Privacy and limits
Trajectory bundles are designed for support and debugging, not public posting. OpenClaw redacts sensitive values before writing export files:
- credentials and known secret-like payload fields
- image data
- local state paths
- workspace paths, replaced with
$WORKSPACE_DIR - home directory paths, where detected
The exporter also bounds input size:
- runtime sidecar files: 50 MiB
- session files: 50 MiB
- runtime events: 200,000
- total exported events: 250,000
- individual runtime event lines are truncated above 256 KiB
Review bundles before sharing them outside your team. Redaction is best-effort and cannot know every application-specific secret.
Troubleshooting
If the export has no runtime events:
- confirm OpenClaw was started without
OPENCLAW_TRAJECTORY=0 - check whether
OPENCLAW_TRAJECTORY_DIRpoints to a writable directory - run another message in the session, then export again
- inspect
manifest.jsonforruntimeEventCount
If the command rejects the output path:
- use a relative name like
bug-1234 - do not pass
/tmp/...or~/... - keep the export inside
.openclaw/trajectory-exports/
If the export fails with a size error, the session or sidecar exceeded the export safety limits. Start a new session or export a smaller reproduction.